2006-08-14 Mark Wielaard <mark@klomp.org>

       Imported GNU Classpath 0.92
       * HACKING: Add more importing hints. Update automake version
       requirement.

       * configure.ac (gconf-peer): New enable AC argument.
       Add --disable-gconf-peer and --enable-default-preferences-peer
       to classpath configure when gconf is disabled.
       * scripts/makemake.tcl: Set gnu/java/util/prefs/gconf and
       gnu/java/awt/dnd/peer/gtk to bc. Classify
       gnu/java/security/Configuration.java as generated source file.

       * gnu/java/lang/management/VMGarbageCollectorMXBeanImpl.java,
       gnu/java/lang/management/VMMemoryPoolMXBeanImpl.java,
       gnu/java/lang/management/VMClassLoadingMXBeanImpl.java,
       gnu/java/lang/management/VMRuntimeMXBeanImpl.java,
       gnu/java/lang/management/VMMemoryManagerMXBeanImpl.java,
       gnu/java/lang/management/VMThreadMXBeanImpl.java,
       gnu/java/lang/management/VMMemoryMXBeanImpl.java,
       gnu/java/lang/management/VMCompilationMXBeanImpl.java: New VM stub
       classes.
       * java/lang/management/VMManagementFactory.java: Likewise.
       * java/net/VMURLConnection.java: Likewise.
       * gnu/java/nio/VMChannel.java: Likewise.

       * java/lang/Thread.java (getState): Add stub implementation.
       * java/lang/Class.java (isEnum): Likewise.
       * java/lang/Class.h (isEnum): Likewise.

       * gnu/awt/xlib/XToolkit.java (getClasspathTextLayoutPeer): Removed.

       * javax/naming/spi/NamingManager.java: New override for StackWalker
       functionality.

       * configure, sources.am, Makefile.in, gcj/Makefile.in,
       include/Makefile.in, testsuite/Makefile.in: Regenerated.


git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/trunk@116139 138bc75d-0d04-0410-961f-82ee72b054a4

632 files changed, 36472 insertions, 24857 deletions

diff --git a/libjava/classpath/gnu/CORBA/ForwardRequestHelper.java b/libjava/classpath/gnu/CORBA/ForwardRequestHelper.java
index cbdf46f259a..5b77fa03073 100644
--- a/libjava/classpath/gnu/CORBA/ForwardRequestHelper.java
+++ b/libjava/classpath/gnu/CORBA/ForwardRequestHelper.java
@@ -62,11 +62,6 @@ import org.omg.PortableServer.ForwardRequest;
 public abstract class ForwardRequestHelper
 {
   /**
-   * The cached typecode value, computed only once.
-   */
-  private static TypeCode typeCode;
-
-  /**
    * Extract the ForwardRequest from given Any.
    * This method uses the ForwardRequestHolder.
    *
@@ -132,18 +127,14 @@ public abstract class ForwardRequestHelper
    */
   public static TypeCode type()
   {
-    if (typeCode == null)
-      {
-        ORB orb = ORB.init();
-        StructMember[] members = new StructMember[ 1 ];
-
-        TypeCode field;
-
-        field = ObjectHelper.type();
-        members [ 0 ] = new StructMember("forward_reference", field, null);
-        typeCode = orb.create_exception_tc(id(), "ForwardRequest", members);
-      }
-    return typeCode;
+    ORB orb = OrbRestricted.Singleton;
+    StructMember[] members = new StructMember[ 1 ];
+    
+    TypeCode field;
+    
+    field = ObjectHelper.type();
+    members [ 0 ] = new StructMember("forward_reference", field, null);
+    return orb.create_exception_tc(id(), "ForwardRequest", members);
   }
 
   /**
diff --git a/libjava/classpath/gnu/classpath/debug/Simple1LineFormatter.java b/libjava/classpath/gnu/classpath/debug/Simple1LineFormatter.java
index 0bdf22a1950..96573193a9e 100644
--- a/libjava/classpath/gnu/classpath/debug/Simple1LineFormatter.java
+++ b/libjava/classpath/gnu/classpath/debug/Simple1LineFormatter.java
@@ -38,10 +38,11 @@ exception statement from your version. */
 
 package gnu.classpath.debug;
 
-import gnu.classpath.SystemProperties;
+import gnu.java.security.action.GetPropertyAction;
 
 import java.io.PrintWriter;
 import java.io.StringWriter;
+import java.security.AccessController;
 import java.text.DateFormat;
 import java.text.DecimalFormat;
 import java.text.NumberFormat;
@@ -91,20 +92,27 @@ public class Simple1LineFormatter
     extends Formatter
 {
   private static final String DAT_PATTERN = "yyyy-MM-dd HH:mm:ss.SSSS Z ";
-  private static final DateFormat DAT_FORMAT = new SimpleDateFormat(DAT_PATTERN);
   private static final String THREAD_PATTERN = " #########0;-#########0";
-  private static final NumberFormat THREAD_FORMAT = new DecimalFormat(THREAD_PATTERN);
   private static final String SPACES_32 = "                                ";
   private static final String SPACES_6 = "      ";
-  private static final String LS = SystemProperties.getProperty("line.separator");
+  private static final String LS = (String) AccessController.doPrivileged
+    (new GetPropertyAction("line.separator"));
+  private DateFormat dateFormat;
+  private NumberFormat threadFormat;
 
   // default 0-arguments constructor
 
   public String format(LogRecord record)
   {
-    StringBuffer sb = new StringBuffer(180)
-        .append(DAT_FORMAT.format(new Date(record.getMillis())))
-        .append(THREAD_FORMAT.format(record.getThreadID()))
+    if (dateFormat == null)
+      dateFormat = new SimpleDateFormat(DAT_PATTERN);
+
+    if (threadFormat == null)
+      threadFormat = new DecimalFormat(THREAD_PATTERN);
+
+    StringBuilder sb = new StringBuilder(180)
+        .append(dateFormat.format(new Date(record.getMillis())))
+        .append(threadFormat.format(record.getThreadID()))
         .append(" ");
     String s = record.getSourceClassName();
     if (s == null)
diff --git a/libjava/classpath/gnu/classpath/debug/SystemLogger.java b/libjava/classpath/gnu/classpath/debug/SystemLogger.java
index 94aa93f69da..502b488702b 100644
--- a/libjava/classpath/gnu/classpath/debug/SystemLogger.java
+++ b/libjava/classpath/gnu/classpath/debug/SystemLogger.java
@@ -38,7 +38,9 @@ version.  */
 
 package gnu.classpath.debug;
 
-import gnu.classpath.SystemProperties;
+import gnu.java.security.action.GetPropertyAction;
+
+import java.security.AccessController;
 import java.util.StringTokenizer;
 import java.util.logging.Logger;
 
@@ -49,8 +51,8 @@ public final class SystemLogger
   static
   {
     SYSTEM.setFilter (PreciseFilter.GLOBAL);
-
-    String defaults = SystemProperties.getProperty ("gnu.classpath.debug.components");
+    String defaults = (String) AccessController.doPrivileged
+      (new GetPropertyAction("gnu.classpath.debug.components"));
 
     if (defaults != null)
       {
diff --git a/libjava/classpath/gnu/classpath/debug/TeeInputStream.java b/libjava/classpath/gnu/classpath/debug/TeeInputStream.java
new file mode 100644
index 00000000000..ef6b2ed3dc1
--- /dev/null
+++ b/libjava/classpath/gnu/classpath/debug/TeeInputStream.java
@@ -0,0 +1,98 @@
+/* TeeInputStream.java
+   Copyright (C) 2006  Free Software Foundation, Inc.
+
+This file is a part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or (at
+your option) any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; if not, write to the Free Software
+Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under terms
+of your choice, provided that you also meet, for each linked independent
+module, the terms and conditions of the license of that module.  An
+independent module is a module which is not derived from or based on
+this library.  If you modify this library, you may extend this exception
+to your version of the library, but you are not obligated to do so.  If
+you do not wish to do so, delete this exception statement from your
+version.  */
+
+package gnu.classpath.debug;
+
+import java.io.*;
+
+/**
+ * An input stream that copies all its input to a byte sink.
+ *
+ * @author Chris Burdess
+ */
+public class TeeInputStream
+  extends InputStream
+{
+
+  private final InputStream in;
+  private final OutputStream out;
+
+  /**
+   * Constructs a tee input stream.
+   * @param in the underlying input stream
+   * @param out the output sink
+   */
+  public TeeInputStream(InputStream in, OutputStream out)
+  {
+    this.in = in;
+    this.out = out;
+  }
+
+  public int read()
+    throws IOException
+  {
+    int ret = in.read();
+    out.write(ret);
+    out.flush();
+    return ret;
+  }
+
+  public int read(byte[] b, int off, int len)
+    throws IOException
+  {
+    int ret = in.read(b, off, len);
+    if (ret != -1)
+      {
+        out.write(b, off, ret);
+        out.flush();
+      }
+    return ret;
+  }
+
+  public void close()
+    throws IOException
+  {
+    in.close();
+    out.close();
+  }
+
+  public final boolean markSupported()
+  {
+    return false;
+  }
+  
+}
diff --git a/libjava/classpath/gnu/classpath/debug/TeeOutputStream.java b/libjava/classpath/gnu/classpath/debug/TeeOutputStream.java
new file mode 100644
index 00000000000..cff60894a6c
--- /dev/null
+++ b/libjava/classpath/gnu/classpath/debug/TeeOutputStream.java
@@ -0,0 +1,93 @@
+/* TeeOutputStream.java
+   Copyright (C) 2006  Free Software Foundation, Inc.
+
+This file is a part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or (at
+your option) any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; if not, write to the Free Software
+Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under terms
+of your choice, provided that you also meet, for each linked independent
+module, the terms and conditions of the license of that module.  An
+independent module is a module which is not derived from or based on
+this library.  If you modify this library, you may extend this exception
+to your version of the library, but you are not obligated to do so.  If
+you do not wish to do so, delete this exception statement from your
+version.  */
+
+package gnu.classpath.debug;
+
+import java.io.*;
+
+/**
+ * An output stream that copies all its output to an additional byte sink.
+ *
+ * @author Chris Burdess
+ */
+public class TeeOutputStream
+  extends OutputStream
+{
+
+  private final OutputStream out;
+  private final OutputStream sink;
+
+  /**
+   * Constructs a tee output stream.
+   * @param out the underlying output stream
+   * @param sink the output sink
+   */
+  public TeeOutputStream(OutputStream out, OutputStream sink)
+  {
+    this.out = out;
+    this.sink = sink;
+  }
+
+  public void write(int c)
+    throws IOException
+  {
+    out.write(c);
+    sink.write(c);
+  }
+
+  public void write(byte[] b, int off, int len)
+    throws IOException
+  {
+    out.write(b, off, len);
+    sink.write(b, off, len);
+  }
+
+  public void flush()
+    throws IOException
+  {
+    out.flush();
+    sink.flush();
+  }
+
+  public void close()
+    throws IOException
+  {
+    out.close();
+    sink.close();
+  }
+
+}
diff --git a/libjava/classpath/gnu/classpath/debug/TeeReader.java b/libjava/classpath/gnu/classpath/debug/TeeReader.java
new file mode 100644
index 00000000000..8fa742e21a1
--- /dev/null
+++ b/libjava/classpath/gnu/classpath/debug/TeeReader.java
@@ -0,0 +1,98 @@
+/* TeeReader.java
+   Copyright (C) 2006  Free Software Foundation, Inc.
+
+This file is a part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or (at
+your option) any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; if not, write to the Free Software
+Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under terms
+of your choice, provided that you also meet, for each linked independent
+module, the terms and conditions of the license of that module.  An
+independent module is a module which is not derived from or based on
+this library.  If you modify this library, you may extend this exception
+to your version of the library, but you are not obligated to do so.  If
+you do not wish to do so, delete this exception statement from your
+version.  */
+
+package gnu.classpath.debug;
+
+import java.io.*;
+
+/**
+ * A reader that copies all characters read to an output sink.
+ *
+ * @author Chris Burdess
+ */
+public class TeeReader
+  extends Reader
+{
+
+  private final Reader in;
+  private final Writer out;
+
+  /**
+   * Constructs a tee reader.
+   * @param in the input
+   * @param out the output sink
+   */
+  public TeeReader(Reader in, Writer out)
+  {
+    this.in = in;
+    this.out = out;
+  }
+
+  public int read()
+    throws IOException
+  {
+    int ret = in.read();
+    out.write(ret);
+    out.flush();
+    return ret;
+  }
+
+  public int read(char[] b, int off, int len)
+    throws IOException
+  {
+    int ret = in.read(b, off, len);
+    if (ret != -1)
+      {
+        out.write(b, off, ret);
+        out.flush();
+      }
+    return ret;
+  }
+
+  public void close()
+    throws IOException
+  {
+    in.close();
+    out.close();
+  }
+
+  public final boolean markSupported()
+  {
+    return false;
+  }
+  
+}
diff --git a/libjava/classpath/gnu/classpath/debug/TeeWriter.java b/libjava/classpath/gnu/classpath/debug/TeeWriter.java
new file mode 100644
index 00000000000..f226c21658a
--- /dev/null
+++ b/libjava/classpath/gnu/classpath/debug/TeeWriter.java
@@ -0,0 +1,93 @@
+/* TeeWriter.java
+   Copyright (C) 2006  Free Software Foundation, Inc.
+
+This file is a part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or (at
+your option) any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; if not, write to the Free Software
+Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under terms
+of your choice, provided that you also meet, for each linked independent
+module, the terms and conditions of the license of that module.  An
+independent module is a module which is not derived from or based on
+this library.  If you modify this library, you may extend this exception
+to your version of the library, but you are not obligated to do so.  If
+you do not wish to do so, delete this exception statement from your
+version.  */
+
+package gnu.classpath.debug;
+
+import java.io.*;
+
+/**
+ * A writer that copies all its output to an additional character sink.
+ *
+ * @author Chris Burdess
+ */
+public class TeeWriter
+  extends Writer
+{
+
+  private final Writer out;
+  private final Writer sink;
+
+  /**
+   * Constructs a tee writer.
+   * @param out the underlying writer
+   * @param sink the output sink
+   */
+  public TeeWriter(Writer out, Writer sink)
+  {
+    this.out = out;
+    this.sink = sink;
+  }
+
+  public void write(int c)
+    throws IOException
+  {
+    out.write(c);
+    sink.write(c);
+  }
+
+  public void write(char[] b, int off, int len)
+    throws IOException
+  {
+    out.write(b, off, len);
+    sink.write(b, off, len);
+  }
+
+  public void flush()
+    throws IOException
+  {
+    out.flush();
+    sink.flush();
+  }
+
+  public void close()
+    throws IOException
+  {
+    out.close();
+    sink.close();
+  }
+
+}
diff --git a/libjava/classpath/gnu/classpath/jdwp/Jdwp.java b/libjava/classpath/gnu/classpath/jdwp/Jdwp.java
index 7141214ef26..e63a9a353dd 100644
--- a/libjava/classpath/gnu/classpath/jdwp/Jdwp.java
+++ b/libjava/classpath/gnu/classpath/jdwp/Jdwp.java
@@ -56,6 +56,9 @@ import java.util.HashMap;
 /**
  * Main interface from the virtual machine to the JDWP back-end.
  *
+ * The thread created by this class is only used for initialization.
+ * Once it exits, the JDWP backend is fully initialized.
+ *
  * @author Keith Seitz (keiths@redhat.com)
  */
 public class Jdwp
@@ -65,7 +68,8 @@ public class Jdwp
   private static Jdwp _instance = null;
 
   /**
-   * Are we debugging?
+   * Are we debugging? Only true if debugging
+   * *and* initialized.
    */
   public static boolean isDebugging = false;
 
@@ -89,13 +93,16 @@ public class Jdwp
   // A thread group for the JDWP threads
   private ThreadGroup _group;
 
+  // Initialization synchronization
+  private Object _initLock = new Object ();
+  private int _initCount = 0;
+
   /**
    * constructor
    */
   public Jdwp ()
   {
     _shutdown = false;
-    isDebugging = true;
     _instance = this;
   }
 
@@ -271,17 +278,52 @@ public class Jdwp
       }
   }
 
+  /**
+   * Allows subcomponents to specify that they are
+   * initialized.
+   *
+   * Subcomponents include JdwpConnection and PacketProcessor.
+   */
+  public void subcomponentInitialized ()
+  {
+    synchronized (_initLock)
+      {
+	++_initCount;
+	_initLock.notify ();
+      }
+  }
+
   public void run ()
   {
     try
       {
 	_doInitialization ();
+
+	/* We need a little internal synchronization here, so that
+	   when this thread dies, the back-end will be fully initialized,
+	   ready to start servicing the VM and debugger. */
+	synchronized (_initLock)
+	  {
+	    while (_initCount != 2)
+	      _initLock.wait ();
+	  }
+	_initLock = null;
       }
     catch (Throwable t)
       {
 	System.out.println ("Exception in JDWP back-end: " + t);
 	System.exit (1);
       }
+
+    /* Force creation of the EventManager. If the event manager
+       has not been created when isDebugging is set, it is possible
+       that the VM will call Jdwp.notify (which uses EventManager)
+       while the EventManager is being created (or at least this is
+       a problem with gcj/gij). */
+    EventManager.getDefault();
+
+    // Now we are finally ready and initialized
+    isDebugging = true;
   }
 
   // A helper function to process the configure string "-Xrunjdwp:..."
diff --git a/libjava/classpath/gnu/classpath/jdwp/event/BreakpointEvent.java b/libjava/classpath/gnu/classpath/jdwp/event/BreakpointEvent.java
index be429f4873a..abf280d6ec6 100644
--- a/libjava/classpath/gnu/classpath/jdwp/event/BreakpointEvent.java
+++ b/libjava/classpath/gnu/classpath/jdwp/event/BreakpointEvent.java
@@ -62,18 +62,23 @@ public class BreakpointEvent
 
   // Location where breakpoint occurred
   private Location _location;
+  
+  //object instance
+  private Object _instance;
 
   /**
    * Constructs a new BreakpointEvent
    *
    * @param thread  thread in which event occurred
    * @param loc     location where breakpoint occurred
+   * @param instance object instance
    */
-  public BreakpointEvent(Thread thread, Location loc)
+  public BreakpointEvent(Thread thread, Location loc, Object instance)
   {
     super(JdwpConstants.EventKind.BREAKPOINT);
     _thread = thread;
     _location = loc;
+    _instance = instance;
   }
 
   /**
@@ -83,12 +88,14 @@ public class BreakpointEvent
    * @param type  the type of parameter desired
    * @returns the desired parameter or null
    */
-  public Object getParameter(Class type)
+  public Object getParameter(int type)
   {
-    if (type == ThreadId.class)
+    if (type == EVENT_THREAD)
       return _thread;
-    else if (type == Location.class)
+    else if (type == EVENT_LOCATION)
       return _location;
+    else if (type == EVENT_INSTANCE)
+      return _instance;
 
     return null;
   }
diff --git a/libjava/classpath/gnu/classpath/jdwp/event/ClassPrepareEvent.java b/libjava/classpath/gnu/classpath/jdwp/event/ClassPrepareEvent.java
index 22cede0c50a..5341daa42b5 100644
--- a/libjava/classpath/gnu/classpath/jdwp/event/ClassPrepareEvent.java
+++ b/libjava/classpath/gnu/classpath/jdwp/event/ClassPrepareEvent.java
@@ -116,11 +116,11 @@ public class ClassPrepareEvent
    * @param type  the type of parameter desired
    * @returns the desired parameter or <code>null</code>
    */
-  public Object getParameter (Class type)
+  public Object getParameter (int type)
   {
-    if (type == ThreadId.class)
+    if (type == EVENT_THREAD)
       return _thread;
-    else if (type == ReferenceTypeId.class)
+    else if (type == EVENT_CLASS)
       return _class;
 
     return null;
diff --git a/libjava/classpath/gnu/classpath/jdwp/event/ClassUnloadEvent.java b/libjava/classpath/gnu/classpath/jdwp/event/ClassUnloadEvent.java
new file mode 100644
index 00000000000..4ba8bc80666
--- /dev/null
+++ b/libjava/classpath/gnu/classpath/jdwp/event/ClassUnloadEvent.java
@@ -0,0 +1,96 @@
+/* ClassUnloadEvent.java -- event generated when a class is unloaded
+ Copyright (C) 2006 Free Software Foundation, Inc.
+
+ This file is part of GNU Classpath.
+
+ GNU Classpath is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2, or (at your option)
+ any later version.
+
+ GNU Classpath is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with GNU Classpath; see the file COPYING.  If not, write to the
+ Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ 02110-1301 USA.
+
+ Linking this library statically or dynamically with other modules is
+ making a combined work based on this library.  Thus, the terms and
+ conditions of the GNU General Public License cover the whole
+ combination.
+
+ As a special exception, the copyright holders of this library give you
+ permission to link this library with independent modules to produce an
+ executable, regardless of the license terms of these independent
+ modules, and to copy and distribute the resulting executable under
+ terms of your choice, provided that you also meet, for each linked
+ independent module, the terms and conditions of the license of that
+ module.  An independent module is a module which is not derived from
+ or based on this library.  If you modify this library, you may extend
+ this exception to your version of the library, but you are not
+ obligated to do so.  If you do not wish to do so, delete this
+ exception statement from your version. */
+
+
+package gnu.classpath.jdwp.event;
+
+import gnu.classpath.jdwp.JdwpConstants;
+import gnu.classpath.jdwp.VMIdManager;
+import gnu.classpath.jdwp.util.JdwpString;
+
+import java.io.DataOutputStream;
+import java.io.IOException;
+
+/**
+ * "Notification of a class unload in the target VM" -- JDWP 1.4.2
+ * 
+ * @author Kyle Galloway (kgallowa@redhat.com)
+ */
+public class ClassUnloadEvent
+    extends Event
+{
+  //signature directly from VM
+  private String _signature;
+
+  /**
+   * Constructs a new <code>ClassUnloadEvent</code>
+   * 
+   * @param signature the signature reported from the VM
+   */
+  public ClassUnloadEvent(String signature)
+  {
+    super(JdwpConstants.EventKind.CLASS_UNLOAD);
+    _signature = signature;
+  }
+
+  /**
+   * Returns a specific filtering parameter for this event. Class is the only
+   * valid type.
+   * 
+   * @param type the type of parameter desired
+   * @returns the desired parameter or <code>null</code>
+   */
+  public Object getParameter(int type)
+  {
+
+    return null;
+  }
+
+  /**
+   * Writes the event to the given stream
+   * 
+   * @param outStream the output stream to write the event to
+   */
+  protected void _writeData(DataOutputStream outStream) 
+    throws IOException
+  {
+    VMIdManager idm = VMIdManager.getDefault();
+
+    JdwpString.writeString(outStream, _signature);
+  }
+
+}
diff --git a/libjava/classpath/gnu/classpath/jdwp/event/Event.java b/libjava/classpath/gnu/classpath/jdwp/event/Event.java
index 14e5b78fc14..e91108a61a8 100644
--- a/libjava/classpath/gnu/classpath/jdwp/event/Event.java
+++ b/libjava/classpath/gnu/classpath/jdwp/event/Event.java
@@ -54,6 +54,41 @@ import java.io.IOException;
  */
 public abstract class Event
 {
+  /**
+   * The class of the object in which the event occurred
+   */
+  public static final int EVENT_CLASS = 1;
+  
+  /**
+   * The thread where the event occurred
+   */
+  public static final int EVENT_THREAD = 2;
+  
+  /**
+   * The location where an event occurred
+   */
+  public static final int EVENT_LOCATION = 3;
+  
+  /**
+   * The instance of the class where the event occurred
+   */
+  public static final int EVENT_INSTANCE = 4;
+  
+  /**
+   * The field acted on by an event
+   */
+  public static final int EVENT_FIELD = 5;
+
+  /**
+   * The class of the exception for ExceptionEvent
+   */
+  public static final int EVENT_EXCEPTION_CLASS = 6;
+
+  /**
+   * Whether this exception was caught (only valid for ExceptionEvents)
+   */
+  public static final int EVENT_EXCEPTION_CAUGHT = 7;
+  
   // The kind of event represented by this event
   private byte _eventKind;
 
@@ -97,7 +132,7 @@ public abstract class Event
    * @returns the parameter (not the ID) or <code>null</code> if none is
    *          is defined for this event
    */
-  public abstract Object getParameter (Class type);
+  public abstract Object getParameter (int type);
 
   /**
    * Converts this event into to a JDWP packet
diff --git a/libjava/classpath/gnu/classpath/jdwp/event/EventManager.java b/libjava/classpath/gnu/classpath/jdwp/event/EventManager.java
index eb0c3ddb7d2..54a7b08312d 100644
--- a/libjava/classpath/gnu/classpath/jdwp/event/EventManager.java
+++ b/libjava/classpath/gnu/classpath/jdwp/event/EventManager.java
@@ -1,5 +1,5 @@
 /* EventManager.java -- event management and notification infrastructure
-   Copyright (C) 2005 Free Software Foundation
+   Copyright (C) 2005, 2006 Free Software Foundation
 
 This file is part of GNU Classpath.
 
@@ -69,7 +69,7 @@ import java.util.Iterator;
 public class EventManager
 {
   // Single instance
-  private static EventManager _instance = new EventManager ();
+  private static EventManager _instance = null;
 
   // maps event (EVENT_*) to lists of EventRequests
   private Hashtable _requests = null;
@@ -79,8 +79,11 @@ public class EventManager
    *
    * @return the event manager
    */
-  public static EventManager getDefault ()
+  public static EventManager getDefault()
   {
+    if (_instance == null)
+      _instance = new EventManager();
+
     return _instance;
   }
 
diff --git a/libjava/classpath/gnu/classpath/jdwp/event/ExceptionEvent.java b/libjava/classpath/gnu/classpath/jdwp/event/ExceptionEvent.java
new file mode 100644
index 00000000000..1303c09be76
--- /dev/null
+++ b/libjava/classpath/gnu/classpath/jdwp/event/ExceptionEvent.java
@@ -0,0 +1,157 @@
+/* ExceptionEvent.java -- an event specifying an exception has been thrown
+ Copyright (C) 2006 Free Software Foundation, Inc.
+
+ This file is part of GNU Classpath.
+
+ GNU Classpath is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2, or (at your option)
+ any later version.
+
+ GNU Classpath is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with GNU Classpath; see the file COPYING.  If not, write to the
+ Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ 02110-1301 USA.
+
+ Linking this library statically or dynamically with other modules is
+ making a combined work based on this library.  Thus, the terms and
+ conditions of the GNU General Public License cover the whole
+ combination.
+
+ As a special exception, the copyright holders of this library give you
+ permission to link this library with independent modules to produce an
+ executable, regardless of the license terms of these independent
+ modules, and to copy and distribute the resulting executable under
+ terms of your choice, provided that you also meet, for each linked
+ independent module, the terms and conditions of the license of that
+ module.  An independent module is a module which is not derived from
+ or based on this library.  If you modify this library, you may extend
+ this exception to your version of the library, but you are not
+ obligated to do so.  If you do not wish to do so, delete this
+ exception statement from your version. */
+
+
+package gnu.classpath.jdwp.event;
+
+import gnu.classpath.jdwp.JdwpConstants;
+import gnu.classpath.jdwp.VMIdManager;
+import gnu.classpath.jdwp.id.ObjectId;
+import gnu.classpath.jdwp.id.ThreadId;
+import gnu.classpath.jdwp.util.Location;
+
+import java.io.DataOutputStream;
+import java.io.IOException;
+
+/**
+ * Notification from the VM that an exception has occurred along with where it
+ * occurred, and if and where it was caught.
+ * 
+ * @author Kyle Galloway (kgallowa@redhat.com)
+ */
+public class ExceptionEvent
+    extends Event
+{
+  //object instance
+  private Object _instance;
+  
+  // the exception thrown
+  private Throwable _exception;
+
+  // the thread in which the exception occurred
+  private Thread _thread;
+
+  // the location where the exception was thrown
+  private Location _location;
+  
+  //the location where the exception was caught
+  private Location _catchLocation;
+  
+  //the class where the exeption was thrown
+  private Class _klass;
+
+  /**
+   * Constructs a new <code>ExceptionEvent</code> where the exception was
+   * caught.
+   * 
+   * @param exception the throwable object that generated the event
+   * @param thread the thread where the exception occurred
+   * @param location the location where the exception was thrown
+   * @param catchLocation the location where the exception was caught
+   * @param instance the instance that threw the exception
+   */
+  public ExceptionEvent(Throwable exception, Thread thread, Location location,
+                        Location catchLocation, Class clazz, Object instance)
+  {
+    super(JdwpConstants.EventKind.EXCEPTION);
+    _exception = exception;
+    _thread = thread;
+    _location = location;
+    _catchLocation = catchLocation;
+    _klass = clazz;
+    _instance = instance;
+  }
+
+  /**
+   * Returns a specific filtering parameter for this event. Valid types are
+   * thread, location, and catchLocation.
+   * 
+   * @param type the type of parameter desired
+   * @returns the desired parameter or null
+   */
+  public Object getParameter(int type)
+  {
+    if (type == EVENT_THREAD)
+      return _thread;
+    else if (type == EVENT_LOCATION)
+      return _location;
+    else if (type == EVENT_INSTANCE)
+      return _instance;
+    else if (type == EVENT_CLASS)
+      return _klass;
+    else if (type == EVENT_EXCEPTION_CLASS)
+      return _exception.getClass();
+    else if (type == EVENT_EXCEPTION_CAUGHT)
+      if (_catchLocation.getMethod() != null)
+        return new Boolean(true);
+      else
+        return new Boolean(false);
+
+    return null;
+  }
+  
+  /**
+   * Sets the catchLocation, used for exceptions that are caught in different
+   * stack frames from where they are thrown.
+   * 
+   * @param catchLoc the location of the catch
+   */
+  public void setCatchLoc(Location catchLoc)
+  {
+    _catchLocation = catchLoc;
+  }
+
+  /**
+   * Writes the event to the given stream
+   * 
+   * @param outStream the output stream to write the event to
+   * @throws IOException
+   */
+  protected void _writeData(DataOutputStream outStream) 
+    throws IOException
+  {
+    VMIdManager idm = VMIdManager.getDefault();
+    ThreadId tid = (ThreadId) idm.getObjectId(_thread);
+    ObjectId oid = idm.getObjectId(_exception);
+
+    tid.write(outStream);
+    _location.write(outStream);
+    oid.writeTagged(outStream);
+    _catchLocation.write(outStream);
+
+  }
+}
diff --git a/libjava/classpath/gnu/classpath/jdwp/event/MethodEntryEvent.java b/libjava/classpath/gnu/classpath/jdwp/event/MethodEntryEvent.java
new file mode 100644
index 00000000000..40c0516c716
--- /dev/null
+++ b/libjava/classpath/gnu/classpath/jdwp/event/MethodEntryEvent.java
@@ -0,0 +1,118 @@
+/* MethodEntryEvent.java -- an event specifying that a method has been invoked
+ Copyright (C) 2006 Free Software Foundation, Inc.
+
+ This file is part of GNU Classpath.
+
+ GNU Classpath is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2, or (at your option)
+ any later version.
+
+ GNU Classpath is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with GNU Classpath; see the file COPYING.  If not, write to the
+ Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ 02110-1301 USA.
+
+ Linking this library statically or dynamically with other modules is
+ making a combined work based on this library.  Thus, the terms and
+ conditions of the GNU General Public License cover the whole
+ combination.
+
+ As a special exception, the copyright holders of this library give you
+ permission to link this library with independent modules to produce an
+ executable, regardless of the license terms of these independent
+ modules, and to copy and distribute the resulting executable under
+ terms of your choice, provided that you also meet, for each linked
+ independent module, the terms and conditions of the license of that
+ module.  An independent module is a module which is not derived from
+ or based on this library.  If you modify this library, you may extend
+ this exception to your version of the library, but you are not
+ obligated to do so.  If you do not wish to do so, delete this
+ exception statement from your version. */
+
+
+package gnu.classpath.jdwp.event;
+
+import gnu.classpath.jdwp.JdwpConstants;
+import gnu.classpath.jdwp.VMIdManager;
+import gnu.classpath.jdwp.id.ThreadId;
+import gnu.classpath.jdwp.util.Location;
+
+import java.io.DataOutputStream;
+import java.io.IOException;
+
+/**
+ * Notification from the VM that that a method has been invoked
+ * 
+ * @author Kyle Galloway (kgallowa@redhat.com)
+ */
+public class MethodEntryEvent
+    extends Event
+{
+  // The thread where the event occurred
+  private Thread _thread;
+
+  // the location where the event occurred
+  private Location _location;
+
+  //object instance
+  private Object _instance;
+
+  /**
+   * Constructs a new <code>MethodEntryEvent</code>
+   * 
+   * @param thread the thread where the exception occurred
+   * @param location the location single stepped to
+   * @param instance instance from which the method was called
+   */
+  public MethodEntryEvent(Thread thread, Location location, Object instance)
+  {
+    super(JdwpConstants.EventKind.METHOD_ENTRY);
+    _thread = thread;
+    _location = location;
+    _instance = instance;
+  }
+
+  /**
+   * Returns a specific filtering parameter for this event. Valid types are
+   * thread and location
+   * 
+   * @param type the type of parameter desired
+   * @returns the desired parameter or null
+   */
+  public Object getParameter(int type)
+  {
+    if (type == EVENT_THREAD)
+      return _thread;
+    else if (type == EVENT_LOCATION)
+      return _location;
+    else if (type == EVENT_INSTANCE)
+      return _instance;
+    else if (type == EVENT_CLASS)
+      return _instance.getClass();
+
+    return null;
+  }
+
+  /**
+   * Writes the event to the given stream
+   * 
+   * @param outStream the output stream to write the event to
+   * @throws IOException
+   */
+  protected void _writeData(DataOutputStream outStream) 
+    throws IOException
+  {
+    VMIdManager idm = VMIdManager.getDefault();
+    ThreadId tid = (ThreadId) idm.getObjectId(_thread);
+
+    tid.write(outStream);
+    _location.write(outStream);
+  }
+
+}
diff --git a/libjava/classpath/gnu/classpath/jdwp/event/MethodExitEvent.java b/libjava/classpath/gnu/classpath/jdwp/event/MethodExitEvent.java
new file mode 100644
index 00000000000..ce03dd264e2
--- /dev/null
+++ b/libjava/classpath/gnu/classpath/jdwp/event/MethodExitEvent.java
@@ -0,0 +1,115 @@
+/* MethodExitEvent.java -- an event specifying that a method has returned
+ Copyright (C) 2006 Free Software Foundation, Inc.
+
+ This file is part of GNU Classpath.
+
+ GNU Classpath is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2, or (at your option)
+ any later version.
+
+ GNU Classpath is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with GNU Classpath; see the file COPYING.  If not, write to the
+ Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ 02110-1301 USA.
+
+ Linking this library statically or dynamically with other modules is
+ making a combined work based on this library.  Thus, the terms and
+ conditions of the GNU General Public License cover the whole
+ combination.
+
+ As a special exception, the copyright holders of this library give you
+ permission to link this library with independent modules to produce an
+ executable, regardless of the license terms of these independent
+ modules, and to copy and distribute the resulting executable under
+ terms of your choice, provided that you also meet, for each linked
+ independent module, the terms and conditions of the license of that
+ module.  An independent module is a module which is not derived from
+ or based on this library.  If you modify this library, you may extend
+ this exception to your version of the library, but you are not
+ obligated to do so.  If you do not wish to do so, delete this
+ exception statement from your version. */
+
+
+package gnu.classpath.jdwp.event;
+
+import gnu.classpath.jdwp.JdwpConstants;
+import gnu.classpath.jdwp.VMIdManager;
+import gnu.classpath.jdwp.id.ThreadId;
+import gnu.classpath.jdwp.util.Location;
+
+import java.io.DataOutputStream;
+import java.io.IOException;
+
+/**
+ * Notification from the VM that that a method has returned
+ * 
+ * @author Kyle Galloway (kgallowa@redhat.com)
+ */
+public class MethodExitEvent
+    extends Event
+{
+  // The thread where the event occurred
+  private Thread _thread;
+
+  // the location where the event occurred
+  private Location _location;
+
+  // object instance
+  private Object _instance;
+
+  /**
+   * Constructs a new <code>MethodExitEvent</code>
+   * 
+   * @param thread the thread where the exception occurred
+   * @param location the location single stepped to
+   * @param instance the instance from which the method was called
+   */
+  public MethodExitEvent(Thread thread, Location location, Object instance)
+  {
+    super(JdwpConstants.EventKind.METHOD_EXIT);
+    _thread = thread;
+    _location = location;
+    _instance = instance;
+  }
+
+  /**
+   * Returns a specific filtering parameter for this event. Valid types are
+   * thread and location
+   * 
+   * @param type the type of parameter desired
+   * @returns the desired parameter or null
+   */
+  public Object getParameter(int type)
+  {
+    if (type == EVENT_THREAD)
+      return _thread;
+    else if (type == EVENT_LOCATION)
+      return _location;
+    else if (type == EVENT_CLASS)
+      return _instance.getClass();
+
+    return null;
+  }
+
+  /**
+   * Writes the event to the given stream
+   * 
+   * @param outStream the output stream to write the event to
+   * @throws IOException
+   */
+  protected void _writeData(DataOutputStream outStream) 
+    throws IOException
+  {
+    VMIdManager idm = VMIdManager.getDefault();
+    ThreadId tid = (ThreadId) idm.getObjectId(_thread);
+
+    tid.write(outStream);
+    _location.write(outStream);
+  }
+}
diff --git a/libjava/classpath/gnu/classpath/jdwp/event/SingleStepEvent.java b/libjava/classpath/gnu/classpath/jdwp/event/SingleStepEvent.java
new file mode 100644
index 00000000000..cd69dd99d6b
--- /dev/null
+++ b/libjava/classpath/gnu/classpath/jdwp/event/SingleStepEvent.java
@@ -0,0 +1,121 @@
+/* SingleStepEvent.java -- an event specifying that a single step has
+ compleated
+ Copyright (C) 2006 Free Software Foundation, Inc.
+
+ This file is part of GNU Classpath.
+
+ GNU Classpath is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2, or (at your option)
+ any later version.
+
+ GNU Classpath is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with GNU Classpath; see the file COPYING.  If not, write to the
+ Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ 02110-1301 USA.
+
+ Linking this library statically or dynamically with other modules is
+ making a combined work based on this library.  Thus, the terms and
+ conditions of the GNU General Public License cover the whole
+ combination.
+
+ As a special exception, the copyright holders of this library give you
+ permission to link this library with independent modules to produce an
+ executable, regardless of the license terms of these independent
+ modules, and to copy and distribute the resulting executable under
+ terms of your choice, provided that you also meet, for each linked
+ independent module, the terms and conditions of the license of that
+ module.  An independent module is a module which is not derived from
+ or based on this library.  If you modify this library, you may extend
+ this exception to your version of the library, but you are not
+ obligated to do so.  If you do not wish to do so, delete this
+ exception statement from your version. */
+
+
+package gnu.classpath.jdwp.event;
+
+import gnu.classpath.jdwp.JdwpConstants;
+import gnu.classpath.jdwp.VMIdManager;
+import gnu.classpath.jdwp.id.ThreadId;
+import gnu.classpath.jdwp.util.Location;
+
+import java.io.DataOutputStream;
+import java.io.IOException;
+
+
+/**
+ * Notification from the VM that a single step has compleated including the
+ * thread and location stepped to
+ * 
+ * @author Kyle Galloway (kgallowa@redhat.com)
+ */
+public class SingleStepEvent
+    extends Event
+{
+  // the thread where the event occurred
+  private Thread _thread;
+
+  // the location where the event occurred
+  private Location _location;
+
+  //object instance
+  private Object _instance;
+
+  /**
+   * Constructs a new <code>SingleStepEvent</code>
+   * 
+   * @param thread the thread where the exception occurred
+   * @param location the location single stepped to
+   * @param instance the instance in which the single step occurred
+   */
+  public SingleStepEvent(Thread thread, Location location, Object instance)
+  {
+    super(JdwpConstants.EventKind.SINGLE_STEP);
+    _thread = thread;
+    _location = location;
+    _instance = instance;
+  }
+
+  /**
+   * Returns a specific filtering parameter for this event. Valid types are
+   * thread and location
+   * 
+   * @param type the type of parameter desired
+   * @returns the desired parameter or null
+   */
+  public Object getParameter(int type)
+  {
+    if (type == EVENT_THREAD)
+      return _thread;
+    else if (type == EVENT_LOCATION)
+      return _location;
+    else if (type == EVENT_INSTANCE)
+      return _instance;
+    else if (type == EVENT_CLASS)
+      return _instance.getClass();
+
+    return null;
+  }
+
+  /**
+   * Writes the event to the given stream
+   * 
+   * @param outStream the output stream to write the event to
+   * @throws IOException
+   */
+  protected void _writeData(DataOutputStream outStream) 
+    throws IOException
+  {
+    VMIdManager idm = VMIdManager.getDefault();
+    ThreadId tid = (ThreadId) idm.getObjectId(_thread);
+
+    tid.write(outStream);
+    _location.write(outStream);
+  }
+
+}
diff --git a/libjava/classpath/gnu/classpath/jdwp/event/ThreadEndEvent.java b/libjava/classpath/gnu/classpath/jdwp/event/ThreadEndEvent.java
index 768b216de0c..c665428fb6a 100644
--- a/libjava/classpath/gnu/classpath/jdwp/event/ThreadEndEvent.java
+++ b/libjava/classpath/gnu/classpath/jdwp/event/ThreadEndEvent.java
@@ -81,9 +81,9 @@ public class ThreadEndEvent
    * @param type  the type of parameter desired
    * @returns the desired parameter or <code>null</code>
    */
-  public Object getParameter (Class type)
+  public Object getParameter (int type)
   {
-    if (type == ThreadId.class)
+    if (type == EVENT_THREAD)
       return _thread;
 
     return null;
diff --git a/libjava/classpath/gnu/classpath/jdwp/event/ThreadStartEvent.java b/libjava/classpath/gnu/classpath/jdwp/event/ThreadStartEvent.java
index 2fa20791716..f9c507dfb16 100644
--- a/libjava/classpath/gnu/classpath/jdwp/event/ThreadStartEvent.java
+++ b/libjava/classpath/gnu/classpath/jdwp/event/ThreadStartEvent.java
@@ -86,9 +86,9 @@ public class ThreadStartEvent
    * @param type  the type of parameter desired
    * @returns the desired parameter or <code>null</code>
    */
-  public Object getParameter (Class type)
+  public Object getParameter (int type)
   {
-    if (type == ThreadId.class)
+    if (type == EVENT_THREAD)
       return _thread;
 
     return null;
diff --git a/libjava/classpath/gnu/classpath/jdwp/event/VmDeathEvent.java b/libjava/classpath/gnu/classpath/jdwp/event/VmDeathEvent.java
index 160ef6acea1..a729bd47ec0 100644
--- a/libjava/classpath/gnu/classpath/jdwp/event/VmDeathEvent.java
+++ b/libjava/classpath/gnu/classpath/jdwp/event/VmDeathEvent.java
@@ -67,7 +67,7 @@ public class VmDeathEvent
    * @param type  the type of parameter desired
    * @returns the desired parameter or <code>null</code>
    */
-  public Object getParameter (Class type)
+  public Object getParameter (int type)
   {
     return null;
   }
diff --git a/libjava/classpath/gnu/classpath/jdwp/event/VmInitEvent.java b/libjava/classpath/gnu/classpath/jdwp/event/VmInitEvent.java
index dd228e935cf..1ed63b24799 100644
--- a/libjava/classpath/gnu/classpath/jdwp/event/VmInitEvent.java
+++ b/libjava/classpath/gnu/classpath/jdwp/event/VmInitEvent.java
@@ -76,7 +76,7 @@ public class VmInitEvent
    * @param type  the type of parameter desired
    * @returns the desired parameter or <code>null</code>
    */
-  public Object getParameter (Class type)
+  public Object getParameter (int type)
   {
     return null;
   }
diff --git a/libjava/classpath/gnu/classpath/jdwp/event/filters/ClassMatchFilter.java b/libjava/classpath/gnu/classpath/jdwp/event/filters/ClassMatchFilter.java
index 62a3a74fe54..a8984316957 100644
--- a/libjava/classpath/gnu/classpath/jdwp/event/filters/ClassMatchFilter.java
+++ b/libjava/classpath/gnu/classpath/jdwp/event/filters/ClassMatchFilter.java
@@ -41,7 +41,6 @@ package gnu.classpath.jdwp.event.filters;
 
 import gnu.classpath.jdwp.event.Event;
 import gnu.classpath.jdwp.exception.InvalidStringException;
-import gnu.classpath.jdwp.id.ReferenceTypeId;
 
 /**
  * An event filter which includes events matching a 
@@ -91,7 +90,7 @@ public class ClassMatchFilter
    */
   public boolean matches (Event event)
   {
-    Object type = event.getParameter (ReferenceTypeId.class);
+    Object type = event.getParameter (Event.EVENT_CLASS);
     if (type != null)
       {
 	Class eventClass = (Class) type;
diff --git a/libjava/classpath/gnu/classpath/jdwp/event/filters/ClassOnlyFilter.java b/libjava/classpath/gnu/classpath/jdwp/event/filters/ClassOnlyFilter.java
index e4bf06cf961..455cac6c04c 100644
--- a/libjava/classpath/gnu/classpath/jdwp/event/filters/ClassOnlyFilter.java
+++ b/libjava/classpath/gnu/classpath/jdwp/event/filters/ClassOnlyFilter.java
@@ -87,7 +87,7 @@ public class ClassOnlyFilter
    */
   public boolean matches (Event event)
   {
-    Object type = event.getParameter (ReferenceTypeId.class);
+    Object type = event.getParameter (Event.EVENT_CLASS);
     if (type != null)
       {
 	try
diff --git a/libjava/classpath/gnu/classpath/jdwp/event/filters/ExceptionOnlyFilter.java b/libjava/classpath/gnu/classpath/jdwp/event/filters/ExceptionOnlyFilter.java
index cf6c0704daf..8bb56ed78f7 100644
--- a/libjava/classpath/gnu/classpath/jdwp/event/filters/ExceptionOnlyFilter.java
+++ b/libjava/classpath/gnu/classpath/jdwp/event/filters/ExceptionOnlyFilter.java
@@ -1,5 +1,5 @@
-/* ExceptionOnlyFilter.java -- 
-   Copyright (C) 2005 Free Software Foundation
+/* ExceptionOnlyFilter.java -- filter for excetions by caught/uncaught and type
+   Copyright (C) 2005, 2006 Free Software Foundation
 
 This file is part of GNU Classpath.
 
@@ -61,7 +61,7 @@ public class ExceptionOnlyFilter
   /**
    * Constructs a new ExceptionOnlyFilter
    *
-   * @param  refId     ID of the exception to report
+   * @param  refId     ID of the exception to report(null for all exceptions)
    * @param  caught    Report caught exceptions
    * @param  uncaught  Report uncaught exceptions
    * @throws InvalidClassException if refid is invalid
@@ -70,8 +70,8 @@ public class ExceptionOnlyFilter
 			      boolean uncaught)
     throws InvalidClassException
   {
-    if (refId == null || refId.getReference().get () == null)
-      throw new InvalidClassException (refId.getId ());
+    if (refId != null && refId.getReference().get() == null)
+      throw new InvalidClassException(refId.getId());
 
     _refId = refId;
     _caught = caught;
@@ -88,34 +88,36 @@ public class ExceptionOnlyFilter
     return _refId;
   }
 
-  /**
-   * Report caught exceptions?
-   *
-   * @return whether to report caught exceptions
-   */
-  public boolean forCaught ()
-  {
-    return _caught;
-  }
-
-  /**
-   * Report uncaught exceptions?
-   *
-   * @return whether to report uncaught exceptions
-   */
-  public boolean forUncaught ()
-  {
-    return _uncaught;
-  }
-
+  
   /**
    * Does the given event match the filter?
-   *
-   * @param event  the <code>Event</code> to scrutinize
+   * 
+   * @param event the <code>Event</code> to scrutinize
    */
-  public boolean matches (Event event)
+  public boolean matches(Event event)
   {
-    // FIXME
-    throw new RuntimeException ("ExceptionOnlyFilter.matches not implemented");
+    boolean classMatch = true;
+
+    // if not allowing all exceptions check if the exception matches
+    if (_refId != null)
+      {
+        try
+          {
+            Class klass 
+              = (Class) event.getParameter(Event.EVENT_EXCEPTION_CLASS);
+            classMatch = klass == _refId.getType();
+          }
+        catch (InvalidClassException ex)
+          {
+            classMatch = false;
+          }
+      }
+    
+    // check against the caught and uncaught options
+    Boolean caught 
+      = (Boolean) event.getParameter(Event.EVENT_EXCEPTION_CAUGHT);
+
+    return classMatch && ((caught.booleanValue()) ? _caught : _uncaught);
   }
+  
 }
diff --git a/libjava/classpath/gnu/classpath/jdwp/event/filters/InstanceOnlyFilter.java b/libjava/classpath/gnu/classpath/jdwp/event/filters/InstanceOnlyFilter.java
index 130749b4b8a..bda5b27d6c1 100644
--- a/libjava/classpath/gnu/classpath/jdwp/event/filters/InstanceOnlyFilter.java
+++ b/libjava/classpath/gnu/classpath/jdwp/event/filters/InstanceOnlyFilter.java
@@ -89,7 +89,7 @@ public class InstanceOnlyFilter
    */
   public boolean matches (Event event)
   {
-    Object eventInstance = event.getParameter (ObjectId.class);
+    Object eventInstance = event.getParameter (Event.EVENT_INSTANCE);
     if (eventInstance != null)
       {
 	Object myInstance = _instance.getReference().get ();
diff --git a/libjava/classpath/gnu/classpath/jdwp/event/filters/ThreadOnlyFilter.java b/libjava/classpath/gnu/classpath/jdwp/event/filters/ThreadOnlyFilter.java
index 2c7a0f1359e..bc1eab883d3 100644
--- a/libjava/classpath/gnu/classpath/jdwp/event/filters/ThreadOnlyFilter.java
+++ b/libjava/classpath/gnu/classpath/jdwp/event/filters/ThreadOnlyFilter.java
@@ -65,7 +65,7 @@ public class ThreadOnlyFilter
   public ThreadOnlyFilter (ThreadId tid)
     throws InvalidThreadException
   {
-    if (tid.getReference().get () == null)
+    if (tid == null || tid.getReference().get () == null)
       throw new InvalidThreadException (tid.getId ());
 
     _tid = tid;
@@ -88,7 +88,7 @@ public class ThreadOnlyFilter
    */
   public boolean matches (Event event)
   {
-    Object thread = event.getParameter (ThreadId.class);
+    Object thread = event.getParameter (Event.EVENT_THREAD);
     if (thread != null)
       {
 	Thread eventThread = (Thread) thread;
diff --git a/libjava/classpath/gnu/classpath/jdwp/processor/ClassTypeCommandSet.java b/libjava/classpath/gnu/classpath/jdwp/processor/ClassTypeCommandSet.java
index f60da7b7021..a3a7ca05e59 100644
--- a/libjava/classpath/gnu/classpath/jdwp/processor/ClassTypeCommandSet.java
+++ b/libjava/classpath/gnu/classpath/jdwp/processor/ClassTypeCommandSet.java
@@ -106,8 +106,12 @@ public class ClassTypeCommandSet
     Class clazz = refId.getType();
     Class superClazz = clazz.getSuperclass();
 
-    ReferenceTypeId clazzId = idMan.getReferenceTypeId(superClazz);
-    clazzId.write(os);
+    if (superClazz == null) {
+    	os.writeLong(0L);
+    } else {
+    	ReferenceTypeId clazzId = idMan.getReferenceTypeId(superClazz);
+    	clazzId.write(os);
+    }
   }
 
   private void executeSetValues(ByteBuffer bb, DataOutputStream os)
diff --git a/libjava/classpath/gnu/classpath/jdwp/processor/EventRequestCommandSet.java b/libjava/classpath/gnu/classpath/jdwp/processor/EventRequestCommandSet.java
index e4b1b602ef5..59cfb94d39b 100644
--- a/libjava/classpath/gnu/classpath/jdwp/processor/EventRequestCommandSet.java
+++ b/libjava/classpath/gnu/classpath/jdwp/processor/EventRequestCommandSet.java
@@ -147,7 +147,7 @@ public class EventRequestCommandSet
             if (id == 0)
               refId = null;
             else
-              refId = idMan.readReferenceTypeId(bb);
+              refId = idMan.getReferenceType(id);
             boolean caught = (bb.get() == 0) ? false : true;
             boolean unCaught = (bb.get() == 0) ? false : true;
             filter = new ExceptionOnlyFilter(refId, caught, unCaught);
diff --git a/libjava/classpath/gnu/classpath/jdwp/processor/PacketProcessor.java b/libjava/classpath/gnu/classpath/jdwp/processor/PacketProcessor.java
index 9e281f217f2..4df3f472875 100644
--- a/libjava/classpath/gnu/classpath/jdwp/processor/PacketProcessor.java
+++ b/libjava/classpath/gnu/classpath/jdwp/processor/PacketProcessor.java
@@ -1,6 +1,6 @@
 /* PacketProcessor.java -- a thread which processes command packets
    from the debugger
-   Copyright (C) 2005 Free Software Foundation
+   Copyright (C) 2005, 2006 Free Software Foundation
 
 This file is part of GNU Classpath.
 
@@ -137,6 +137,10 @@ public class PacketProcessor
    */
   public Object run ()
   {
+    // Notify initialization thread (gnu.classpath.jdwp.Jdwp) that
+    // the PacketProcessor thread is ready.
+    Jdwp.getDefault().subcomponentInitialized ();
+	
     try
       {
         while (!_shutdown)
@@ -144,7 +148,7 @@ public class PacketProcessor
             _processOnePacket ();
           }
       }
-    catch (IOException ex)
+    catch (Exception ex)
       {
         ex.printStackTrace();
       }
diff --git a/libjava/classpath/gnu/classpath/jdwp/processor/ThreadGroupReferenceCommandSet.java b/libjava/classpath/gnu/classpath/jdwp/processor/ThreadGroupReferenceCommandSet.java
index ba36251f665..103199a2b6e 100644
--- a/libjava/classpath/gnu/classpath/jdwp/processor/ThreadGroupReferenceCommandSet.java
+++ b/libjava/classpath/gnu/classpath/jdwp/processor/ThreadGroupReferenceCommandSet.java
@@ -103,8 +103,12 @@ public class ThreadGroupReferenceCommandSet
     ObjectId oid = idMan.readObjectId(bb);
     ThreadGroup group = (ThreadGroup) oid.getObject();
     ThreadGroup parent = group.getParent();
-    ObjectId parentId = idMan.getObjectId(parent);
-    parentId.write(os);
+    if (parent == null) {
+    	os.writeLong(0L);
+    } else {
+    	ObjectId parentId = idMan.getObjectId(parent);
+    	parentId.write(os);   	
+    }
   }
 
   private void executeChildren(ByteBuffer bb, DataOutputStream os)
diff --git a/libjava/classpath/gnu/classpath/jdwp/transport/JdwpConnection.java b/libjava/classpath/gnu/classpath/jdwp/transport/JdwpConnection.java
index f008bbd00ca..82a2380bb7b 100644
--- a/libjava/classpath/gnu/classpath/jdwp/transport/JdwpConnection.java
+++ b/libjava/classpath/gnu/classpath/jdwp/transport/JdwpConnection.java
@@ -1,5 +1,5 @@
 /* JdwpConnection.java -- A JDWP-speaking connection
-   Copyright (C) 2005 Free Software Foundation
+   Copyright (C) 2005, 2006 Free Software Foundation
 
 This file is part of GNU Classpath.
 
@@ -165,6 +165,10 @@ public class JdwpConnection
    */
   public void run ()
   {
+    // Notify initialization thread (gnu.classpath.jdwp.Jdwp) that
+    // the JdwpConnection thread is ready.
+    Jdwp.getDefault().subcomponentInitialized ();
+
     while (!_shutdown)
       {
 	try
diff --git a/libjava/classpath/gnu/classpath/jdwp/util/Location.java b/libjava/classpath/gnu/classpath/jdwp/util/Location.java
index 005b12c2bb2..89e81e563a1 100644
--- a/libjava/classpath/gnu/classpath/jdwp/util/Location.java
+++ b/libjava/classpath/gnu/classpath/jdwp/util/Location.java
@@ -94,18 +94,40 @@ public class Location
    * @param os stream to write to
    * @throws IOException when an error occurs writing to the stream
    */
-  public void write(DataOutputStream os)
+  public void write(DataOutputStream os) 
     throws IOException
   {
-    VMIdManager idm = VMIdManager.getDefault();
-    ClassReferenceTypeId crti = (ClassReferenceTypeId)
-      idm.getReferenceTypeId(method.getDeclaringClass());
-
-    crti.writeTagged(os);
-    method.writeId(os);
-    os.writeLong(index);
+    // check if this is an empty location
+    if (method != null)
+      {
+        VMIdManager idm = VMIdManager.getDefault();
+        ClassReferenceTypeId crti = 
+          (ClassReferenceTypeId) 
+          idm.getReferenceTypeId(method.getDeclaringClass());
+
+        crti.writeTagged(os);
+        method.writeId(os);
+        os.writeLong(index);
+      }
+    else
+      {
+        os.writeByte(1);
+        os.writeLong((long) 0);
+        os.writeLong((long) 0);
+        os.writeLong((long) 0);
+      }
   }
-
+  
+  /**
+   * Sets up an empty location
+   * 
+   * @return new Location (setup as empty)
+   */
+  public static Location getEmptyLocation()
+  {
+       return new Location(null, 0);
+  }
+   
   /**
    * Gets the method of this location
    * 
diff --git a/libjava/classpath/gnu/java/awt/ClasspathToolkit.java b/libjava/classpath/gnu/java/awt/ClasspathToolkit.java
index 1ec5664dc3e..968cc3b1643 100644
--- a/libjava/classpath/gnu/java/awt/ClasspathToolkit.java
+++ b/libjava/classpath/gnu/java/awt/ClasspathToolkit.java
@@ -1,5 +1,5 @@
 /* ClasspathToolkit.java -- Abstract superclass for Classpath toolkits.
-   Copyright (C) 2003, 2004, 2005  Free Software Foundation, Inc.
+   Copyright (C) 2003, 2004, 2005, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -41,7 +41,6 @@ package gnu.java.awt;
 import gnu.java.awt.EmbeddedWindow;
 import gnu.java.awt.peer.ClasspathFontPeer;
 import gnu.java.awt.peer.EmbeddedWindowPeer;
-import gnu.java.awt.peer.ClasspathTextLayoutPeer;
 import gnu.java.security.action.SetAccessibleAction;
 
 import java.awt.AWTException;
@@ -53,6 +52,7 @@ import java.awt.FontMetrics;
 import java.awt.GraphicsDevice;
 import java.awt.GraphicsEnvironment;
 import java.awt.Image;
+import java.awt.Point;
 import java.awt.Toolkit;
 import java.awt.font.FontRenderContext;
 import java.awt.image.ColorModel;
@@ -120,10 +120,6 @@ public abstract class ClasspathToolkit
    */
   public abstract ClasspathFontPeer getClasspathFontPeer (String name, Map attrs); 
 
-  public abstract ClasspathTextLayoutPeer 
-  getClasspathTextLayoutPeer (AttributedString str, FontRenderContext frc); 
-
-
   /** 
    * Creates a {@link Font}, in a platform-specific manner.
    * 
@@ -193,6 +189,9 @@ public abstract class ClasspathToolkit
    */
   public abstract Font createFont(int format, InputStream stream);
 
+  /**
+   * Creates a RobotPeer on a given GraphicsDevice.
+   */
   public abstract RobotPeer createRobot (GraphicsDevice screen)
     throws AWTException;
 
@@ -206,8 +205,24 @@ public abstract class ClasspathToolkit
 
   /**
    * Used to register ImageIO SPIs provided by the toolkit.
+   *
+   * Our default implementation does nothing.
    */
    public void registerImageIOSpis(IIORegistry reg)
    {
    }
+
+   /**
+    * Returns the number of mouse buttons.
+    * (used by java.awt.MouseInfo).
+    *
+    * This dummy implementation returns -1 (no mouse).
+    * toolkit implementors should overload this method if possible.
+    * @since 1.5
+    */
+   public int getMouseNumberOfButtons() 
+   {
+     return -1;
+   }
 }
+
diff --git a/libjava/classpath/gnu/java/awt/dnd/GtkMouseDragGestureRecognizer.java b/libjava/classpath/gnu/java/awt/dnd/GtkMouseDragGestureRecognizer.java
new file mode 100644
index 00000000000..1f0c3ad2da6
--- /dev/null
+++ b/libjava/classpath/gnu/java/awt/dnd/GtkMouseDragGestureRecognizer.java
@@ -0,0 +1,172 @@
+/* GtkMouseDragGestureRecognizer.java --
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.java.awt.dnd;
+
+import java.awt.Component;
+import java.awt.Point;
+import java.awt.dnd.DnDConstants;
+import java.awt.dnd.DragGestureListener;
+import java.awt.dnd.DragSource;
+import java.awt.dnd.MouseDragGestureRecognizer;
+import java.awt.event.MouseEvent;
+
+public class GtkMouseDragGestureRecognizer
+    extends MouseDragGestureRecognizer
+{
+
+  public GtkMouseDragGestureRecognizer (DragSource ds)
+  {
+    this(ds, null, 0, null);
+  }
+
+  public GtkMouseDragGestureRecognizer (DragSource ds, Component c)
+  {
+    this (ds, c, 0, null);
+  }
+  
+  public GtkMouseDragGestureRecognizer (DragSource ds, Component c, int act)
+  {
+    this(ds, c, act, null);
+  }
+  
+  public GtkMouseDragGestureRecognizer (DragSource ds, Component c, int act,
+                                        DragGestureListener dgl)
+  {
+    super(ds, c, act, dgl);
+  }
+  
+  public void registerListeners ()
+  {
+    super.registerListeners();
+  }
+  
+  public void unregisterListeners ()
+  {
+    super.unregisterListeners();
+  }
+  
+  public void mouseClicked (MouseEvent e)
+  {
+    // Nothing to do here.
+  }
+
+  public void mousePressed (MouseEvent e)
+  {
+    events.clear();
+    if (getDropActionFromEvent(e) != DnDConstants.ACTION_NONE)
+      appendEvent(e);
+  }
+
+  public void mouseReleased (MouseEvent e)
+  {
+    events.clear();
+  }
+
+  public void mouseEntered (MouseEvent e)
+  {
+    events.clear();
+  }
+
+  public void mouseExited(MouseEvent e)
+  {
+    if (!events.isEmpty())
+      if (getDropActionFromEvent(e) == DnDConstants.ACTION_NONE)
+        events.clear();
+  }
+
+  public void mouseDragged(MouseEvent e)
+  {
+    if (!events.isEmpty())
+      {
+        int act = getDropActionFromEvent(e);
+        
+        if (act == DnDConstants.ACTION_NONE)
+          return;
+
+        Point origin = ((MouseEvent) events.get(0)).getPoint();
+        Point current = e.getPoint();
+        int dx = Math.abs(origin.x - current.x);
+        int dy = Math.abs(origin.y - current.y);
+        int threshold = DragSource.getDragThreshold();
+        
+        if (dx > threshold || dy > threshold)
+          fireDragGestureRecognized(act, origin);
+        else
+          appendEvent(e);
+      }
+  }
+  
+  public void mouseMoved (MouseEvent e)
+  {
+    // Nothing to do here.
+  }
+
+  private int getDropActionFromEvent(MouseEvent e)
+  {
+    int modEx = e.getModifiersEx();
+    int buttons =  modEx & (MouseEvent.BUTTON1_DOWN_MASK
+               | MouseEvent.BUTTON2_DOWN_MASK | MouseEvent.BUTTON3_DOWN_MASK);
+    if (!(buttons == MouseEvent.BUTTON1_DOWN_MASK || 
+        buttons == MouseEvent.BUTTON2_DOWN_MASK))
+      return DnDConstants.ACTION_NONE;
+    
+    // Convert modifier to a drop action
+    int sourceActions = getSourceActions();
+    int mod = modEx
+              & (MouseEvent.SHIFT_DOWN_MASK | MouseEvent.CTRL_DOWN_MASK);
+    switch (mod)
+      {
+      case MouseEvent.SHIFT_DOWN_MASK | MouseEvent.CTRL_DOWN_MASK:
+        return DnDConstants.ACTION_LINK & sourceActions;
+      case MouseEvent.CTRL_DOWN_MASK:
+        return DnDConstants.ACTION_COPY & sourceActions;
+      case MouseEvent.SHIFT_DOWN_MASK:
+        return DnDConstants.ACTION_MOVE & sourceActions;
+      default:
+        if ((sourceActions & DnDConstants.ACTION_MOVE) != 0)
+          return DnDConstants.ACTION_MOVE & sourceActions;
+        else if ((sourceActions & DnDConstants.ACTION_COPY) != 0)
+          return DnDConstants.ACTION_COPY & sourceActions;
+        else if ((sourceActions & DnDConstants.ACTION_LINK) != 0)
+          return DnDConstants.ACTION_LINK & sourceActions;
+      }
+
+    return DnDConstants.ACTION_NONE & sourceActions;
+  }
+}
diff --git a/libjava/classpath/gnu/java/awt/dnd/peer/gtk/GtkDragSourceContextPeer.java b/libjava/classpath/gnu/java/awt/dnd/peer/gtk/GtkDragSourceContextPeer.java
new file mode 100644
index 00000000000..4f922982273
--- /dev/null
+++ b/libjava/classpath/gnu/java/awt/dnd/peer/gtk/GtkDragSourceContextPeer.java
@@ -0,0 +1,174 @@
+/* GtkDragSourceContextPeer.java --
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.java.awt.dnd.peer.gtk;
+
+import gnu.java.awt.peer.gtk.GtkGenericPeer;
+
+import java.awt.Component;
+import java.awt.Cursor;
+import java.awt.Image;
+import java.awt.Point;
+import java.awt.dnd.DragGestureEvent;
+import java.awt.dnd.DragSourceContext;
+import java.awt.dnd.DragSourceDragEvent;
+import java.awt.dnd.DragSourceDropEvent;
+import java.awt.dnd.DragSourceEvent;
+import java.awt.dnd.InvalidDnDOperationException;
+import java.awt.dnd.peer.DragSourceContextPeer;
+import java.awt.peer.ComponentPeer;
+import java.awt.peer.LightweightPeer;
+
+public class GtkDragSourceContextPeer
+    extends GtkGenericPeer
+    implements DragSourceContextPeer
+{
+  private ComponentPeer peer;
+  private Cursor cursor;
+  private DragSourceContext context;
+  
+  native void nativeStartDrag(Image i, int x, int y, int action, String target);
+  native void connectSignals(ComponentPeer comp);
+  native void create(ComponentPeer comp);
+  native void nativeSetCursor(int cursor);
+  
+  public GtkDragSourceContextPeer(DragGestureEvent e)
+  {
+    super(e.getComponent());
+    Component comp = e.getComponent();
+    peer = getComponentPeer(comp);
+    
+    create(peer);
+    connectSignals(peer);
+    cursor = comp.getCursor();
+  }
+  
+  ComponentPeer getComponentPeer(Component c)
+  {
+    Component curr = c;
+    while (curr.getPeer() instanceof LightweightPeer)
+      curr = curr.getParent();
+    
+    if (curr != null)
+      return curr.getPeer();
+    return null;
+  }
+  
+  public void startDrag(DragSourceContext context, Cursor c, Image i, Point p)
+      throws InvalidDnDOperationException
+  {   
+    this.context = context;
+    
+    if (p == null)
+      p = new Point();
+    
+    // FIXME: use proper DataFlavor, not "text/plain".
+    // Also, add check to determine if dragging.
+    
+    setCursor(c);
+    nativeStartDrag(i, p.x, p.y, context.getTrigger().getDragAction(),
+                    "text/plain");
+  }
+
+  public Cursor getCursor()
+  {
+    return cursor;
+  }
+
+  public void setCursor(Cursor c) throws InvalidDnDOperationException
+  {
+    if (c != null)
+      {
+        nativeSetCursor(c.getType());
+        cursor = c;
+      }
+  }
+
+  public void transferablesFlavorsChanged()
+  {
+    // Nothing to do here.
+  }
+  
+  /**
+   * Called from native code.
+   */
+
+  public void dragEnter(int action, int modifiers)
+  {
+    context.dragEnter(new DragSourceDragEvent(context, action,
+                                              action
+                                                  & context.getSourceActions(),
+                                              modifiers));
+  }
+
+  public void dragExit(int action, int x, int y)
+  {
+    context.dragExit(new DragSourceEvent(context, x, y));
+  }
+
+  public void dragDropEnd(int action, boolean success, int x, int y)
+  {
+    context.dragDropEnd(new DragSourceDropEvent(context, action, success, x, y));
+  }
+
+  public void dragMouseMoved(int action, int modifiers)
+  {
+    context.dragMouseMoved(new DragSourceDragEvent(context,
+                                                   action,
+                                                   action
+                                                       & context.getSourceActions(),
+                                                   modifiers));
+  }
+
+  public void dragOver(int action, int modifiers)
+  {
+    context.dragOver(new DragSourceDragEvent(context, action,
+                                             action
+                                                 & context.getSourceActions(),
+                                             modifiers));
+  }
+
+  public void dragActionChanged(int newAction, int modifiers)
+  {
+    context.dropActionChanged(new DragSourceDragEvent(context,
+                                                      newAction,
+                                                      newAction
+                                                          & context.getSourceActions(),
+                                                      modifiers));
+  }
+}
diff --git a/libjava/classpath/gnu/java/awt/dnd/peer/gtk/GtkDropTargetContextPeer.java b/libjava/classpath/gnu/java/awt/dnd/peer/gtk/GtkDropTargetContextPeer.java
new file mode 100644
index 00000000000..50cd95d41ad
--- /dev/null
+++ b/libjava/classpath/gnu/java/awt/dnd/peer/gtk/GtkDropTargetContextPeer.java
@@ -0,0 +1,125 @@
+/* GtkDropTargetContextPeer.java --
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.java.awt.dnd.peer.gtk;
+
+import gnu.java.awt.peer.gtk.GtkGenericPeer;
+
+import java.awt.datatransfer.DataFlavor;
+import java.awt.datatransfer.Transferable;
+import java.awt.dnd.DropTarget;
+import java.awt.dnd.InvalidDnDOperationException;
+import java.awt.dnd.peer.DropTargetContextPeer;
+
+public class GtkDropTargetContextPeer
+    extends GtkGenericPeer
+    implements DropTargetContextPeer
+{
+
+  public GtkDropTargetContextPeer()
+  {
+    super(null);
+  }
+  
+  public void setTargetActions(int actions)
+  {
+    // FIXME: Not Implemented
+
+  }
+
+  public int getTargetActions()
+  {
+    // FIXME: Not Implemented
+    return 0;
+  }
+
+  public DropTarget getDropTarget()
+  {
+    // FIXME: Not Implemented
+    return null;
+  }
+
+  public DataFlavor[] getTransferDataFlavors()
+  {
+    // FIXME: Not Implemented
+    return null;
+  }
+
+  public Transferable getTransferable() throws InvalidDnDOperationException
+  {
+    // FIXME: Not Implemented
+    return null;
+  }
+
+  public boolean isTransferableJVMLocal()
+  {
+    // FIXME: Not Implemented
+    return false;
+  }
+
+  public void acceptDrag(int dragAction)
+  {
+    // FIXME: Not Implemented
+
+  }
+
+  public void rejectDrag()
+  {
+    // FIXME: Not Implemented
+
+  }
+
+  public void acceptDrop(int dropAction)
+  {
+    // FIXME: Not Implemented
+
+  }
+
+  public void rejectDrop()
+  {
+    // FIXME: Not Implemented
+
+  }
+
+  public void dropComplete(boolean success)
+  {
+    // FIXME: Not Implemented
+
+  }
+
+}
diff --git a/libjava/classpath/gnu/java/awt/dnd/peer/gtk/GtkDropTargetPeer.java b/libjava/classpath/gnu/java/awt/dnd/peer/gtk/GtkDropTargetPeer.java
new file mode 100644
index 00000000000..88b75ad96ee
--- /dev/null
+++ b/libjava/classpath/gnu/java/awt/dnd/peer/gtk/GtkDropTargetPeer.java
@@ -0,0 +1,68 @@
+/* GtkDropTargetPeer.java --
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.java.awt.dnd.peer.gtk;
+
+import gnu.java.awt.peer.gtk.GtkGenericPeer;
+
+import java.awt.dnd.DropTarget;
+import java.awt.dnd.peer.DropTargetPeer;
+
+public class GtkDropTargetPeer
+    extends GtkGenericPeer
+    implements DropTargetPeer
+{
+
+  public GtkDropTargetPeer()
+  {
+    super(null);
+  }
+  
+  public void addDropTarget(DropTarget target)
+  {
+    // FIXME: Not Implemented
+
+  }
+
+  public void removeDropTarget(DropTarget target)
+  {
+    // FIXME: Not Implemented
+
+  }
+
+}
diff --git a/libjava/classpath/gnu/java/awt/java2d/AbstractGraphics2D.java b/libjava/classpath/gnu/java/awt/java2d/AbstractGraphics2D.java
index f057d8b237d..9d017240d60 100644
--- a/libjava/classpath/gnu/java/awt/java2d/AbstractGraphics2D.java
+++ b/libjava/classpath/gnu/java/awt/java2d/AbstractGraphics2D.java
@@ -39,6 +39,7 @@ package gnu.java.awt.java2d;
 
 import java.awt.AWTError;
 import java.awt.AlphaComposite;
+import java.awt.AWTPermission;
 import java.awt.BasicStroke;
 import java.awt.Color;
 import java.awt.Composite;
@@ -72,6 +73,7 @@ import java.awt.geom.RoundRectangle2D;
 import java.awt.image.BufferedImage;
 import java.awt.image.BufferedImageOp;
 import java.awt.image.ColorModel;
+import java.awt.image.DataBuffer;
 import java.awt.image.ImageObserver;
 import java.awt.image.Raster;
 import java.awt.image.RenderedImage;
@@ -144,7 +146,7 @@ public abstract class AbstractGraphics2D
   /**
    * The transformation for this Graphics2D instance
    */
-  private AffineTransform transform;
+  protected AffineTransform transform;
 
   /**
    * The foreground.
@@ -539,6 +541,15 @@ public abstract class AbstractGraphics2D
    */
   public void setComposite(Composite comp)
   {
+    if (! (comp instanceof AlphaComposite))
+      {
+        // FIXME: this check is only required "if this Graphics2D
+        // context is drawing to a Component on the display screen".
+        SecurityManager sm = System.getSecurityManager();
+        if (sm != null)
+          sm.checkPermission(new AWTPermission("readDisplayPixels"));
+      }
+
     composite = comp;
     if (! (comp.equals(AlphaComposite.SrcOver)))
       isOptimized = false;
@@ -2054,7 +2065,34 @@ public abstract class AbstractGraphics2D
    *
    * @return the destination raster
    */
-  protected abstract WritableRaster getDestinationRaster();
+  protected WritableRaster getDestinationRaster()
+  {
+    // TODO: Ideally we would fetch the xdrawable's surface pixels for
+    // initialization of the raster.
+    Rectangle db = getDeviceBounds();
+    if (destinationRaster == null)
+      {
+        int[] bandMasks = new int[]{ 0xFF0000, 0xFF00, 0xFF };
+        destinationRaster = Raster.createPackedRaster(DataBuffer.TYPE_INT,
+                                                      db.width, db.height,
+                                                      bandMasks, null);
+        // Initialize raster with white.
+        int x0 = destinationRaster.getMinX();
+        int x1 = destinationRaster.getWidth() + x0;
+        int y0 = destinationRaster.getMinY();
+        int y1 = destinationRaster.getHeight() + y0;
+        int numBands = destinationRaster.getNumBands();
+        for (int y = y0; y < y1; y++)
+          {
+            for (int x = x0; x < x1; x++)
+              {
+                for (int b = 0; b < numBands; b++)
+                  destinationRaster.setSample(x, y, b, 255);
+              }
+          }
+      }
+    return destinationRaster;
+  }
 
   /**
    * Notifies the backend that the raster has changed in the specified
diff --git a/libjava/classpath/gnu/java/awt/java2d/CubicSegment.java b/libjava/classpath/gnu/java/awt/java2d/CubicSegment.java
index 1e568f722e7..bf66be870c0 100644
--- a/libjava/classpath/gnu/java/awt/java2d/CubicSegment.java
+++ b/libjava/classpath/gnu/java/awt/java2d/CubicSegment.java
@@ -39,6 +39,7 @@ exception statement from your version. */
 package gnu.java.awt.java2d;
 
 
+import java.awt.geom.CubicCurve2D;
 import java.awt.geom.Point2D;
 
 /**
@@ -78,34 +79,89 @@ public class CubicSegment extends Segment
    */
   public Object clone()
   {
-    return new CubicSegment(P1.getX(), P1.getY(), cp1.getX(), cp1.getY(),
-                            cp2.getX(), cp2.getY(), P2.getX(), P2.getY());
+    CubicSegment segment = null;
+    
+    try
+      {
+        segment = (CubicSegment) super.clone();
+        
+        segment.P1 = (Point2D) P1.clone();
+        segment.P2 = (Point2D) P2.clone();
+        segment.cp1 = (Point2D) cp1.clone();
+        segment.cp2 = (Point2D) cp2.clone();
+      }
+    catch (CloneNotSupportedException cnse)
+      {
+        InternalError ie = new InternalError();
+        ie.initCause(cnse);
+        throw ie;
+      }
+  
+    return segment;
   }
 
   /**
-   * Get the "top" and "bottom" segments of this segment.
-   * First array element is p0 + normal, second is p0 - normal.
+   * Get the "top" and "bottom" segments of this segment. First array element is
+   * p0 + normal, second is p0 - normal.
    */
   public Segment[] getDisplacedSegments(double radius)
   {
+    // It is, apparently, impossible to derive a curve parallel to a bezier
+    // curve (unless it's a straight line), so we have no choice but to
+    // approximate the displaced segments. Similar to FlattenPathIterator.
+
+    Segment segmentTop = null;
+    Segment segmentBottom = null;
     this.radius = radius;
-    double x0 = P1.getX();
-    double y0 = P1.getY();
-    double x1 = cp1.getX();
-    double y1 = cp1.getY();
-    double x2 = cp2.getX();
-    double y2 = cp2.getY();
-    double x3 = P2.getX();
-    double y3 = P2.getY();
-    double[] p1 = normal(x0, y0, x1, y1);
-    double[] p2 = normal(x2, y2, x3, y3);
 
-    
-    // FIXME: Doesn't compile.
-    // return new Segment[]{s1, s2};
-    return new Segment[0];
+    CubicCurve2D[] curves = new CubicCurve2D[10];
+    curves[0] = new CubicCurve2D.Double(P1.getX(), P1.getY(), cp1.getX(),
+                                        cp1.getY(), cp2.getX(), cp2.getY(),
+                                        P2.getX(), P2.getY());
+    int numCurves = 1;
+
+    // Hard-coded a recursion limit of 10 and flatness of 1... should we make
+    // this an option somewhere?
+    while (numCurves > 0)
+      {
+        // The curve is flat enough, or we've reached our recursion limit,
+        // so take the current start/end points and add it as a line segment
+        // to our final approximated curves
+        if (curves[numCurves - 1].getFlatnessSq() <= (radius / 3) || numCurves == 10)
+          {
+            Segment[] displaced = new LineSegment(
+                                                  curves[numCurves - 1].getP1(),
+                                                  curves[numCurves - 1].getP2()).getDisplacedSegments(radius);
+            if (segmentTop == null)
+              {
+                segmentTop = displaced[0];
+                segmentBottom = displaced[1];
+              }
+            else
+              {
+                segmentTop.add(displaced[0]);
+                segmentBottom.add(displaced[1]);
+              }
+            numCurves--;
+          }
+
+        // Otherwise, subdivide again and continue
+        else
+          {
+            CubicCurve2D left = new CubicCurve2D.Double();
+            CubicCurve2D right = new CubicCurve2D.Double();
+            curves[numCurves - 1].subdivide(left, right);
+            curves[numCurves - 1] = right;
+            curves[numCurves] = left;
+            curves[numCurves - 1] = right;
+            curves[numCurves] = left;
+            numCurves++;
+          }
+      }
+
+    return new Segment[] { segmentTop, segmentBottom };
   }
-
+  
   public void reverse()
   {
     Point2D temp = P1;
@@ -116,12 +172,12 @@ public class CubicSegment extends Segment
     cp2 = temp;
   }
 
-  public double[] first()
+  public double[] cp1()
   {
     return new double[]{cp1.getX(), cp1.getY()}; 
   }
 
-  public double[] last()
+  public double[] cp2()
   {
     return new double[]{cp2.getX(), cp2.getY()}; 
   }
diff --git a/libjava/classpath/gnu/java/awt/java2d/LineSegment.java b/libjava/classpath/gnu/java/awt/java2d/LineSegment.java
index 9c0bcc7eae0..0395fd0af7b 100644
--- a/libjava/classpath/gnu/java/awt/java2d/LineSegment.java
+++ b/libjava/classpath/gnu/java/awt/java2d/LineSegment.java
@@ -62,7 +62,22 @@ public class LineSegment extends Segment
    */
   public Object clone()
   {
-    return new LineSegment(P1, P2);
+    LineSegment segment = null;
+    
+    try
+      {
+        segment = (LineSegment) super.clone();
+        segment.P1 = (Point2D) P1.clone();
+        segment.P2 = (Point2D) P2.clone();
+      }
+    catch (CloneNotSupportedException cnse)
+      {
+        InternalError ie = new InternalError();
+        ie.initCause(cnse);
+        throw ie;
+      }
+    
+    return segment;
   }
 
   /**
@@ -91,12 +106,12 @@ public class LineSegment extends Segment
     P2 = p;
   }
 
-  public double[] first()
+  public double[] cp1()
   {
     return new double[]{P2.getX(), P2.getY()}; 
   }
 
-  public double[] last()
+  public double[] cp2()
   {
     return new double[]{P1.getX(), P1.getY()}; 
   }
diff --git a/libjava/classpath/gnu/java/awt/java2d/QuadSegment.java b/libjava/classpath/gnu/java/awt/java2d/QuadSegment.java
index 9c15a8cfda0..5e15fe881d8 100644
--- a/libjava/classpath/gnu/java/awt/java2d/QuadSegment.java
+++ b/libjava/classpath/gnu/java/awt/java2d/QuadSegment.java
@@ -88,8 +88,24 @@ public class QuadSegment extends Segment
    */
   public Object clone()
   {
-    return new QuadSegment(P1.getX(), P1.getY(), cp.getX(), cp.getY(),
-                           P2.getX(), P2.getY());
+    QuadSegment segment = null;
+    
+    try
+      {
+        segment = (QuadSegment) super.clone();
+
+        segment.P1 = (Point2D) P1.clone();
+        segment.P2 = (Point2D) P2.clone();
+        segment.cp = (Point2D) cp.clone();
+      }
+    catch (CloneNotSupportedException cnse)
+      {
+        InternalError ie = new InternalError();
+        ie.initCause(cnse);
+        throw ie;
+      }
+    
+    return segment;
   }
 
   /**
@@ -201,12 +217,12 @@ public class QuadSegment extends Segment
     P2 = p;
   }
 
-  public double[] first()
+  public double[] cp1()
   {
     return new double[]{cp.getX(), cp.getY()}; 
   }
 
-  public double[] last()
+  public double[] cp2()
   {
     return new double[]{cp.getX(), cp.getY()}; 
   }
diff --git a/libjava/classpath/gnu/java/awt/java2d/Segment.java b/libjava/classpath/gnu/java/awt/java2d/Segment.java
index 9a985f6967b..df1f67605d0 100644
--- a/libjava/classpath/gnu/java/awt/java2d/Segment.java
+++ b/libjava/classpath/gnu/java/awt/java2d/Segment.java
@@ -42,24 +42,38 @@ import java.awt.geom.Point2D;
 
 public abstract class Segment implements Cloneable
 {
-  // segment type, PathIterator segment types are used.
+  // Start and end points of THIS segment
   public Point2D P1;
   public Point2D P2;
+  
+  // Segments can be linked together internally as a linked list
+  public Segment first;
   public Segment next;
   public Segment last;
+  
+  // Half the stroke width
   protected double radius;
 
+  /**
+   * Create a new, empty segment
+   */
   public Segment()
   {
     P1 = P2 = null;
+    first = this;
     next = null;
     last = this;
   }
 
+  /**
+   * Add a segment to the polygon
+   * @param newsegment segment to add
+   */
   public void add(Segment newsegment)
   {
+    newsegment.first = first;
     last.next = newsegment;
-    last = last.next;
+    last = last.next.last;
   }
 
   /**
@@ -68,6 +82,7 @@ public abstract class Segment implements Cloneable
   public void reverseAll()
   {
     reverse();
+    first = last;
     Segment v = next;
     Segment former = this;
     next = null;
@@ -91,7 +106,7 @@ public abstract class Segment implements Cloneable
 
   /**
    * Get the normal vector to the slope of the line.
-   * Returns: 0.5*width*(norm of derivative of the (x0,y0)-(x1,y1) vector)
+   * @return vector of length radius, normal to the (x0,y0)-(x1,y1) vector)
    */
   protected double[] normal(double x0, double y0, double x1, double y1)
   {
@@ -117,6 +132,9 @@ public abstract class Segment implements Cloneable
     return new double[]{ dx, dy };
   }
 
+  /**
+   * Reverse the current segment
+   */
   public abstract void reverse();
 
   /**
@@ -125,7 +143,16 @@ public abstract class Segment implements Cloneable
    */
   public abstract Segment[] getDisplacedSegments(double radius);
 
-  public abstract double[] first();
-  public abstract double[] last();
+  /**
+   * Returns the coordinates of the first control point, or the start point
+   * for a line segment.
+   */
+  public abstract double[] cp1();
+  
+  /**
+   * Returns the coordinates of the second control point, or the end point
+   * for a line segment.
+   */
+  public abstract double[] cp2();
 
 }
diff --git a/libjava/classpath/gnu/java/awt/peer/ClasspathFontPeer.java b/libjava/classpath/gnu/java/awt/peer/ClasspathFontPeer.java
index 78ab3a9de21..dad7bb0b08f 100644
--- a/libjava/classpath/gnu/java/awt/peer/ClasspathFontPeer.java
+++ b/libjava/classpath/gnu/java/awt/peer/ClasspathFontPeer.java
@@ -145,7 +145,8 @@ public abstract class ClasspathFontPeer
             uname.equals ("SERIF") ||
             uname.equals ("MONOSPACED") ||
             uname.equals ("DIALOG") ||
-            uname.equals ("DIALOGINPUT"));
+            uname.equals ("DIALOGINPUT") ||
+            uname.equals ("DEFAULT"));
   }
 
   protected static String logicalFontNameToFaceName (String name)
@@ -161,6 +162,8 @@ public abstract class ClasspathFontPeer
       return "Helvetica";
     else if (uname.equals ("DIALOGINPUT"))
       return "Helvetica";
+    else if (uname.equals ("DEFAULT"))
+      return "Dialog.plain";
     else
       return "Helvetica";
   }
@@ -233,7 +236,7 @@ public abstract class ClasspathFontPeer
       family = (String) attribs.get (TextAttribute.FAMILY);
 
     if (name == null)
-      name = "SansSerif";
+      name = "Default";
 
     if (attribs.containsKey (TextAttribute.WEIGHT))
       {
diff --git a/libjava/classpath/gnu/java/awt/peer/ClasspathTextLayoutPeer.java b/libjava/classpath/gnu/java/awt/peer/ClasspathTextLayoutPeer.java
deleted file mode 100644
index 70df2ef74ef..00000000000
--- a/libjava/classpath/gnu/java/awt/peer/ClasspathTextLayoutPeer.java
+++ /dev/null
@@ -1,104 +0,0 @@
-/* ClasspathTextLayoutPeer.java
-   Copyright (C) 2003 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package gnu.java.awt.peer;
-
-import java.awt.Graphics2D;
-import java.awt.Shape;
-import java.awt.font.TextHitInfo;
-import java.awt.font.TextLayout;
-import java.awt.geom.AffineTransform;
-import java.awt.geom.Rectangle2D;
-
-/**
- * @author Graydon Hoare
- */
-
-public interface ClasspathTextLayoutPeer
-{
-  TextHitInfo getStrongCaret (TextHitInfo hit1, 
-                              TextHitInfo hit2);
-
-  void draw (Graphics2D g2, float x, float y);
-
-  byte getBaseline ();
-
-  boolean isLeftToRight ();
-  boolean isVertical ();
-
-  float getAdvance ();
-  float getAscent ();
-  float getDescent ();
-  float getLeading ();
-
-  int getCharacterCount ();
-  byte getCharacterLevel (int index);
-
-  float[] getBaselineOffsets ();
-  Shape getBlackBoxBounds (int firstEndpoint, int secondEndpoint);
-  Rectangle2D getBounds ();
-
-  float[] getCaretInfo (TextHitInfo hit, Rectangle2D bounds);
-  Shape getCaretShape (TextHitInfo hit, Rectangle2D bounds);
-  Shape[] getCaretShapes (int offset, Rectangle2D bounds,
-                          TextLayout.CaretPolicy policy);
-
-  Shape getLogicalHighlightShape (int firstEndpoint, int secondEndpoint,
-                                  Rectangle2D bounds);
-  int[] getLogicalRangesForVisualSelection (TextHitInfo firstEndpoint,
-                                            TextHitInfo secondEndpoint);
-
-  TextHitInfo getNextLeftHit (int offset, TextLayout.CaretPolicy policy);
-  TextHitInfo getNextRightHit (int offset, TextLayout.CaretPolicy policy);
-  TextHitInfo hitTestChar (float x, float y, Rectangle2D bounds);
-  TextHitInfo getVisualOtherHit (TextHitInfo hit);
-
-  float getVisibleAdvance ();
-  Shape getOutline (AffineTransform tx);
-  Shape getVisualHighlightShape (TextHitInfo firstEndpoint,
-                                 TextHitInfo secondEndpoint,
-                                 Rectangle2D bounds);
-
-  TextLayout getJustifiedLayout (float justificationWidth);
-  void handleJustify (float justificationWidth);
-
-  Object clone ();
-  int hashCode ();
-  boolean equals (ClasspathTextLayoutPeer tl);
-  String toString ();
-}
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/BufferedImageGraphics.java b/libjava/classpath/gnu/java/awt/peer/gtk/BufferedImageGraphics.java
index d9d300d9103..6a74eabc5d6 100644
--- a/libjava/classpath/gnu/java/awt/peer/gtk/BufferedImageGraphics.java
+++ b/libjava/classpath/gnu/java/awt/peer/gtk/BufferedImageGraphics.java
@@ -40,10 +40,8 @@ package gnu.java.awt.peer.gtk;
 
 import java.awt.Color;
 import java.awt.Graphics;
-import java.awt.Graphics2D;
 import java.awt.GraphicsConfiguration;
 import java.awt.Image;
-import java.awt.Point;
 import java.awt.Rectangle;
 import java.awt.Shape;
 import java.awt.font.GlyphVector;
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/CairoGraphics2D.java b/libjava/classpath/gnu/java/awt/peer/gtk/CairoGraphics2D.java
index 9f8f494eb41..b665f562e25 100644
--- a/libjava/classpath/gnu/java/awt/peer/gtk/CairoGraphics2D.java
+++ b/libjava/classpath/gnu/java/awt/peer/gtk/CairoGraphics2D.java
@@ -40,6 +40,7 @@ package gnu.java.awt.peer.gtk;
 
 import gnu.java.awt.ClasspathToolkit;
 
+import java.awt.AWTPermission;
 import java.awt.AlphaComposite;
 import java.awt.BasicStroke;
 import java.awt.Color;
@@ -52,11 +53,11 @@ import java.awt.Graphics2D;
 import java.awt.GraphicsConfiguration;
 import java.awt.Image;
 import java.awt.Paint;
+import java.awt.Polygon;
 import java.awt.Rectangle;
 import java.awt.RenderingHints;
 import java.awt.Shape;
 import java.awt.Stroke;
-import java.awt.Polygon;
 import java.awt.TexturePaint;
 import java.awt.Toolkit;
 import java.awt.font.FontRenderContext;
@@ -65,8 +66,8 @@ import java.awt.font.TextLayout;
 import java.awt.geom.AffineTransform;
 import java.awt.geom.Arc2D;
 import java.awt.geom.Area;
+import java.awt.geom.Ellipse2D;
 import java.awt.geom.GeneralPath;
-import java.awt.geom.Line2D;
 import java.awt.geom.NoninvertibleTransformException;
 import java.awt.geom.PathIterator;
 import java.awt.geom.Point2D;
@@ -322,6 +323,11 @@ public abstract class CairoGraphics2D extends Graphics2D
    * Set the current transform matrix
    */
   private native void cairoSetMatrix(long pointer, double[] m);
+  
+  /**
+   * Scaling method
+   */
+  private native void cairoScale(long pointer, double x, double y);
 
   /**
    * Set the compositing operator
@@ -369,6 +375,18 @@ public abstract class CairoGraphics2D extends Graphics2D
    */
   private native void cairoRectangle(long pointer, double x, double y,
                                      double width, double height);
+  
+  /**
+   * Appends an arc to the current path
+   */
+  private native void cairoArc(long pointer, double x, double y,
+                               double radius, double angle1, double angle2);
+
+  /**
+   * Save / restore a cairo path
+   */
+  private native void cairoSave(long pointer);
+  private native void cairoRestore(long pointer);
 
   /**
    * New current path
@@ -427,6 +445,46 @@ public abstract class CairoGraphics2D extends Graphics2D
    */
   private native void cairoSurfaceSetFilter(long pointer, int filter);
 
+  /**
+   * Draws a line from (x1,y1) to (x2,y2).
+   *
+   * @param pointer the native pointer
+   *
+   * @param x1 the x coordinate of the starting point
+   * @param y1 the y coordinate of the starting point
+   * @param x2 the x coordinate of the end point
+   * @param y2 the y coordinate of the end point
+   */
+  private native void cairoDrawLine(long pointer, double x1, double y1,
+                                    double x2, double y2);
+
+  /**
+   * Draws a rectangle at starting point (x,y) and with the specified width
+   * and height.
+   *
+   * @param pointer the native pointer
+   * @param x the x coordinate of the upper left corner
+   * @param y the y coordinate of the upper left corner
+   * @param w the width of the rectangle
+   * @param h the height of the rectangle
+   */
+  private native void cairoDrawRect(long pointer, double x, double y, double w,
+                                    double h);
+
+  /**
+   * Fills a rectangle at starting point (x,y) and with the specified width
+   * and height.
+   *
+   * @param pointer the native pointer
+   * @param x the x coordinate of the upper left corner
+   * @param y the y coordinate of the upper left corner
+   * @param w the width of the rectangle
+   * @param h the height of the rectangle
+   */
+  private native void cairoFillRect(long pointer, double x, double y, double w,
+                                    double h);
+
+
   ///////////////////////// TRANSFORMS ///////////////////////////////////
   /**
    * Set the current transform
@@ -625,8 +683,8 @@ public abstract class CairoGraphics2D extends Graphics2D
 	int width = (int) tp.getAnchorRect().getWidth();
 	int height = (int) tp.getAnchorRect().getHeight();
 
-	double scaleX = (width+1) / (double) img.getWidth();
-	double scaleY = (height+1) / (double) img.getHeight();
+	double scaleX = width / (double) img.getWidth();
+	double scaleY = height / (double) img.getHeight();
 
 	AffineTransform at = new AffineTransform(scaleX, 0, 0, scaleY, 0, 0);
 	AffineTransformOp op = new AffineTransformOp(at, getRenderingHints());
@@ -737,7 +795,7 @@ public abstract class CairoGraphics2D extends Graphics2D
     else
       {
         GeneralPath p = new GeneralPath();
-        PathIterator pi = clip.getPathIterator(new AffineTransform());
+        PathIterator pi = clip.getPathIterator(null);
         p.append(pi, false);
         return p;
       }
@@ -847,6 +905,12 @@ public abstract class CairoGraphics2D extends Graphics2D
       }
     else
       {
+        // FIXME: this check is only required "if this Graphics2D
+        // context is drawing to a Component on the display screen".
+        SecurityManager sm = System.getSecurityManager();
+        if (sm != null)
+          sm.checkPermission(new AWTPermission("readDisplayPixels"));
+
         // FIXME: implement general Composite support
         throw new java.lang.UnsupportedOperationException();
       }
@@ -857,54 +921,79 @@ public abstract class CairoGraphics2D extends Graphics2D
   public void draw(Shape s)
   {
     if ((stroke != null && ! (stroke instanceof BasicStroke))
-        || (comp instanceof AlphaComposite
-            && ((AlphaComposite) comp).getAlpha() != 1.0))
+        || (comp instanceof AlphaComposite && ((AlphaComposite) comp).getAlpha() != 1.0))
       {
-        // FIXME: This is a hack to work around BasicStrokes's current
-        // limitations wrt cubic curves.
-        // See CubicSegment.getDisplacedSegments().
-        if (stroke instanceof BasicStroke)
-          {
-            PathIterator flatten = s.getPathIterator(new AffineTransform(),
-                                                       1.0);
-            GeneralPath p = new GeneralPath();
-            p.append(flatten, false);
-            s = p;
-          }
-	fill(stroke.createStrokedShape(s));
-	return;
+        // Cairo doesn't support stroking with alpha, so we create the stroked
+        // shape and fill with alpha instead
+        fill(stroke.createStrokedShape(s));
+        return;
       }
 
-    cairoNewPath(nativePointer);
-
-    if (s instanceof Rectangle2D)
-      {
-	Rectangle2D r = (Rectangle2D) s;
-	cairoRectangle(nativePointer, shifted(r.getX(), shiftDrawCalls),
-	               shifted(r.getY(), shiftDrawCalls), r.getWidth(),
-	               r.getHeight());
-      }
-    else
-      walkPath(s.getPathIterator(null), shiftDrawCalls);
+    createPath(s);
     cairoStroke(nativePointer);
   }
 
   public void fill(Shape s)
   {
+    createPath(s);
+
+    double alpha = 1.0;
+    if (comp instanceof AlphaComposite)
+      alpha = ((AlphaComposite) comp).getAlpha();
+    cairoFill(nativePointer, alpha);
+  }
+
+  private void createPath(Shape s)
+  {
     cairoNewPath(nativePointer);
+
+    // Optimize rectangles, since there is a direct Cairo function
     if (s instanceof Rectangle2D)
       {
-	Rectangle2D r = (Rectangle2D) s;
-	cairoRectangle(nativePointer, r.getX(), r.getY(), r.getWidth(),
+        Rectangle2D r = (Rectangle2D) s;
+        cairoRectangle(nativePointer, shifted(r.getX(), shiftDrawCalls),
+                       shifted(r.getY(), shiftDrawCalls), r.getWidth(),
                        r.getHeight());
       }
-    else
-      walkPath(s.getPathIterator(null), false);
 
-    double alpha = 1.0;
-    if (comp instanceof AlphaComposite)
-      alpha = ((AlphaComposite) comp).getAlpha();
-    cairoFill(nativePointer, alpha);
+    // We can optimize ellipses too; however we don't bother optimizing arcs:
+    // the iterator is fast enough (an ellipse requires 5 steps using the
+    // iterator, while most arcs are only 2-3)
+    else if (s instanceof Ellipse2D)
+      {
+        Ellipse2D e = (Ellipse2D) s;
+
+        double radius = Math.min(e.getHeight(), e.getWidth()) / 2;
+
+        // Cairo only draws circular shapes, but we can use a stretch to make
+        // them into ellipses
+        double xscale = 1, yscale = 1;
+        if (e.getHeight() != e.getWidth())
+          {
+            cairoSave(nativePointer);
+
+            if (e.getHeight() < e.getWidth())
+              xscale = e.getWidth() / (radius * 2);
+            else
+              yscale = e.getHeight() / (radius * 2);
+
+            if (xscale != 1 || yscale != 1)
+              cairoScale(nativePointer, xscale, yscale);
+          }
+
+        cairoArc(nativePointer,
+                 shifted(e.getCenterX() / xscale, shiftDrawCalls),
+                 shifted(e.getCenterY() / yscale, shiftDrawCalls), radius, 0,
+                 Math.PI * 2);
+
+        if (xscale != 1 || yscale != 1)
+          cairoRestore(nativePointer);
+      }
+
+    // All other shapes are broken down and drawn in steps using the
+    // PathIterator
+    else
+      walkPath(s.getPathIterator(null), shiftDrawCalls);
   }
 
   /**
@@ -940,12 +1029,19 @@ public abstract class CairoGraphics2D extends Graphics2D
 
   public void drawLine(int x1, int y1, int x2, int y2)
   {
-    draw(new Line2D.Double(x1, y1, x2, y2));
+    // The coordinates being pairwise identical means one wants
+    // to draw a single pixel. This is emulated by drawing
+    // a one pixel sized rectangle.
+    if (x1 == x2 && y1 == y2)
+      cairoFillRect(nativePointer, x1, y1, 1, 1);
+    else
+      cairoDrawLine(nativePointer, x1 + 0.5, y1 + 0.5, x2 + 0.5, y2 + 0.5);
   }
 
   public void drawRect(int x, int y, int width, int height)
   {
-    draw(new Rectangle(x, y, width, height));
+    cairoDrawRect(nativePointer, shifted(x, shiftDrawCalls),
+                  shifted(y, shiftDrawCalls), width, height);
   }
 
   public void fillArc(int x, int y, int width, int height, int startAngle,
@@ -958,7 +1054,7 @@ public abstract class CairoGraphics2D extends Graphics2D
 
   public void fillRect(int x, int y, int width, int height)
   {
-    fill(new Rectangle(x, y, width, height));
+    cairoFillRect(nativePointer, x, y, width, height);
   }
 
   public void fillPolygon(int[] xPoints, int[] yPoints, int nPoints)
@@ -1137,6 +1233,9 @@ public abstract class CairoGraphics2D extends Graphics2D
     if (img == null)
       return false;
 
+    if (xform == null)
+      xform = new AffineTransform();
+
     // In this case, xform is an AffineTransform that transforms bounding
     // box of the specified image from image space to user space. However
     // when we pass this transform to cairo, cairo will use this transform
@@ -1160,6 +1259,7 @@ public abstract class CairoGraphics2D extends Graphics2D
     // Note - this can get us in trouble when the gdk lock is re-acquired.
     // for example by VolatileImage. See ComponentGraphics for how we work
     // around this.
+    
     if( !(img instanceof BufferedImage) )
       {
 	ImageProducer source = img.getSource();
@@ -1176,6 +1276,7 @@ public abstract class CairoGraphics2D extends Graphics2D
 
     // If this BufferedImage has a BufferedImageGraphics object, 
     // use the cached CairoSurface that BIG is drawing onto
+    
     if( BufferedImageGraphics.bufferedImages.get( b ) != null )
       db = (DataBuffer)BufferedImageGraphics.bufferedImages.get( b );
     else
@@ -1190,6 +1291,7 @@ public abstract class CairoGraphics2D extends Graphics2D
     if(db instanceof CairoSurface)
       {
 	((CairoSurface)db).drawSurface(nativePointer, i2u, alpha);
+        updateColor();
 	return true;
       }
 	    
@@ -1206,24 +1308,7 @@ public abstract class CairoGraphics2D extends Graphics2D
 	setPaint( oldPaint );
       }
 
-    int[] pixels;
-
-    // Shortcut for easy color models.
-    if( b.getColorModel().equals(rgb32) )
-      {
-	pixels = ((DataBufferInt)db).getData();
-	for(int i = 0; i < pixels.length; i++)
-	  pixels[i] |= 0xFF000000;
-      }
-    else if( b.getColorModel().equals(argb32) )
-      {
-	pixels = ((DataBufferInt)db).getData();
-      }
-    else
-      {
-	pixels = b.getRGB(0, 0, width, height,
-			  null, 0, width);
-      }
+    int[] pixels = b.getRGB(0, 0, width, height, null, 0, width);
 
     drawPixels(nativePointer, pixels, width, height, width, i2u, alpha);
 
@@ -1249,7 +1334,9 @@ public abstract class CairoGraphics2D extends Graphics2D
 
   public void drawImage(BufferedImage image, BufferedImageOp op, int x, int y)
   {
-    Image filtered = op.filter(image, null);
+    Image filtered = image;
+    if (op != null)
+      filtered = op.filter(image, null);
     drawImage(filtered, new AffineTransform(1f, 0f, 0f, 1f, x, y), null, null);
   }
 
@@ -1317,7 +1404,7 @@ public abstract class CairoGraphics2D extends Graphics2D
     else
       { cy = dy2; ch = dy1 - dy2; }
     
-    setClip( cx, cy, cw, ch );
+    clipRect( cx, cy, cw, ch );
 
     AffineTransform tx = new AffineTransform();
     tx.translate( dx1 - sx1*scaleX, dy1 - sy1*scaleY );
@@ -1358,6 +1445,10 @@ public abstract class CairoGraphics2D extends Graphics2D
   public void drawGlyphVector(GlyphVector gv, float x, float y)
   {
     double alpha = 1.0;
+
+    if( gv.getNumGlyphs() <= 0 )
+      return;
+
     if (comp instanceof AlphaComposite)
       alpha = ((AlphaComposite) comp).getAlpha();
     if (gv instanceof FreetypeGlyphVector && alpha == 1.0)
@@ -1367,8 +1458,11 @@ public abstract class CairoGraphics2D extends Graphics2D
         float[] positions = gv.getGlyphPositions (0, n, null);
 
         setFont (gv.getFont ());
-        cairoDrawGlyphVector(nativePointer, (GdkFontPeer)getFont().getPeer(),
-                             x, y, n, codes, positions);
+	synchronized( this.font ) 
+	  { 
+	    cairoDrawGlyphVector(nativePointer, (GdkFontPeer)getFont().getPeer(),
+				 x, y, n, codes, positions);
+	  }
       }
     else
       {
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/CairoSurface.java b/libjava/classpath/gnu/java/awt/peer/gtk/CairoSurface.java
index 5ccd2e14eb9..78bc1e02db0 100644
--- a/libjava/classpath/gnu/java/awt/peer/gtk/CairoSurface.java
+++ b/libjava/classpath/gnu/java/awt/peer/gtk/CairoSurface.java
@@ -38,26 +38,16 @@ exception statement from your version. */
 
 package gnu.java.awt.peer.gtk;
 
-import java.awt.Graphics;
-import java.awt.Color;
-import java.awt.Image;
 import java.awt.Point;
 import java.awt.Graphics2D;
-import java.awt.GraphicsConfiguration;
 import java.awt.image.DataBuffer;
 import java.awt.image.Raster;
 import java.awt.image.WritableRaster;
 import java.awt.image.BufferedImage;
 import java.awt.image.ColorModel;
 import java.awt.image.DirectColorModel;
-import java.io.File;
-import java.io.IOException;
+import java.nio.ByteOrder;
 import java.util.Hashtable;
-import java.util.Vector;
-import java.io.ByteArrayOutputStream;
-import java.io.BufferedInputStream;
-import java.net.URL;
-import gnu.classpath.Pointer;
 
 /**
  * CairoSurface - wraps a Cairo surface.
@@ -79,10 +69,10 @@ public class CairoSurface extends DataBuffer
   long bufferPointer;
 
 
-  static ColorModel nativeModel = new DirectColorModel(32, 
-						       0x000000FF,
-						       0x0000FF00,
+  static ColorModel nativeModel = new DirectColorModel(32,
 						       0x00FF0000,
+						       0x0000FF00,
+						       0x000000FF,
 						       0xFF000000);
 
   /**
@@ -177,28 +167,45 @@ public class CairoSurface extends DataBuffer
     height = image.height;
 
     create(width, height, width);
-    
+
     if(surfacePointer == 0 || bufferPointer == 0)
       throw new Error("Could not allocate bitmap.");
-    
+
     // Copy the pixel data from the GtkImage.
     int[] data = image.getPixels();
 
     // Swap ordering from GdkPixbuf to Cairo
-    for(int i = 0; i < data.length; i++ )
+    if (ByteOrder.nativeOrder() == ByteOrder.BIG_ENDIAN)
+      {
+	for (int i = 0; i < data.length; i++ )
+	  {
+	    // On a big endian system we get a RRGGBBAA data array.
+	    int alpha = data[i] & 0xFF;
+	    if( alpha == 0 ) // I do not know why we need this, but it works.
+	      data[i] = 0;
+	    else
+	      {
+		// Cairo needs a ARGB32 native array.
+		data[i] = (data[i] >>> 8) | (alpha << 24);
+	      }
+	  }
+      }
+    else
       {
-	int alpha = (data[i] & 0xFF000000) >> 24;
-	if( alpha == 0 ) // I do not know why we need this, but it works.
-	  data[i] = 0;
-	else
+	for (int i = 0; i < data.length; i++ )
 	  {
-	    int r = (((data[i] & 0x00FF0000) >> 16) );
-	    int g = (((data[i] & 0x0000FF00) >> 8) );
-	    int b = ((data[i] & 0x000000FF) );
-	    data[i] = (( alpha << 24 ) & 0xFF000000) 
-	      | (( b << 16 ) & 0x00FF0000)
-	      | (( g << 8 )  & 0x0000FF00)
-	      | ( r  & 0x000000FF);
+	    // On a little endian system we get a AABBGGRR data array.
+	    int alpha = data[i] & 0xFF000000;
+	    if( alpha == 0 ) // I do not know why we need this, but it works.
+	      data[i] = 0;
+	    else
+	      {
+		int b = (data[i] & 0xFF0000) >> 16;
+		int g = (data[i] & 0xFF00);
+		int r = (data[i] & 0xFF) << 16;
+		// Cairo needs a ARGB32 native array.
+		data[i] = alpha | r | g | b;
+	      }
 	  }
       }
 
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/CairoSurfaceGraphics.java b/libjava/classpath/gnu/java/awt/peer/gtk/CairoSurfaceGraphics.java
index 91f0b4981df..7bd136c3845 100644
--- a/libjava/classpath/gnu/java/awt/peer/gtk/CairoSurfaceGraphics.java
+++ b/libjava/classpath/gnu/java/awt/peer/gtk/CairoSurfaceGraphics.java
@@ -39,14 +39,9 @@ exception statement from your version. */
 package gnu.java.awt.peer.gtk;
 
 import java.awt.Graphics;
-import java.awt.Color;
 import java.awt.GraphicsEnvironment;
-import java.awt.Image;
-import java.awt.Point;
-import java.awt.Graphics2D;
 import java.awt.GraphicsConfiguration;
 import java.awt.geom.Rectangle2D;
-import java.awt.image.*;
 
 /**
  * Implementation of Graphics2D on a Cairo surface.
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/ComponentGraphics.java b/libjava/classpath/gnu/java/awt/peer/gtk/ComponentGraphics.java
index d1d3c280454..ffa78e9c904 100644
--- a/libjava/classpath/gnu/java/awt/peer/gtk/ComponentGraphics.java
+++ b/libjava/classpath/gnu/java/awt/peer/gtk/ComponentGraphics.java
@@ -39,7 +39,6 @@ exception statement from your version. */
 package gnu.java.awt.peer.gtk;
 
 import java.awt.Color;
-import java.awt.Font;
 import java.awt.Graphics;
 import java.awt.Graphics2D;
 import java.awt.GraphicsConfiguration;
@@ -47,16 +46,14 @@ import java.awt.Image;
 import java.awt.Rectangle;
 import java.awt.Shape;
 import java.awt.Toolkit;
-import java.awt.Point;
-import java.awt.font.FontRenderContext;
 import java.awt.font.GlyphVector;
 import java.awt.geom.AffineTransform;
 import java.awt.geom.Rectangle2D;
 import java.awt.image.BufferedImage;
 import java.awt.image.ImageObserver;
 import java.awt.image.ImageProducer;
-import java.awt.image.ImagingOpException;
 import java.awt.image.RenderedImage;
+import gnu.classpath.Pointer;
 
 /**
  * ComponentGraphics - context for drawing directly to a component,
@@ -66,6 +63,8 @@ import java.awt.image.RenderedImage;
  */
 public class ComponentGraphics extends CairoGraphics2D
 {
+  private static final boolean hasXRenderExtension = hasXRender();
+
   private GtkComponentPeer component;
   protected long cairo_t;
 
@@ -164,13 +163,27 @@ public class ComponentGraphics extends CairoGraphics2D
    */
   public static native boolean hasXRender();
 
+  /**
+   * This is a utility method (used by GtkComponentPeer) for grabbing the
+   * image of a component.
+   */
+  private static native Pointer nativeGrab(GtkComponentPeer component);
 
   private native void copyAreaNative(GtkComponentPeer component, int x, int y, 
 				     int width, int height, int dx, int dy);
 
   private native void drawVolatile(GtkComponentPeer component,
 				   long vimg, int x, int y, 
-				   int width, int height);
+				   int width, int height, int cx, int cy,
+                                   int cw, int ch);
+
+  /**
+   * Not really related (moveme?). Utility method used by GtkComponent.
+   */
+  public static GtkImage grab( GtkComponentPeer component )
+  {
+    return new GtkImage( nativeGrab( component ) );
+  }
 
   /**
    * Returns a Graphics2D object for a component, either an instance of this 
@@ -178,7 +191,7 @@ public class ComponentGraphics extends CairoGraphics2D
    */
   public static Graphics2D getComponentGraphics(GtkComponentPeer component)
   {
-    if( hasXRender() )
+    if( hasXRenderExtension )
       return new ComponentGraphics(component);
 
     Rectangle r = component.awtComponent.getBounds();
@@ -285,21 +298,24 @@ public class ComponentGraphics extends CairoGraphics2D
     if (img instanceof GtkVolatileImage)
       {
         GtkVolatileImage vimg = (GtkVolatileImage) img;
-	int type = transform.getType();
-	if (type == AffineTransform.TYPE_IDENTITY)
-	  {
-	    drawVolatile(component, vimg.nativePointer,
-			 x, y, vimg.width, vimg.height);
-	    return true;
-	  }
-	  else if (type == AffineTransform.TYPE_TRANSLATION)
-	  {
-	    x += transform.getTranslateX();
-	    y += transform.getTranslateY();
-	    drawVolatile(component, vimg.nativePointer,
-			 x, y, vimg.width, vimg.height);
-	    return true;
-	  }
+        int type = transform.getType();
+        if ((type == AffineTransform.TYPE_IDENTITY
+             || type == AffineTransform.TYPE_TRANSLATION)
+             && (clip == null || clip instanceof Rectangle2D))
+          {
+            Rectangle2D r = (Rectangle2D) clip;
+            if (r == null)
+              r = getRealBounds();
+            x += transform.getTranslateX();
+            y += transform.getTranslateY();
+            drawVolatile(component, vimg.nativePointer,
+                         x, y, vimg.width, vimg.height,
+                         (int) (r.getX() + transform.getTranslateX()),
+                         (int) (r.getY() + transform.getTranslateY()),
+                         (int) r.getWidth(),
+                         (int) r.getHeight());
+            return true;
+          }
 	else
 	  return super.drawImage(vimg.getSnapshot(), x, y, observer);
       }
@@ -323,24 +339,28 @@ public class ComponentGraphics extends CairoGraphics2D
     // If it is a GtkVolatileImage with an "easy" transform then
     // draw directly. Always pass a BufferedImage to super to avoid
     // deadlock (see Note in CairoGraphics.drawImage()).
-    if (img instanceof GtkVolatileImage)
+    if (img instanceof GtkVolatileImage
+        && (clip == null || clip instanceof Rectangle2D))
       {
         GtkVolatileImage vimg = (GtkVolatileImage) img;
-	int type = transform.getType();
-	if (type == AffineTransform.TYPE_IDENTITY)
-	  {
-	    drawVolatile(component, vimg.nativePointer,
-			 x, y, width, height);
-	    return true;
-	  }
-	  else if (type == AffineTransform.TYPE_TRANSLATION)
-	  {
-	    x += transform.getTranslateX();
-	    y += transform.getTranslateY();
-	    drawVolatile(component, vimg.nativePointer,
-			 x, y, width, height);
-	    return true;
-	  }
+        int type = transform.getType();
+        if ((type == AffineTransform.TYPE_IDENTITY
+             || type == AffineTransform.TYPE_TRANSLATION)
+             && (clip == null || clip instanceof Rectangle2D))
+          {
+            Rectangle2D r = (Rectangle2D) clip;
+            if (r == null)
+              r = getRealBounds();
+            x += transform.getTranslateX();
+            y += transform.getTranslateY();
+            drawVolatile(component, vimg.nativePointer,
+                         x, y, width, height,
+                         (int) (r.getX() + transform.getTranslateX()),
+                         (int) (r.getY() + transform.getTranslateY()),
+                         (int) r.getWidth(),
+                         (int) r.getHeight());
+            return true;
+          }
 	else
 	  return super.drawImage(vimg.getSnapshot(), x, y,
 				 width, height, observer);
@@ -359,5 +379,57 @@ public class ComponentGraphics extends CairoGraphics2D
     return super.drawImage(bimg, x, y, width, height, observer);
   }
 
+  public void drawLine(int x1, int y1, int x2, int y2)
+  {
+    lock();
+    try
+      {
+        super.drawLine(x1, y1, x2, y2);
+      }
+    finally
+      {
+        unlock();
+      }
+  }
+
+  public void drawRect(int x, int y, int width, int height)
+  {
+    lock();
+    try
+      {
+        super.drawRect(x, y, width, height);
+      }
+    finally
+      {
+        unlock();
+      }
+  }
+
+  public void fillRect(int x, int y, int width, int height)
+  {
+    lock();
+    try
+      {
+        super.fillRect(x, y, width, height);
+      }
+    finally
+      {
+        unlock();
+      }
+  }
+
+  public void setClip(Shape s)
+  {
+    lock();
+    try
+      {
+	super.setClip(s);
+      }
+    finally
+      {
+	unlock();
+      }
+  }
+
 }
 
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/ComponentGraphicsCopy.java b/libjava/classpath/gnu/java/awt/peer/gtk/ComponentGraphicsCopy.java
index 286fbeac060..2216d459a0e 100644
--- a/libjava/classpath/gnu/java/awt/peer/gtk/ComponentGraphicsCopy.java
+++ b/libjava/classpath/gnu/java/awt/peer/gtk/ComponentGraphicsCopy.java
@@ -39,17 +39,11 @@ exception statement from your version. */
 package gnu.java.awt.peer.gtk;
 
 import java.awt.Color;
-import java.awt.Graphics;
-import java.awt.Graphics2D;
-import java.awt.GraphicsConfiguration;
 import java.awt.Image;
-import java.awt.Point;
 import java.awt.Rectangle;
 import java.awt.Shape;
 import java.awt.font.GlyphVector;
 import java.awt.geom.AffineTransform;
-import java.awt.image.BufferedImage;
-import java.awt.image.DataBuffer;
 import java.awt.image.RenderedImage;
 import java.awt.image.ImageObserver;
 
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/FreetypeGlyphVector.java b/libjava/classpath/gnu/java/awt/peer/gtk/FreetypeGlyphVector.java
index 4978c6a4557..2c9d917934f 100644
--- a/libjava/classpath/gnu/java/awt/peer/gtk/FreetypeGlyphVector.java
+++ b/libjava/classpath/gnu/java/awt/peer/gtk/FreetypeGlyphVector.java
@@ -137,6 +137,35 @@ public class FreetypeGlyphVector extends GlyphVector
   }
 
   /**
+   * Cloning constructor
+   */  
+  private FreetypeGlyphVector( FreetypeGlyphVector gv )
+  {
+    font = gv.font;
+    peer = gv.peer;
+    frc = gv.frc;
+    s = gv.s;
+    nGlyphs = gv.nGlyphs;
+    logicalBounds = gv.logicalBounds.getBounds2D();
+
+    if( gv.metricsCache != null )
+      {
+	metricsCache = new GlyphMetrics[ nGlyphs ];
+	System.arraycopy(gv.metricsCache, 0, metricsCache, 0, nGlyphs);
+      }
+
+    glyphCodes = new int[ nGlyphs ];
+    glyphPositions = new float[ nGlyphs ];
+    glyphTransforms = new AffineTransform[ nGlyphs ];
+    for(int i = 0; i < nGlyphs; i++ )
+      {
+	glyphTransforms[ i ] = new AffineTransform( gv.glyphTransforms[ i ] );
+	glyphCodes[i] = gv.glyphCodes[ i ];
+	glyphPositions[i] = gv.glyphPositions[ i ];
+      }
+  }
+
+  /**
    * Create the array of glyph codes.
    */
   private void getGlyphs()
@@ -172,6 +201,12 @@ public class FreetypeGlyphVector extends GlyphVector
 
   private native GeneralPath getGlyphOutlineNative(int glyphIndex);
 
+
+  public Object clone()
+  {
+    return new FreetypeGlyphVector( this );
+  }
+
   /**
    * Duh, compares two instances.
    */
@@ -260,8 +295,11 @@ public class FreetypeGlyphVector extends GlyphVector
     if( gm == null )
       return null; 
     Rectangle2D r = gm.getBounds2D();
-    return new Rectangle2D.Double( r.getX() - gm.getLSB(), r.getY(),
-				   gm.getAdvanceX(), r.getHeight() );
+    Point2D p = getGlyphPosition( glyphIndex );
+    return new Rectangle2D.Double( p.getX() + r.getX() - gm.getLSB(), 
+				   p.getY() + r.getY(),
+				   gm.getAdvanceX(), 
+				   r.getHeight() );
   }
 
   /*
@@ -385,8 +423,6 @@ public class FreetypeGlyphVector extends GlyphVector
     for( int i = 1; i < nGlyphs; i++ )
       {
 	Rectangle2D r2 = (Rectangle2D)getGlyphLogicalBounds( i );
-	Point2D p = getGlyphPosition( i );
-	r2.setRect( p.getX(), p.getY(), r2.getWidth(), r2.getHeight() );
 	rect = rect.createUnion( r2 );
       }
 
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GdkFontPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GdkFontPeer.java
index f5ed8a71010..11635c3544e 100644
--- a/libjava/classpath/gnu/java/awt/peer/gtk/GdkFontPeer.java
+++ b/libjava/classpath/gnu/java/awt/peer/gtk/GdkFontPeer.java
@@ -38,7 +38,6 @@ exception statement from your version. */
 
 package gnu.java.awt.peer.gtk;
 
-import gnu.classpath.Configuration;
 import gnu.java.awt.peer.ClasspathFontPeer;
 import gnu.java.awt.font.opentype.NameDecoder;
 
@@ -50,9 +49,7 @@ import java.awt.font.GlyphVector;
 import java.awt.font.GlyphMetrics;
 import java.awt.font.LineMetrics;
 import java.awt.geom.Rectangle2D;
-import java.awt.geom.Point2D;
 import java.text.CharacterIterator;
-import java.text.StringCharacterIterator;
 import java.util.Locale;
 import java.util.Map;
 import java.util.ResourceBundle;
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GdkGraphicsEnvironment.java b/libjava/classpath/gnu/java/awt/peer/gtk/GdkGraphicsEnvironment.java
index 035819d1c4b..e095c7dad4b 100644
--- a/libjava/classpath/gnu/java/awt/peer/gtk/GdkGraphicsEnvironment.java
+++ b/libjava/classpath/gnu/java/awt/peer/gtk/GdkGraphicsEnvironment.java
@@ -134,5 +134,9 @@ public class GdkGraphicsEnvironment extends GraphicsEnvironment
   {
     throw new java.lang.UnsupportedOperationException ();
   }
-  
+
+  /**
+   * Used by GtkMouseInfoPeer.
+   */ 
+  native int[] getMouseCoordinates();
 }
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GdkPixbufDecoder.java b/libjava/classpath/gnu/java/awt/peer/gtk/GdkPixbufDecoder.java
index cd047f26715..6d0a52b91be 100644
--- a/libjava/classpath/gnu/java/awt/peer/gtk/GdkPixbufDecoder.java
+++ b/libjava/classpath/gnu/java/awt/peer/gtk/GdkPixbufDecoder.java
@@ -38,13 +38,10 @@ exception statement from your version. */
 
 package gnu.java.awt.peer.gtk;
 
-import gnu.classpath.Configuration;
-
 import java.awt.image.BufferedImage;
 import java.awt.image.ColorModel;
 import java.awt.image.DirectColorModel;
 import java.awt.image.ImageConsumer;
-import java.awt.image.ImageProducer;
 import java.awt.image.Raster;
 import java.awt.image.RenderedImage;
 import java.io.DataInput;
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GdkTextLayout.java b/libjava/classpath/gnu/java/awt/peer/gtk/GdkTextLayout.java
deleted file mode 100644
index a8765222e0e..00000000000
--- a/libjava/classpath/gnu/java/awt/peer/gtk/GdkTextLayout.java
+++ /dev/null
@@ -1,393 +0,0 @@
-/* GdkTextLayout.java
-   Copyright (C) 2003, 2005, 2006  Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package gnu.java.awt.peer.gtk;
-
-import gnu.classpath.Configuration;
-import gnu.java.awt.peer.ClasspathTextLayoutPeer;
-
-import java.awt.Font;
-import java.awt.Graphics2D;
-import java.awt.Shape;
-import java.awt.font.FontRenderContext;
-import java.awt.font.GlyphMetrics;
-import java.awt.font.GlyphVector;
-import java.awt.font.TextAttribute;
-import java.awt.font.TextHitInfo;
-import java.awt.font.TextLayout;
-import java.awt.geom.AffineTransform;
-import java.awt.geom.GeneralPath;
-import java.awt.geom.Rectangle2D;
-import java.text.AttributedCharacterIterator;
-import java.text.AttributedString;
-import java.text.CharacterIterator;
-
-/**
- * This is an implementation of the text layout peer interface which
- * delegates all the hard work to pango.
- *
- * @author Graydon Hoare
- */
-
-public class GdkTextLayout 
-  implements ClasspathTextLayoutPeer
-{
-  // native side, plumbing, etc.
-  static 
-  {
-    System.loadLibrary("gtkpeer");
-
-    initStaticState ();
-  }
-  private native void setText(String str);
-  private native void setFont(GdkFontPeer font);
-  private native void getExtents(double[] inkExtents,
-                                 double[] logExtents);
-  private native void indexToPos(int idx, double[] pos);
-
-  private native void initState ();
-
-  private native void dispose ();
-
-  private native void cairoDrawGdkTextLayout(long cg2d, float x, float y);
-
-  static native void initStaticState();
-
-  private final int native_state = GtkGenericPeer.getUniqueInteger ();
-
-  protected void finalize ()
-  {
-    dispose ();
-  }
-
-  // we hold on to these to make sure we can render when presented
-  // with non-GdkGraphics2D paint targets
-  private AttributedString attributedString;
-  private FontRenderContext fontRenderContext;
-
-  public GdkTextLayout(AttributedString str, FontRenderContext frc)
-  {
-    initState();
-    attributedString = str;
-    fontRenderContext = frc;
-    AttributedCharacterIterator aci = str.getIterator();
-    char[] chars = new char[aci.getEndIndex() - aci.getBeginIndex()];
-    for(int i = aci.getBeginIndex(); i < aci.getEndIndex(); i++)
-      chars[i] = aci.setIndex(i);    
-    setText(new String(chars));
-
-    Object fnt = aci.getAttribute(TextAttribute.FONT);
-    if (fnt != null && fnt instanceof Font) 	 
-      setFont( (GdkFontPeer) ((Font)fnt).getPeer() );
-  }
-
-  protected class CharacterIteratorProxy 
-    implements CharacterIterator
-  {
-    public CharacterIterator target;
-    public int begin;
-    public int limit;
-    public int index;
-
-    public CharacterIteratorProxy (CharacterIterator ci)
-    {
-      target = ci;
-    }
-
-    public int getBeginIndex ()
-    {
-      return begin;
-    }
-
-    public int getEndIndex ()
-    {
-      return limit;
-    }
-
-    public int getIndex ()
-    {
-      return index;
-    }
-
-    public char setIndex (int idx) 
-      throws IllegalArgumentException
-    {
-      if (idx < begin || idx >= limit)
-        throw new IllegalArgumentException ();
-      char ch = target.setIndex (idx);
-      index = idx;
-      return ch;
-    }
-
-    public char first ()
-    {
-      int save = target.getIndex ();
-      char ch = target.setIndex (begin);
-      target.setIndex (save);
-      return ch;
-    }
-
-    public char last ()
-    {
-      if (begin == limit)
-        return this.first ();
-
-      int save = target.getIndex ();
-      char ch = target.setIndex (limit - 1);
-      target.setIndex (save);
-      return ch;
-    }
-
-    public char current ()
-    {
-      return target.current();
-    }
-
-    public char next ()
-    {
-      if (index >= limit - 1)
-        return CharacterIterator.DONE;
-      else
-        {
-          index++;
-          return target.next();
-        }
-    }
-
-    public char previous ()
-    {
-      if (index <= begin)
-        return CharacterIterator.DONE;
-      else
-        {
-          index--;
-          return target.previous ();
-        }
-    }
-
-    public Object clone ()
-    {
-      CharacterIteratorProxy cip = new CharacterIteratorProxy (this.target);
-      cip.begin = this.begin;
-      cip.limit = this.limit;
-      cip.index = this.index;
-      return cip;
-    }
-    
-  }
-
-
-  // public side
-
-  public void draw (Graphics2D g2, float x, float y)
-  {
-    cairoDrawGdkTextLayout(((CairoGraphics2D) g2).nativePointer, x, y);
-  }
-
-  public TextHitInfo getStrongCaret (TextHitInfo hit1, 
-                                     TextHitInfo hit2)
-  {
-    throw new Error("not implemented");
-  }
-
-  public byte getBaseline ()
-  {
-    throw new Error("not implemented");
-  }
-
-  public boolean isLeftToRight ()
-  {
-    throw new Error("not implemented");
-  }
-
-  public boolean isVertical ()
-  {
-    throw new Error("not implemented");
-  }
-
-  public float getAdvance ()
-  {
-    throw new Error("not implemented");
-  }
-
-  public float getAscent ()
-  {
-    throw new Error("not implemented");
-  }
-
-  public float getDescent ()
-  {
-    throw new Error("not implemented");
-  }
-
-  public float getLeading ()
-  {
-    throw new Error("not implemented");
-  }
-
-  public int getCharacterCount ()
-  {
-    throw new Error("not implemented");
-  }
-
-  public byte getCharacterLevel (int index)
-  {
-    throw new Error("not implemented");
-  }
-
-  public float[] getBaselineOffsets ()
-  {
-    throw new Error("not implemented");
-  }
-
-  public Shape getBlackBoxBounds (int firstEndpoint, int secondEndpoint)
-  {
-    throw new Error("not implemented");
-  }
-
-  public Rectangle2D getBounds ()
-  {
-    double[] inkExtents = new double[4];
-    double[] logExtents = new double[4];
-    getExtents(inkExtents, logExtents);
-    return new Rectangle2D.Double(logExtents[0], logExtents[1],
-                                  logExtents[2], logExtents[3]);
-  }
-
-  public float[] getCaretInfo (TextHitInfo hit, Rectangle2D bounds)
-  {
-    throw new Error("not implemented");
-  }
-
-  public Shape getCaretShape (TextHitInfo hit, Rectangle2D bounds)
-  {
-    throw new Error("not implemented");
-  }
-
-  public Shape[] getCaretShapes (int offset, Rectangle2D bounds,
-                                 TextLayout.CaretPolicy policy)
-  {
-    throw new Error("not implemented");
-  }
-
-  public Shape getLogicalHighlightShape (int firstEndpoint, int secondEndpoint,
-                                         Rectangle2D bounds)
-  {
-    AffineTransform at = new AffineTransform();
-    GeneralPath gp = new GeneralPath();
-    double [] rect = new double[4];
-    Rectangle2D tmp = new Rectangle2D.Double();
-    for (int i = firstEndpoint; i <= secondEndpoint; ++i)
-      {
-        indexToPos(i, rect);
-        tmp.setRect(rect[0], rect[1], rect[2], rect[3]);
-        Rectangle2D.intersect(tmp, bounds, tmp);
-        gp.append(tmp.getPathIterator(at), false);
-      }
-    return gp;
-  }
-
-  public int[] getLogicalRangesForVisualSelection (TextHitInfo firstEndpoint,
-                                                   TextHitInfo secondEndpoint)
-  {
-    throw new Error("not implemented");
-  }
-  
-  public TextHitInfo getNextLeftHit (int offset, TextLayout.CaretPolicy policy)
-  {
-    throw new Error("not implemented");
-  }
-  public TextHitInfo getNextRightHit (int offset, TextLayout.CaretPolicy policy)
-  {
-    throw new Error("not implemented");
-  }
-  public TextHitInfo hitTestChar (float x, float y, Rectangle2D bounds)
-  {
-    throw new Error("not implemented");
-  }
-  public TextHitInfo getVisualOtherHit (TextHitInfo hit)
-  {
-    throw new Error("not implemented");
-  }
-
-  public float getVisibleAdvance ()
-  {
-    throw new Error("not implemented");
-  }
-
-  public native Shape getOutline (AffineTransform tx);
-
-  public Shape getVisualHighlightShape (TextHitInfo firstEndpoint,
-                                        TextHitInfo secondEndpoint,
-                                        Rectangle2D bounds)
-  {
-    throw new Error("not implemented");
-  }
-
-  
-  public TextLayout getJustifiedLayout (float justificationWidth)
-  {
-    throw new Error("not implemented");
-  }
-
-  public void handleJustify (float justificationWidth)
-  {
-    throw new Error("not implemented");
-  }
-
-  public Object clone ()
-  {
-    throw new Error("not implemented");
-  }
-
-  public int hashCode ()
-  {
-    throw new Error("not implemented");
-  }
-
-  public boolean equals (ClasspathTextLayoutPeer tl)
-  {
-    throw new Error("not implemented");
-  }
-
-  public String toString ()
-  {
-    throw new Error("not implemented");
-  }
-
-}
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkButtonPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkButtonPeer.java
index 63d9cd48715..f18db7af9f1 100644
--- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkButtonPeer.java
+++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkButtonPeer.java
@@ -38,13 +38,8 @@ exception statement from your version. */
 
 package gnu.java.awt.peer.gtk;
 
-import java.awt.AWTEvent;
 import java.awt.Button;
-import java.awt.Component;
-import java.awt.Point;
 import java.awt.event.ActionEvent;
-import java.awt.event.KeyEvent;
-import java.awt.event.MouseEvent;
 import java.awt.peer.ButtonPeer;
 
 // A composite widget.  GtkButtons have transparent backgrounds.  An
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkCanvasPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkCanvasPeer.java
index edfc9ceee9c..30c39dedeac 100644
--- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkCanvasPeer.java
+++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkCanvasPeer.java
@@ -53,8 +53,8 @@ public class GtkCanvasPeer extends GtkComponentPeer implements CanvasPeer
 
   // Preferred size for a drawing widget is always what the user
   // requested.
-  public Dimension getPreferredSize ()
+  public Dimension preferredSize()
   {
-    return awtComponent.getSize ();
+    return awtComponent.getSize();
   }
 }
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkCheckboxPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkCheckboxPeer.java
index 094aa3c0391..90d16c57282 100644
--- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkCheckboxPeer.java
+++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkCheckboxPeer.java
@@ -40,20 +40,32 @@ package gnu.java.awt.peer.gtk;
 
 import java.awt.Checkbox;
 import java.awt.CheckboxGroup;
-import java.awt.peer.CheckboxPeer;
-
 import java.awt.event.ItemEvent;
+import java.awt.peer.CheckboxPeer;
+import java.util.WeakHashMap;
 
+/**
+ * This class wraps either a GtkCheckButton or a GtkOptionButton
+ * depending on if this peer's owner belongs to a CheckboxGroup.
+ */
 public class GtkCheckboxPeer extends GtkComponentPeer
   implements CheckboxPeer
 {
-  // Group from last time it was set.
-  public GtkCheckboxGroupPeer old_group;
+  // The CheckboxGroup to which this GtkCheckboxPeer's owner belongs.
+  public CheckboxGroup current_group;
   // The current state of the GTK checkbox.
-  private boolean currentState;  
+  private boolean currentState;
+
+  // A map from CheckboxGroup to GSList* GTK option group pointer.
+  private static WeakHashMap groupMap = new WeakHashMap();
+
+  public native void createCheckButton ();
+  public native void createRadioButton (long groupPointer);
 
-  public native void create (GtkCheckboxGroupPeer group);
-  public native void nativeSetCheckboxGroup (GtkCheckboxGroupPeer group);
+  public native void addToGroup (long groupPointer);
+  public native void removeFromGroup ();
+  public native void switchToGroup (long groupPointer);
+  
   public native void connectSignals ();
 
   /**
@@ -68,17 +80,47 @@ public class GtkCheckboxPeer extends GtkComponentPeer
     super (c);
   }
 
-  // FIXME: we must be able to switch between a checkbutton and a
-  // radiobutton dynamically.
   public void create ()
   {
     Checkbox checkbox = (Checkbox) awtComponent;
-    CheckboxGroup g = checkbox.getCheckboxGroup ();
-    old_group = GtkCheckboxGroupPeer.getCheckboxGroupPeer (g);
-    create (old_group);
+    current_group = checkbox.getCheckboxGroup ();
+    if (current_group == null)
+      {
+        // Initially we're not part of a group so we're backed by a
+        // GtkCheckButton.
+        createCheckButton();
+      }
+    else
+      {
+        // Initially we're part of a group.
+
+        // See if this group is already stored in our map.
+        Long groupPointer = null;
+        synchronized (groupMap)
+        {
+          groupPointer = (Long) groupMap.get(current_group);
+        }
+        
+        if (groupPointer == null)
+          {
+            // We don't know about this group.  Create a new native
+            // group pointer for this group and store it in our map.
+           createRadioButton(0);
+          }
+        else
+          {
+            // We already know about this group.  Pass the
+            // corresponding native group pointer value to the native
+            // create method.
+            createRadioButton(groupPointer.longValue());
+          }
+      }
     currentState = checkbox.getState();
     gtkToggleButtonSetActive(currentState);
-    gtkButtonSetLabel (checkbox.getLabel ());
+    
+    String label = checkbox.getLabel();
+    if (label != null)
+      gtkButtonSetLabel(label);
   }
 
   /**
@@ -87,7 +129,7 @@ public class GtkCheckboxPeer extends GtkComponentPeer
    * event since events should only be posted for user initiated
    * clicks on the GtkCheckButton.
    */
-  synchronized public void setState (boolean state)
+  public synchronized void setState (boolean state)
   {
     if (currentState != state)
       {
@@ -103,21 +145,87 @@ public class GtkCheckboxPeer extends GtkComponentPeer
 
   public void setCheckboxGroup (CheckboxGroup group)
   {
-    GtkCheckboxGroupPeer gp
-      = GtkCheckboxGroupPeer.getCheckboxGroupPeer (group);
-    if (gp != old_group)
+    if (current_group == null && group != null)
       {
-	if (old_group != null)
-	  old_group.remove (this);
-	nativeSetCheckboxGroup (gp);
-	old_group = gp;
+        // This peer's owner is currently not in a group, and now
+        // we're adding it to a group.  This means that the backing
+        // GtkWidget will change from a GtkCheckButton to a
+        // GtkRadioButton.
+
+        current_group = group;
+
+        // See if the new group is already stored in our map.
+        Long groupPointer = null;
+        synchronized (groupMap)
+        {
+          groupPointer = (Long) groupMap.get(current_group);
+        }
+        
+        if (groupPointer == null)
+          {
+            // We don't know about this group.  Create a new native
+            // group pointer for this group and store it in our map.
+            addToGroup(0);
+          }
+        else
+          {
+            // We already know about this group.  Pass the
+            // corresponding native group pointer value to the native
+            // create method.
+            addToGroup(groupPointer.longValue());
+          }
+      }
+    else if (current_group != null && group == null)
+      {
+        // This peer's owner is currently in a group, and now we're
+        // removing it from a group.  This means that the backing
+        // GtkWidget will change from a GtkRadioButton to a
+        // GtkCheckButton.
+        removeFromGroup();
+        current_group = null;
+      }
+    else if (current_group == null && group == null)
+      {
+        // This peer's owner is currently not in a group, and we're
+        // not adding it to a group, so simply return.
+        return;
+      }
+    else if (current_group != group)
+      {
+        // This peer's owner is currently in a group, and now we're
+        // putting it in another group.  This means that we must
+        // remove the backing GtkRadioButton from one group and add it
+        // to the other group.
+
+        current_group = group;
+        
+        // See if the new group is already stored in our map.
+        Long groupPointer = null;
+        synchronized (groupMap)
+        {
+          groupPointer = (Long) groupMap.get(current_group);
+        }
+        
+        if (groupPointer == null)
+          {
+            // We don't know about this group.  Create a new native
+            // group pointer for this group and store it in our map.
+            switchToGroup(0);
+          }
+        else
+          {
+            // We already know about this group.  Pass the
+            // corresponding native group pointer value to the native
+            // create method.
+            switchToGroup(groupPointer.longValue());
+          }
       }
   }
 
   // Override the superclass postItemEvent so that the peer doesn't
   // need information that we have.
   // called back by native side: item_toggled_cb
-  synchronized public void postItemEvent(Object item, boolean state)
+  public synchronized void postItemEvent(Object item, boolean state)
   {
     // Only fire event is state actually changed.
     if (currentState != state)
@@ -127,13 +235,20 @@ public class GtkCheckboxPeer extends GtkComponentPeer
 			    state ? ItemEvent.SELECTED : ItemEvent.DESELECTED);
       }
   }
+  
+  public void addToGroupMap(long groupPointer)
+  {
+    synchronized (groupMap)
+    {
+      groupMap.put(current_group, new Long (groupPointer));
+    }
+  }
 
   public void dispose ()
   {
-    // Notify the group so that the native state can be cleaned up
-    // appropriately.
-    if (old_group != null)
-      old_group.remove (this);
+    groupMap.clear();
+    current_group = null;
+    currentState = false;
     super.dispose ();
   }
 }
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkClipboardNotifier.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkClipboardNotifier.java
index fdc7d50c5b5..61df796dc00 100644
--- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkClipboardNotifier.java
+++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkClipboardNotifier.java
@@ -1,5 +1,5 @@
 /* GtkClipboardNotifier.java -- Helper for announcing GtkSelection changes.
-   Copyright (C) 2005  Free Software Foundation, Inc.
+   Copyright (C) 2005, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -38,8 +38,6 @@ exception statement from your version. */
 
 package gnu.java.awt.peer.gtk;
 
-import java.awt.datatransfer.*;
-import java.util.*;
 
 class GtkClipboardNotifier extends Thread
 {
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkComponentPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkComponentPeer.java
index 625855f0117..c11c45e2070 100644
--- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkComponentPeer.java
+++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkComponentPeer.java
@@ -52,9 +52,12 @@ import java.awt.Font;
 import java.awt.FontMetrics;
 import java.awt.Graphics;
 import java.awt.GraphicsConfiguration;
+import java.awt.GraphicsDevice;
+import java.awt.GraphicsEnvironment;
 import java.awt.Image;
 import java.awt.Insets;
 import java.awt.ItemSelectable;
+import java.awt.KeyboardFocusManager;
 import java.awt.Point;
 import java.awt.Rectangle;
 import java.awt.Toolkit;
@@ -66,13 +69,13 @@ import java.awt.event.MouseEvent;
 import java.awt.event.MouseWheelEvent;
 import java.awt.event.PaintEvent;
 import java.awt.event.TextEvent;
-import java.awt.image.BufferedImage;
 import java.awt.image.ColorModel;
 import java.awt.image.ImageObserver;
 import java.awt.image.ImageProducer;
 import java.awt.image.VolatileImage;
 import java.awt.peer.ComponentPeer;
 import java.awt.peer.ContainerPeer;
+import java.awt.peer.LightweightPeer;
 import java.awt.peer.WindowPeer;
 import java.util.Timer;
 import java.util.TimerTask;
@@ -109,6 +112,9 @@ public class GtkComponentPeer extends GtkGenericPeer
   native void gtkWidgetRequestFocus ();
   native void gtkWidgetDispatchKeyEvent (int id, long when, int mods,
                                          int keyCode, int keyLocation);
+  native boolean gtkWidgetHasFocus();
+  native boolean gtkWidgetCanFocus();
+
   native void realize();
   native void setNativeEventMask ();
 
@@ -365,7 +371,7 @@ public class GtkComponentPeer extends GtkGenericPeer
 
   public void print (Graphics g) 
   {
-    throw new RuntimeException ();
+    g.drawImage( ComponentGraphics.grab( this ), 0, 0, null );
   }
 
   public void repaint (long tm, int x, int y, int width, int height)
@@ -414,8 +420,7 @@ public class GtkComponentPeer extends GtkGenericPeer
 
   public void requestFocus ()
   {
-    gtkWidgetRequestFocus();
-    postFocusEvent(FocusEvent.FOCUS_GAINED, false);
+    assert false: "Call new requestFocus() method instead";
   }
 
   public void reshape (int x, int y, int width, int height) 
@@ -628,6 +633,12 @@ public class GtkComponentPeer extends GtkGenericPeer
       q.postEvent(keyEvent);
   }
 
+  /**
+   * Referenced from native code.
+   *
+   * @param id
+   * @param temporary
+   */
   protected void postFocusEvent (int id, boolean temporary)
   {
     q().postEvent (new FocusEvent (awtComponent, id, temporary));
@@ -647,8 +658,10 @@ public class GtkComponentPeer extends GtkGenericPeer
 
   public GraphicsConfiguration getGraphicsConfiguration ()
   {
-    // FIXME: just a stub for now.
-    return null;
+    // FIXME: The component might be showing on a non-default screen.
+    GraphicsEnvironment env = GraphicsEnvironment.getLocalGraphicsEnvironment();
+    GraphicsDevice dev = env.getDefaultScreenDevice();
+    return dev.getDefaultConfiguration();
   }
 
   public void setEventMask (long mask)
@@ -661,10 +674,72 @@ public class GtkComponentPeer extends GtkGenericPeer
     return false;
   }
 
-  public boolean requestFocus (Component source, boolean b1, 
-                               boolean b2, long x)
+  public boolean requestFocus (Component request, boolean temporary, 
+                               boolean allowWindowFocus, long time)
   {
-    return false;
+    assert request == awtComponent || isLightweightDescendant(request);
+    boolean retval = false;
+    if (gtkWidgetHasFocus())
+      {
+        KeyboardFocusManager kfm =
+          KeyboardFocusManager.getCurrentKeyboardFocusManager();
+        Component currentFocus = kfm.getFocusOwner();
+        if (currentFocus == request)
+          // Nothing to do in this trivial case.
+          retval = true;
+        else
+          {
+            // Requested component is a lightweight descendant of this one
+            // or the actual heavyweight.
+            // Since this (native) component is already focused, we simply
+            // change the actual focus and be done.
+            postFocusEvent(FocusEvent.FOCUS_GAINED, temporary);
+            retval = true;
+          }
+      }
+    else
+      {
+        if (gtkWidgetCanFocus())
+          {
+            if (allowWindowFocus)
+              {
+                Window window = getWindowFor(request);
+                GtkWindowPeer wPeer = (GtkWindowPeer) window.getPeer();
+                if (! wPeer.gtkWindowHasFocus())
+                  wPeer.requestWindowFocus();
+              }
+            // Store requested focus component so that the corresponding
+            // event is dispatched correctly.
+            gtkWidgetRequestFocus();
+            retval = true;
+          }
+      }
+    return retval;
+  }
+
+  private Window getWindowFor(Component c)
+  {
+    Component comp = c;
+    while (! (comp instanceof Window))
+      comp = comp.getParent();
+    return (Window) comp;
+  }
+
+  /**
+   * Returns <code>true</code> if the component is a direct (== no intermediate
+   * heavyweights) lightweight descendant of this peer's component.
+   *
+   * @param c the component to check
+   *
+   * @return <code>true</code> if the component is a direct (== no intermediate
+   *         heavyweights) lightweight descendant of this peer's component
+   */
+  protected boolean isLightweightDescendant(Component c)
+  {
+    Component comp = c;
+    while (comp.getPeer() instanceof LightweightPeer)
+      comp = comp.getParent();
+    return comp == awtComponent;
   }
 
   public boolean isObscured ()
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkContainerPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkContainerPeer.java
index 06076e77f45..541de3d82a8 100644
--- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkContainerPeer.java
+++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkContainerPeer.java
@@ -42,10 +42,7 @@ import java.awt.Color;
 import java.awt.Component;
 import java.awt.Container;
 import java.awt.Font;
-import java.awt.Graphics;
 import java.awt.Insets;
-import java.awt.Window;
-import java.awt.peer.ComponentPeer;
 import java.awt.peer.ContainerPeer;
 
 public class GtkContainerPeer extends GtkComponentPeer
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkDialogPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkDialogPeer.java
index 3254f566d17..13906544d27 100644
--- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkDialogPeer.java
+++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkDialogPeer.java
@@ -1,5 +1,5 @@
 /* GtkDialogPeer.java -- Implements DialogPeer with GTK
-   Copyright (C) 1998, 1999, 2002 Free Software Foundation, Inc.
+   Copyright (C) 1998, 1999, 2002, 2006 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -39,9 +39,6 @@ exception statement from your version. */
 package gnu.java.awt.peer.gtk;
 
 import java.awt.Dialog;
-import java.awt.Graphics;
-import java.awt.Rectangle;
-import java.awt.event.PaintEvent;
 import java.awt.peer.DialogPeer;
 
 public class GtkDialogPeer extends GtkWindowPeer
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkFramePeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkFramePeer.java
index 6ec0b72982b..bb6f8b3bb3b 100644
--- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkFramePeer.java
+++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkFramePeer.java
@@ -39,11 +39,9 @@ exception statement from your version. */
 package gnu.java.awt.peer.gtk;
 
 import java.awt.Frame;
-import java.awt.Graphics;
 import java.awt.Image;
 import java.awt.MenuBar;
 import java.awt.Rectangle;
-import java.awt.event.PaintEvent;
 import java.awt.peer.FramePeer;
 import java.awt.peer.MenuBarPeer;
 
@@ -218,11 +216,7 @@ public class GtkFramePeer extends GtkWindowPeer
     // TODO Auto-generated method stub
     
   }
-  public void updateAlwaysOnTop()
-  {
-    // TODO Auto-generated method stub
-    
-  }
+
   public boolean requestWindowFocus()
   {
     // TODO Auto-generated method stub
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkImage.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkImage.java
index ef96518a1c0..0fd98bbd7b4 100644
--- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkImage.java
+++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkImage.java
@@ -39,12 +39,10 @@ exception statement from your version. */
 package gnu.java.awt.peer.gtk;
 
 import java.awt.Graphics;
-import java.awt.Color;
 import java.awt.Image;
 import java.awt.image.ColorModel;
 import java.awt.image.DirectColorModel;
 import java.awt.image.MemoryImageSource;
-import java.awt.image.ImageConsumer;
 import java.awt.image.ImageObserver;
 import java.awt.image.ImageProducer;
 import java.io.File;
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkImageConsumer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkImageConsumer.java
index 299f01dcaa6..f1a74b8cc99 100644
--- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkImageConsumer.java
+++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkImageConsumer.java
@@ -1,5 +1,5 @@
 /* GtkImageConsumer.java
-   Copyright (C) 2005 Free Software Foundation, Inc.
+   Copyright (C) 2005, 2006 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -38,16 +38,11 @@ exception statement from your version. */
 
 package gnu.java.awt.peer.gtk;
 
-import java.awt.Graphics;
-import java.awt.Image;
 import java.awt.image.ColorModel;
-import java.awt.image.DirectColorModel;
 import java.awt.image.ImageConsumer;
-import java.awt.image.ImageObserver;
 import java.awt.image.ImageProducer;
 import java.awt.image.MemoryImageSource;
 import java.util.Hashtable;
-import java.util.Vector;
 
 /**
  * Helper class to GtkImage. Sits and gathers pixels for a GtkImage and then
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkLabelPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkLabelPeer.java
index bbf4230b3ca..02db90d72bd 100644
--- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkLabelPeer.java
+++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkLabelPeer.java
@@ -56,7 +56,7 @@ public class GtkLabelPeer extends GtkComponentPeer
 
   native void nativeSetAlignment (float alignment);
 
-  public native void setText(String text);
+  public native void setNativeText(String text);
   native void setNativeBounds (int x, int y, int width, int height);
 
   // Because this is a composite widget, we need to retrieve the
@@ -69,6 +69,12 @@ public class GtkLabelPeer extends GtkComponentPeer
     create (label.getText (), getGtkAlignment (label.getAlignment ()));
   }
 
+  public void setText(String text)
+  {
+    if (text != null)
+      setNativeText(text);
+  }
+  
   public GtkLabelPeer (Label l)
   {
     super (l);
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkMenuBarPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkMenuBarPeer.java
index d203b437f38..898f224f5e1 100644
--- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkMenuBarPeer.java
+++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkMenuBarPeer.java
@@ -38,12 +38,9 @@ exception statement from your version. */
 
 package gnu.java.awt.peer.gtk;
 
-import java.awt.Font;
 import java.awt.Menu;
 import java.awt.MenuBar;
-import java.awt.MenuComponent;
 import java.awt.peer.MenuBarPeer;
-import java.awt.peer.MenuPeer;
 
 public class GtkMenuBarPeer extends GtkMenuComponentPeer
   implements MenuBarPeer
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkMenuItemPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkMenuItemPeer.java
index 251bab233d7..ea523e953e7 100644
--- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkMenuItemPeer.java
+++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkMenuItemPeer.java
@@ -38,13 +38,8 @@ exception statement from your version. */
 
 package gnu.java.awt.peer.gtk;
 
-import java.awt.Font;
-import java.awt.Menu;
-import java.awt.MenuBar;
-import java.awt.MenuComponent;
 import java.awt.MenuItem;
 import java.awt.peer.MenuItemPeer;
-import java.awt.peer.MenuPeer;
 
 public class GtkMenuItemPeer extends GtkMenuComponentPeer
   implements MenuItemPeer
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkMouseInfoPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkMouseInfoPeer.java
new file mode 100644
index 00000000000..02bf84d4e8e
--- /dev/null
+++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkMouseInfoPeer.java
@@ -0,0 +1,76 @@
+/* GtkToolkit.java -- Implements an AWT Toolkit using GTK for peers
+   Copyright (C) 2006
+   Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.java.awt.peer.gtk;
+
+import java.awt.Point;
+import java.awt.GraphicsDevice;
+import java.awt.Window;
+import java.awt.peer.MouseInfoPeer;
+
+/**
+ * The MouseInfoPeer is so small, I'm including it here.
+ */
+public class GtkMouseInfoPeer implements MouseInfoPeer
+{
+  private static GdkGraphicsEnvironment gde = new GdkGraphicsEnvironment();
+  
+  public int fillPointWithCoords(Point p)
+  {
+    int[] coords = gde.getMouseCoordinates();
+      p.x = coords[1]; 
+      p.y = coords[2];
+      return coords[0];
+  }
+  
+  public boolean isWindowUnderMouse(Window w)
+  {
+    int[] coords = gde.getMouseCoordinates();
+    GraphicsDevice[] gds = gde.getScreenDevices();
+
+    // Check if the screen  of the Window and the cursor match
+    if( gds[ coords[0] ] != w.getGraphicsConfiguration().getDevice() )
+      return false;
+
+    // Return the bounds-check.
+    Point p = w.getLocationOnScreen();
+    return (coords[1] >= p.x && coords[1] < p.x + w.getWidth() &&
+	    coords[2] >= p.y && coords[2] < p.y + w.getHeight() );
+    }
+}
+
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkPanelPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkPanelPeer.java
index 51fe2bc8e0c..e0053f763f5 100644
--- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkPanelPeer.java
+++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkPanelPeer.java
@@ -1,5 +1,5 @@
 /* GtkPanelPeer.java -- Implements PanelPeer with GTK
-   Copyright (C) 1998, 1999 Free Software Foundation, Inc.
+   Copyright (C) 1998, 1999, 2006 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -41,7 +41,6 @@ package gnu.java.awt.peer.gtk;
 import java.awt.AWTEvent;
 import java.awt.Panel;
 import java.awt.event.MouseEvent;
-import java.awt.event.PaintEvent;
 import java.awt.peer.PanelPeer;
 
 public class GtkPanelPeer extends GtkContainerPeer
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkPopupMenuPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkPopupMenuPeer.java
index 525a910bc1b..4d66a3f509d 100644
--- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkPopupMenuPeer.java
+++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkPopupMenuPeer.java
@@ -40,7 +40,6 @@ package gnu.java.awt.peer.gtk;
 
 import java.awt.Component;
 import java.awt.Event;
-import java.awt.MenuItem;
 import java.awt.Point;
 import java.awt.PopupMenu;
 import java.awt.peer.PopupMenuPeer;
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkScrollbarPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkScrollbarPeer.java
index 9b31a7390e0..e4147d36c97 100644
--- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkScrollbarPeer.java
+++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkScrollbarPeer.java
@@ -38,8 +38,6 @@ exception statement from your version. */
 
 package gnu.java.awt.peer.gtk;
 
-import java.awt.Adjustable;
-import java.awt.EventQueue;
 import java.awt.Scrollbar;
 import java.awt.event.AdjustmentEvent;
 import java.awt.peer.ScrollbarPeer;
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkToolkit.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkToolkit.java
index 163fc52f78a..6aa87fc2ecf 100644
--- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkToolkit.java
+++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkToolkit.java
@@ -39,32 +39,83 @@ exception statement from your version. */
 
 package gnu.java.awt.peer.gtk;
 
-import gnu.classpath.Configuration;
 import gnu.java.awt.EmbeddedWindow;
+import gnu.java.awt.dnd.GtkMouseDragGestureRecognizer;
+import gnu.java.awt.dnd.peer.gtk.GtkDragSourceContextPeer;
 import gnu.java.awt.peer.ClasspathFontPeer;
-import gnu.java.awt.peer.ClasspathTextLayoutPeer;
 import gnu.java.awt.peer.EmbeddedWindowPeer;
 
-import java.awt.*;
+import java.awt.AWTException;
+import java.awt.Button;
+import java.awt.Canvas;
+import java.awt.Checkbox;
+import java.awt.CheckboxMenuItem;
+import java.awt.Choice;
+import java.awt.Component;
+import java.awt.Cursor;
+import java.awt.Dialog;
+import java.awt.Dimension;
+import java.awt.EventQueue;
+import java.awt.FileDialog;
+import java.awt.Font;
+import java.awt.FontMetrics;
+import java.awt.Frame;
+import java.awt.GraphicsDevice;
+import java.awt.GraphicsEnvironment;
+import java.awt.Image;
+import java.awt.Label;
+import java.awt.List;
+import java.awt.Menu;
+import java.awt.MenuBar;
+import java.awt.MenuItem;
+import java.awt.Panel;
+import java.awt.Point;
+import java.awt.PopupMenu;
+import java.awt.PrintJob;
+import java.awt.Rectangle;
+import java.awt.ScrollPane;
+import java.awt.Scrollbar;
+import java.awt.TextArea;
+import java.awt.TextField;
+import java.awt.Window;
 import java.awt.datatransfer.Clipboard;
 import java.awt.dnd.DragGestureEvent;
+import java.awt.dnd.DragGestureListener;
+import java.awt.dnd.DragGestureRecognizer;
+import java.awt.dnd.DragSource;
 import java.awt.dnd.peer.DragSourceContextPeer;
-import java.awt.font.FontRenderContext;
 import java.awt.im.InputMethodHighlight;
-import java.awt.image.BufferedImage;
 import java.awt.image.ColorModel;
 import java.awt.image.DirectColorModel;
-import java.awt.image.ImageConsumer;
 import java.awt.image.ImageObserver;
 import java.awt.image.ImageProducer;
-import java.awt.peer.*;
+import java.awt.peer.ButtonPeer;
+import java.awt.peer.CanvasPeer;
+import java.awt.peer.CheckboxMenuItemPeer;
+import java.awt.peer.CheckboxPeer;
+import java.awt.peer.ChoicePeer;
+import java.awt.peer.DialogPeer;
+import java.awt.peer.FileDialogPeer;
+import java.awt.peer.FontPeer;
+import java.awt.peer.FramePeer;
+import java.awt.peer.LabelPeer;
+import java.awt.peer.ListPeer;
+import java.awt.peer.MenuBarPeer;
+import java.awt.peer.MenuItemPeer;
+import java.awt.peer.MouseInfoPeer;
+import java.awt.peer.MenuPeer;
+import java.awt.peer.PanelPeer;
+import java.awt.peer.PopupMenuPeer;
+import java.awt.peer.RobotPeer;
+import java.awt.peer.ScrollPanePeer;
+import java.awt.peer.ScrollbarPeer;
+import java.awt.peer.TextAreaPeer;
+import java.awt.peer.TextFieldPeer;
+import java.awt.peer.WindowPeer;
 import java.io.InputStream;
 import java.net.URL;
-import java.text.AttributedString;
 import java.util.HashMap;
-import java.util.HashSet;
 import java.util.Hashtable;
-import java.util.Iterator;
 import java.util.LinkedHashMap;
 import java.util.Map;
 import java.util.Properties;
@@ -310,6 +361,11 @@ public class GtkToolkit extends gnu.java.awt.ClasspathToolkit
 
   public PrintJob getPrintJob (Frame frame, String jobtitle, Properties props) 
   {
+    SecurityManager sm;
+    sm = System.getSecurityManager();
+    if (sm != null)
+      sm.checkPrintJobAccess();
+
     return null;
   }
 
@@ -528,12 +584,6 @@ public class GtkToolkit extends gnu.java.awt.ClasspathToolkit
       }
   }
 
-  public ClasspathTextLayoutPeer getClasspathTextLayoutPeer (AttributedString str, 
-                                                             FontRenderContext frc)
-  {
-    return new GdkTextLayout(str, frc);
-  }
-
   protected EventQueue getSystemEventQueueImpl() 
   {
     synchronized (GtkToolkit.class)
@@ -555,7 +605,26 @@ public class GtkToolkit extends gnu.java.awt.ClasspathToolkit
 
   public DragSourceContextPeer createDragSourceContextPeer(DragGestureEvent e)
   {
-    throw new Error("not implemented");
+    return new GtkDragSourceContextPeer(e);
+  }
+  
+  public DragGestureRecognizer createDragGestureRecognizer(Class recognizer,
+                                                           DragSource ds,
+                                                           Component comp,
+                                                           int actions,
+                                                           DragGestureListener l)
+  {
+    if (recognizer.getName().equals("java.awt.dnd.MouseDragGestureRecognizer"))
+      {
+        GtkMouseDragGestureRecognizer gestureRecognizer
+          = new GtkMouseDragGestureRecognizer(ds, comp, actions, l);
+        gestureRecognizer.registerListeners();
+        return gestureRecognizer;
+      }
+    else
+      {
+        return null;
+      }
   }
 
   public Map mapInputMethodHighlight(InputMethodHighlight highlight)
@@ -593,4 +662,12 @@ public class GtkToolkit extends gnu.java.awt.ClasspathToolkit
   }
 
   public static native void gtkMain();
+
+  protected MouseInfoPeer getMouseInfoPeer()
+  {
+    return new GtkMouseInfoPeer();
+  }
+
+  public native int getMouseNumberOfButtons();
+
 } // class GtkToolkit
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkVolatileImage.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkVolatileImage.java
index f38007f19d1..44e7b027b0b 100644
--- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkVolatileImage.java
+++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkVolatileImage.java
@@ -50,6 +50,8 @@ public class GtkVolatileImage extends VolatileImage
   int width, height;
   private ImageCapabilities caps;
 
+  final GtkComponentPeer component;
+
   /**
    * Don't touch, accessed from native code.
    */
@@ -85,6 +87,7 @@ public class GtkVolatileImage extends VolatileImage
     this.width = width;
     this.height = height;
     this.caps = caps;
+    this.component = component;
     nativePointer = init( component, width, height );
   }
 
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkWindowPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkWindowPeer.java
index d15beacb4db..866d9c8816a 100644
--- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkWindowPeer.java
+++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkWindowPeer.java
@@ -38,13 +38,14 @@ exception statement from your version. */
 
 package gnu.java.awt.peer.gtk;
 
-import java.awt.AWTEvent;
 import java.awt.Component;
 import java.awt.Frame;
 import java.awt.Graphics;
+import java.awt.KeyboardFocusManager;
 import java.awt.Rectangle;
 import java.awt.Window;
 import java.awt.event.ComponentEvent;
+import java.awt.event.FocusEvent;
 import java.awt.event.PaintEvent;
 import java.awt.event.WindowEvent;
 import java.awt.peer.WindowPeer;
@@ -70,7 +71,8 @@ public class GtkWindowPeer extends GtkContainerPeer
   native void gtkWindowSetTitle (String title);
   native void gtkWindowSetResizable (boolean resizable);
   native void gtkWindowSetModal (boolean modal);
-
+  native void gtkWindowSetAlwaysOnTop ( boolean alwaysOnTop );
+  native boolean gtkWindowHasFocus();
   native void realize ();
 
   /** Returns the cached width of the AWT window component. */
@@ -275,10 +277,13 @@ public class GtkWindowPeer extends GtkContainerPeer
     else
       q().postEvent (new WindowEvent ((Window) awtComponent, id, opposite));
   }
+
+  /**
+   * Update the always-on-top status of the native window.
+   */
   public void updateAlwaysOnTop()
   {
-    // TODO Auto-generated method stub
-    
+    gtkWindowSetAlwaysOnTop( ((Window)awtComponent).isAlwaysOnTop() );
   }
 
   protected void postExposeEvent (int x, int y, int width, int height)
@@ -299,7 +304,40 @@ public class GtkWindowPeer extends GtkContainerPeer
     // TODO Auto-generated method stub
     return false;
   }
-  
+
+  public boolean requestFocus (Component request, boolean temporary, 
+                               boolean allowWindowFocus, long time)
+  {
+    assert request == awtComponent || isLightweightDescendant(request);
+    boolean retval = false;
+    if (gtkWindowHasFocus())
+      {
+        KeyboardFocusManager kfm =
+          KeyboardFocusManager.getCurrentKeyboardFocusManager();
+        Component currentFocus = kfm.getFocusOwner();
+        if (currentFocus == request)
+          // Nothing to do in this trivial case.
+          retval = true;
+        else
+          {
+            // Requested component is a lightweight descendant of this one
+            // or the actual heavyweight.
+            // Since this (native) component is already focused, we simply
+            // change the actual focus and be done.
+            postFocusEvent(FocusEvent.FOCUS_GAINED, temporary);
+            retval = true;
+          }
+      }
+    else
+      {
+        if (allowWindowFocus)
+          {
+            retval = requestWindowFocus();
+          }
+      }
+    return retval;
+  }
+
   public Graphics getGraphics ()
   {
     Graphics g = super.getGraphics ();
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/VolatileImageGraphics.java b/libjava/classpath/gnu/java/awt/peer/gtk/VolatileImageGraphics.java
index fa84ea0c797..58496559320 100644
--- a/libjava/classpath/gnu/java/awt/peer/gtk/VolatileImageGraphics.java
+++ b/libjava/classpath/gnu/java/awt/peer/gtk/VolatileImageGraphics.java
@@ -38,25 +38,11 @@ exception statement from your version. */
 
 package gnu.java.awt.peer.gtk;
 
-import java.awt.Color;
 import java.awt.Graphics;
-import java.awt.Graphics2D;
 import java.awt.GraphicsConfiguration;
 import java.awt.Image;
-import java.awt.Point;
-import java.awt.Rectangle;
-import java.awt.Shape;
-import java.awt.font.GlyphVector;
-import java.awt.geom.AffineTransform;
 import java.awt.geom.Rectangle2D;
-import java.awt.image.BufferedImage;
-import java.awt.image.DataBuffer;
-import java.awt.image.DataBufferInt;
-import java.awt.image.ColorModel;
-import java.awt.image.DirectColorModel;
-import java.awt.image.RenderedImage;
 import java.awt.image.ImageObserver;
-import java.util.WeakHashMap;
 
 public class VolatileImageGraphics extends ComponentGraphics
 {
@@ -83,7 +69,7 @@ public class VolatileImageGraphics extends ComponentGraphics
 
   public GraphicsConfiguration getDeviceConfiguration()
   {
-    return null;
+    return owner.component.getGraphicsConfiguration();
   }
 
   public Graphics create()
diff --git a/libjava/classpath/gnu/java/awt/peer/qt/QtCheckboxPeer.java b/libjava/classpath/gnu/java/awt/peer/qt/QtCheckboxPeer.java
index 788e08ee12a..acac5e460a4 100644
--- a/libjava/classpath/gnu/java/awt/peer/qt/QtCheckboxPeer.java
+++ b/libjava/classpath/gnu/java/awt/peer/qt/QtCheckboxPeer.java
@@ -1,5 +1,5 @@
 /* QtCheckboxPeer.java --
-   Copyright (C)  2005  Free Software Foundation, Inc.
+   Copyright (C)  2005, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -37,7 +37,6 @@ exception statement from your version. */
 
 package gnu.java.awt.peer.qt;
 
-import java.awt.Rectangle;
 import java.awt.Checkbox;
 import java.awt.CheckboxGroup;
 import java.awt.event.ItemEvent;
diff --git a/libjava/classpath/gnu/java/awt/peer/qt/QtComponentGraphics.java b/libjava/classpath/gnu/java/awt/peer/qt/QtComponentGraphics.java
index 7395a8e6c81..c5c839e321a 100644
--- a/libjava/classpath/gnu/java/awt/peer/qt/QtComponentGraphics.java
+++ b/libjava/classpath/gnu/java/awt/peer/qt/QtComponentGraphics.java
@@ -1,5 +1,5 @@
 /* QtComponentGraphics.java --
-   Copyright (C)  2005  Free Software Foundation, Inc.
+   Copyright (C)  2005, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -40,9 +40,7 @@ package gnu.java.awt.peer.qt;
 import java.awt.Color;
 import java.awt.GraphicsConfiguration;
 import java.awt.Graphics;
-import java.awt.Graphics2D;
 import java.awt.Rectangle;
-import java.awt.Paint;
 
 /**
  * QtComponentPainter is a Graphics2D context for painting directly to AWT 
diff --git a/libjava/classpath/gnu/java/awt/peer/qt/QtComponentPeer.java b/libjava/classpath/gnu/java/awt/peer/qt/QtComponentPeer.java
index d5662a86169..4d7b58c4d87 100644
--- a/libjava/classpath/gnu/java/awt/peer/qt/QtComponentPeer.java
+++ b/libjava/classpath/gnu/java/awt/peer/qt/QtComponentPeer.java
@@ -1,5 +1,5 @@
 /* QtComponentPeer.java --
-   Copyright (C)  2005  Free Software Foundation, Inc.
+   Copyright (C)  2005, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -41,7 +41,6 @@ import java.awt.AWTEvent;
 import java.awt.AWTException;
 import java.awt.BufferCapabilities;
 import java.awt.Component;
-import java.awt.Container;
 import java.awt.Color;
 import java.awt.Cursor;
 import java.awt.Dimension;
diff --git a/libjava/classpath/gnu/java/awt/peer/qt/QtContainerPeer.java b/libjava/classpath/gnu/java/awt/peer/qt/QtContainerPeer.java
index 3782d781597..ec04b0567d8 100644
--- a/libjava/classpath/gnu/java/awt/peer/qt/QtContainerPeer.java
+++ b/libjava/classpath/gnu/java/awt/peer/qt/QtContainerPeer.java
@@ -1,5 +1,5 @@
 /* QtContainerPeer.java --
-   Copyright (C)  2005  Free Software Foundation, Inc.
+   Copyright (C)  2005, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -37,7 +37,6 @@ exception statement from your version. */
 
 package gnu.java.awt.peer.qt;
 
-import java.awt.Container;
 import java.awt.Component;
 import java.awt.Insets;
 import java.awt.peer.ContainerPeer;
diff --git a/libjava/classpath/gnu/java/awt/peer/qt/QtDialogPeer.java b/libjava/classpath/gnu/java/awt/peer/qt/QtDialogPeer.java
index 0da2e4ebc95..23e5c065396 100644
--- a/libjava/classpath/gnu/java/awt/peer/qt/QtDialogPeer.java
+++ b/libjava/classpath/gnu/java/awt/peer/qt/QtDialogPeer.java
@@ -1,5 +1,5 @@
 /* QtDialogPeer.java --
-   Copyright (C)  2005  Free Software Foundation, Inc.
+   Copyright (C)  2005, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -38,8 +38,6 @@ exception statement from your version. */
 package gnu.java.awt.peer.qt;
 
 import java.awt.Dialog;
-import java.awt.MenuBar;
-import java.awt.Rectangle;
 import java.awt.peer.DialogPeer;
 
 public class QtDialogPeer extends QtWindowPeer implements DialogPeer
diff --git a/libjava/classpath/gnu/java/awt/peer/qt/QtEmbeddedWindowPeer.java b/libjava/classpath/gnu/java/awt/peer/qt/QtEmbeddedWindowPeer.java
index cac12b91a99..0f859b78e4f 100644
--- a/libjava/classpath/gnu/java/awt/peer/qt/QtEmbeddedWindowPeer.java
+++ b/libjava/classpath/gnu/java/awt/peer/qt/QtEmbeddedWindowPeer.java
@@ -1,5 +1,5 @@
 /* QtEmbeddedWindowPeer.java -- embedded window peer
-   Copyright (C)  2005  Free Software Foundation, Inc.
+   Copyright (C)  2005, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -38,7 +38,6 @@ exception statement from your version. */
 package gnu.java.awt.peer.qt;
 
 import java.awt.Component;
-import java.awt.peer.WindowPeer;
 import gnu.java.awt.peer.EmbeddedWindowPeer;
 
 /** 
diff --git a/libjava/classpath/gnu/java/awt/peer/qt/QtFontMetrics.java b/libjava/classpath/gnu/java/awt/peer/qt/QtFontMetrics.java
index e403239e9e9..2438fcc3282 100644
--- a/libjava/classpath/gnu/java/awt/peer/qt/QtFontMetrics.java
+++ b/libjava/classpath/gnu/java/awt/peer/qt/QtFontMetrics.java
@@ -1,5 +1,5 @@
 /* QtFontMetrics.java --
-   Copyright (C)  2005  Free Software Foundation, Inc.
+   Copyright (C)  2005, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -41,9 +41,6 @@ import java.awt.Font;
 import java.awt.FontMetrics;
 import java.awt.Graphics;
 import java.awt.geom.Rectangle2D;
-import java.awt.font.FontRenderContext;
-import java.awt.font.GlyphVector;
-import java.awt.font.LineMetrics;
 
 public class QtFontMetrics extends FontMetrics
 {
diff --git a/libjava/classpath/gnu/java/awt/peer/qt/QtFontPeer.java b/libjava/classpath/gnu/java/awt/peer/qt/QtFontPeer.java
index ee88c7dd5d0..d847a805396 100644
--- a/libjava/classpath/gnu/java/awt/peer/qt/QtFontPeer.java
+++ b/libjava/classpath/gnu/java/awt/peer/qt/QtFontPeer.java
@@ -1,5 +1,5 @@
 /* QtFontPeer.java --
-   Copyright (C)  2005  Free Software Foundation, Inc.
+   Copyright (C)  2005, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -46,7 +46,6 @@ import java.awt.font.LineMetrics;
 import java.text.CharacterIterator;
 import java.util.Locale;
 import java.util.Map;
-import java.awt.peer.FontPeer;
 
 import gnu.java.awt.peer.ClasspathFontPeer;
 
diff --git a/libjava/classpath/gnu/java/awt/peer/qt/QtGraphics.java b/libjava/classpath/gnu/java/awt/peer/qt/QtGraphics.java
index f9b4f26729f..842cbbbf8ba 100644
--- a/libjava/classpath/gnu/java/awt/peer/qt/QtGraphics.java
+++ b/libjava/classpath/gnu/java/awt/peer/qt/QtGraphics.java
@@ -1,5 +1,5 @@
 /* QtGraphics.java --
-   Copyright (C)  2005  Free Software Foundation, Inc.
+   Copyright (C)  2005, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -38,6 +38,7 @@ exception statement from your version. */
 package gnu.java.awt.peer.qt;
 
 import java.awt.AlphaComposite;
+import java.awt.AWTPermission;
 import java.awt.BasicStroke;
 import java.awt.Color;
 import java.awt.Composite;
@@ -57,7 +58,6 @@ import java.awt.Stroke;
 import java.awt.font.FontRenderContext;
 import java.awt.font.GlyphVector;
 import java.awt.geom.AffineTransform;
-import java.awt.geom.PathIterator;
 import java.awt.geom.Arc2D;
 import java.awt.geom.Ellipse2D;
 import java.awt.geom.Line2D;
@@ -605,8 +605,16 @@ public abstract class QtGraphics extends Graphics2D
 	composite = comp;
       }
     else
-      throw new UnsupportedOperationException("We don't support custom"+
-					      " composites yet.");
+      {
+	// FIXME: this check is only required "if this Graphics2D
+	// context is drawing to a Component on the display screen".
+	SecurityManager sm = System.getSecurityManager();
+	if (sm != null)
+	  sm.checkPermission(new AWTPermission("readDisplayPixels"));
+
+	throw new UnsupportedOperationException("We don't support custom"+
+						" composites yet.");
+      }
   }
 
   public Composite getComposite()
diff --git a/libjava/classpath/gnu/java/awt/peer/qt/QtGraphicsEnvironment.java b/libjava/classpath/gnu/java/awt/peer/qt/QtGraphicsEnvironment.java
index 142b140cf14..15a01592277 100644
--- a/libjava/classpath/gnu/java/awt/peer/qt/QtGraphicsEnvironment.java
+++ b/libjava/classpath/gnu/java/awt/peer/qt/QtGraphicsEnvironment.java
@@ -1,5 +1,5 @@
 /* QtGraphicsEnvironment.java --
-   Copyright (C)  2005  Free Software Foundation, Inc.
+   Copyright (C)  2005, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -41,7 +41,6 @@ import java.awt.Font;
 import java.awt.Graphics2D;
 import java.awt.GraphicsDevice;
 import java.awt.GraphicsEnvironment;
-import java.awt.HeadlessException;
 import java.awt.image.BufferedImage;
 import java.util.Locale;
 
diff --git a/libjava/classpath/gnu/java/awt/peer/qt/QtImage.java b/libjava/classpath/gnu/java/awt/peer/qt/QtImage.java
index 90954643570..b6fbb1dca41 100644
--- a/libjava/classpath/gnu/java/awt/peer/qt/QtImage.java
+++ b/libjava/classpath/gnu/java/awt/peer/qt/QtImage.java
@@ -1,5 +1,5 @@
 /* QtImage.java --
-   Copyright (C)  2005  Free Software Foundation, Inc.
+   Copyright (C)  2005, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -43,7 +43,6 @@ import java.awt.Image;
 import java.awt.image.ColorModel;
 import java.awt.image.DirectColorModel;
 import java.awt.image.MemoryImageSource;
-import java.awt.image.ImageConsumer;
 import java.awt.image.ImageObserver;
 import java.awt.image.ImageProducer;
 import java.io.File;
diff --git a/libjava/classpath/gnu/java/awt/peer/qt/QtImageConsumer.java b/libjava/classpath/gnu/java/awt/peer/qt/QtImageConsumer.java
index aec0671f8e0..7096c21e48d 100644
--- a/libjava/classpath/gnu/java/awt/peer/qt/QtImageConsumer.java
+++ b/libjava/classpath/gnu/java/awt/peer/qt/QtImageConsumer.java
@@ -1,5 +1,5 @@
 /* QtImageConsumer.java --
-   Copyright (C)  2005  Free Software Foundation, Inc.
+   Copyright (C)  2005, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -37,15 +37,10 @@ exception statement from your version. */
 
 package gnu.java.awt.peer.qt;
 
-import java.awt.Graphics;
-import java.awt.Image;
 import java.awt.image.ColorModel;
-import java.awt.image.DirectColorModel;
 import java.awt.image.ImageConsumer;
-import java.awt.image.ImageObserver;
 import java.awt.image.ImageProducer;
 import java.util.Hashtable;
-import java.util.Vector;
 
 /**
  * Helper class to QtImage. Sits and gathers pixels for a QtImage and then
diff --git a/libjava/classpath/gnu/java/awt/peer/qt/QtImageDirectGraphics.java b/libjava/classpath/gnu/java/awt/peer/qt/QtImageDirectGraphics.java
index 5a6f3189a7a..d49084af831 100644
--- a/libjava/classpath/gnu/java/awt/peer/qt/QtImageDirectGraphics.java
+++ b/libjava/classpath/gnu/java/awt/peer/qt/QtImageDirectGraphics.java
@@ -1,5 +1,5 @@
 /* QtImageDirectGraphics.java --
-   Copyright (C)  2005  Free Software Foundation, Inc.
+   Copyright (C)  2005, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -38,29 +38,10 @@ exception statement from your version. */
 package gnu.java.awt.peer.qt;
 
 import java.awt.Color;
-import java.awt.GraphicsConfiguration;
-import java.awt.Graphics;
-import java.awt.Graphics2D;
 import java.awt.Image;
-import java.awt.Paint;
-import java.awt.Rectangle;
-import java.util.Stack;
 import java.awt.Shape;
-import java.awt.Stroke;
-import java.awt.font.FontRenderContext;
-import java.awt.font.GlyphVector;
 import java.awt.geom.AffineTransform;
-import java.awt.geom.PathIterator;
-import java.awt.geom.Arc2D;
-import java.awt.geom.Ellipse2D;
-import java.awt.geom.Line2D;
-import java.awt.geom.Rectangle2D;
-import java.awt.geom.RoundRectangle2D;
-import java.awt.image.BufferedImage;
-import java.awt.image.BufferedImageOp;
 import java.awt.image.ImageObserver;
-import java.awt.image.RenderedImage;
-import java.awt.image.renderable.RenderableImage;
 
 /**
  * A QtImagePainter that does an update after every drawing op.
diff --git a/libjava/classpath/gnu/java/awt/peer/qt/QtImageGraphics.java b/libjava/classpath/gnu/java/awt/peer/qt/QtImageGraphics.java
index f8a7e51d398..1224d69150f 100644
--- a/libjava/classpath/gnu/java/awt/peer/qt/QtImageGraphics.java
+++ b/libjava/classpath/gnu/java/awt/peer/qt/QtImageGraphics.java
@@ -1,5 +1,5 @@
 /* QtImageGraphics.java --
-   Copyright (C)  2005  Free Software Foundation, Inc.
+   Copyright (C)  2005, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -40,9 +40,7 @@ package gnu.java.awt.peer.qt;
 import java.awt.Color;
 import java.awt.GraphicsConfiguration;
 import java.awt.Graphics;
-import java.awt.Graphics2D;
 import java.awt.Image;
-import java.awt.Paint;
 import java.awt.Rectangle;
 import java.util.Stack;
 
diff --git a/libjava/classpath/gnu/java/awt/peer/qt/QtMenuBarPeer.java b/libjava/classpath/gnu/java/awt/peer/qt/QtMenuBarPeer.java
index d8f0d1f8892..c91b37f3711 100644
--- a/libjava/classpath/gnu/java/awt/peer/qt/QtMenuBarPeer.java
+++ b/libjava/classpath/gnu/java/awt/peer/qt/QtMenuBarPeer.java
@@ -1,5 +1,5 @@
 /* QtMenuBarPeer.java -- Qt peer for a menu bar.
-   Copyright (C)  2005  Free Software Foundation, Inc.
+   Copyright (C)  2005, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -40,7 +40,6 @@ package gnu.java.awt.peer.qt;
 import java.awt.Menu;
 import java.awt.MenuBar;
 import java.awt.peer.MenuBarPeer;
-import java.util.Vector;
 
 public class QtMenuBarPeer extends QtMenuComponentPeer implements MenuBarPeer
 {
diff --git a/libjava/classpath/gnu/java/awt/peer/qt/QtMenuItemPeer.java b/libjava/classpath/gnu/java/awt/peer/qt/QtMenuItemPeer.java
index 34753cb359b..7658ff078f1 100644
--- a/libjava/classpath/gnu/java/awt/peer/qt/QtMenuItemPeer.java
+++ b/libjava/classpath/gnu/java/awt/peer/qt/QtMenuItemPeer.java
@@ -1,5 +1,5 @@
 /* QtMenuItemPeer.java --
-   Copyright (C)  2005  Free Software Foundation, Inc.
+   Copyright (C)  2005, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -37,7 +37,6 @@ exception statement from your version. */
 
 package gnu.java.awt.peer.qt;
 
-import java.awt.Menu;
 import java.awt.MenuItem;
 import java.awt.CheckboxMenuItem;
 import java.awt.event.ActionEvent;
diff --git a/libjava/classpath/gnu/java/awt/peer/qt/QtPopupMenuPeer.java b/libjava/classpath/gnu/java/awt/peer/qt/QtPopupMenuPeer.java
index 81577cc6c52..b96c5c51045 100644
--- a/libjava/classpath/gnu/java/awt/peer/qt/QtPopupMenuPeer.java
+++ b/libjava/classpath/gnu/java/awt/peer/qt/QtPopupMenuPeer.java
@@ -1,5 +1,5 @@
 /* QtPopupMenuPeer.java --
-   Copyright (C)  2005  Free Software Foundation, Inc.
+   Copyright (C)  2005, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -38,12 +38,9 @@ exception statement from your version. */
 package gnu.java.awt.peer.qt;
 
 import java.awt.Component;
-import java.awt.Menu;
-import java.awt.MenuItem;
 import java.awt.Point;
 import java.awt.PopupMenu;
 import java.awt.Event;
-import java.awt.event.ActionEvent;
 import java.awt.peer.PopupMenuPeer;
 
 public class QtPopupMenuPeer extends QtMenuPeer implements PopupMenuPeer
diff --git a/libjava/classpath/gnu/java/awt/peer/qt/QtScreenDeviceConfiguration.java b/libjava/classpath/gnu/java/awt/peer/qt/QtScreenDeviceConfiguration.java
index 045cfdf3284..c67b55bf42f 100644
--- a/libjava/classpath/gnu/java/awt/peer/qt/QtScreenDeviceConfiguration.java
+++ b/libjava/classpath/gnu/java/awt/peer/qt/QtScreenDeviceConfiguration.java
@@ -1,5 +1,5 @@
 /* QtScreenDeviceConfiguration.java --
-   Copyright (C)  2005  Free Software Foundation, Inc.
+   Copyright (C)  2005, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -37,11 +37,9 @@ exception statement from your version. */
 
 package gnu.java.awt.peer.qt;
 
-import java.awt.DisplayMode;
 import java.awt.ImageCapabilities;
 import java.awt.GraphicsConfiguration;
 import java.awt.GraphicsDevice;
-import java.awt.GraphicsConfigTemplate;
 import java.awt.Rectangle;
 import java.awt.image.BufferedImage;
 import java.awt.image.ColorModel;
diff --git a/libjava/classpath/gnu/java/awt/peer/qt/QtScrollPanePeer.java b/libjava/classpath/gnu/java/awt/peer/qt/QtScrollPanePeer.java
index 02fa8fb22cb..c3731cbd5f2 100644
--- a/libjava/classpath/gnu/java/awt/peer/qt/QtScrollPanePeer.java
+++ b/libjava/classpath/gnu/java/awt/peer/qt/QtScrollPanePeer.java
@@ -1,5 +1,5 @@
 /* QtScrollPanePeer.java --
-   Copyright (C)  2005  Free Software Foundation, Inc.
+   Copyright (C)  2005, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -38,7 +38,6 @@ exception statement from your version. */
 package gnu.java.awt.peer.qt;
 
 import java.awt.Adjustable;
-import java.awt.Dimension;
 import java.awt.Insets;
 import java.awt.ScrollPane;
 import java.awt.peer.ScrollPanePeer;
diff --git a/libjava/classpath/gnu/java/awt/peer/qt/QtToolkit.java b/libjava/classpath/gnu/java/awt/peer/qt/QtToolkit.java
index 73652f8df90..5116769389e 100644
--- a/libjava/classpath/gnu/java/awt/peer/qt/QtToolkit.java
+++ b/libjava/classpath/gnu/java/awt/peer/qt/QtToolkit.java
@@ -1,5 +1,5 @@
 /* QtToolkit.java --
-   Copyright (C)  2005  Free Software Foundation, Inc.
+   Copyright (C)  2005, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -37,19 +37,16 @@ exception statement from your version. */
 
 package gnu.java.awt.peer.qt;
 
-import gnu.classpath.Configuration;
 import gnu.java.awt.EmbeddedWindow;
 import gnu.java.awt.peer.ClasspathFontPeer;
 import gnu.java.awt.peer.EmbeddedWindowPeer;
-import gnu.java.awt.peer.ClasspathTextLayoutPeer;
-import java.awt.AWTEvent;
+
 import java.awt.AWTException;
 import java.awt.Button;
 import java.awt.Canvas;
 import java.awt.Checkbox;
 import java.awt.CheckboxMenuItem;
 import java.awt.Choice;
-import java.awt.Component;
 import java.awt.Dialog;
 import java.awt.Dimension;
 import java.awt.EventQueue;
@@ -68,18 +65,13 @@ import java.awt.TextField;
 import java.awt.FileDialog;
 import java.awt.GraphicsDevice;
 import java.awt.GraphicsEnvironment;
-import java.awt.HeadlessException;
 import java.awt.PopupMenu;
 import java.awt.PrintJob;
 import java.awt.Scrollbar;
 import java.awt.ScrollPane;
-import java.awt.Toolkit;
 import java.awt.Window;
 import java.awt.datatransfer.Clipboard;
 import java.awt.dnd.DragGestureEvent;
-import java.awt.dnd.DragGestureListener;
-import java.awt.dnd.DragGestureRecognizer;
-import java.awt.dnd.DragSource;
 import java.awt.dnd.peer.DragSourceContextPeer;
 import java.awt.event.AWTEventListener;
 import java.awt.image.ColorModel;
@@ -91,37 +83,29 @@ import java.awt.peer.ButtonPeer;
 import java.awt.peer.FontPeer;
 import java.awt.peer.PanelPeer;
 import java.awt.peer.CanvasPeer;
-import java.awt.peer.FramePeer; 
+import java.awt.peer.FramePeer;
 import java.awt.peer.PopupMenuPeer;
 import java.awt.peer.CheckboxMenuItemPeer;
 import java.awt.peer.LabelPeer;
 import java.awt.peer.RobotPeer;
 import java.awt.peer.CheckboxPeer;
-import java.awt.peer.LightweightPeer; 
 import java.awt.peer.ScrollPanePeer;
-import java.awt.peer.ChoicePeer;        
+import java.awt.peer.ChoicePeer;
 import java.awt.peer.ListPeer;
 import java.awt.peer.ScrollbarPeer;
-import java.awt.peer.ComponentPeer;    
 import java.awt.peer.MenuBarPeer;
 import java.awt.peer.TextAreaPeer;
-import java.awt.peer.ContainerPeer;
-import java.awt.peer.MenuComponentPeer;
-import java.awt.peer.TextComponentPeer;
 import java.awt.peer.DialogPeer;
 import java.awt.peer.MenuItemPeer;
 import java.awt.peer.TextFieldPeer;
 import java.awt.peer.FileDialogPeer;
 import java.awt.peer.MenuPeer;
 import java.awt.peer.WindowPeer;
-import java.awt.font.FontRenderContext;
 import java.io.InputStream;
 import java.net.URL;
-import java.text.AttributedString;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.Properties;
-import javax.imageio.spi.IIORegistry;
 
 import gnu.java.awt.ClasspathToolkit;
 
@@ -402,6 +386,11 @@ public class QtToolkit extends ClasspathToolkit
 			      String jobtitle,
 			      Properties props)
   {
+    SecurityManager sm;
+    sm = System.getSecurityManager();
+    if (sm != null)
+      sm.checkPrintJobAccess();
+    
     throw new RuntimeException("Not implemented");
   }
 
@@ -445,12 +434,6 @@ public class QtToolkit extends ClasspathToolkit
     return new QtFontPeer (name, attrs);
   }
 
-  public ClasspathTextLayoutPeer getClasspathTextLayoutPeer(AttributedString str, 
-							    FontRenderContext frc)
-  {
-    return null;
-  }
-
   // FIXME
   public Font createFont(int format, InputStream stream)
   {
diff --git a/libjava/classpath/gnu/java/awt/peer/qt/QtVolatileImage.java b/libjava/classpath/gnu/java/awt/peer/qt/QtVolatileImage.java
index 0ec61deb3a6..c81bb2a098b 100644
--- a/libjava/classpath/gnu/java/awt/peer/qt/QtVolatileImage.java
+++ b/libjava/classpath/gnu/java/awt/peer/qt/QtVolatileImage.java
@@ -1,5 +1,5 @@
 /* QtVolatileImage.java --
-   Copyright (C)  2005  Free Software Foundation, Inc.
+   Copyright (C)  2005, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -47,15 +47,11 @@ import java.awt.image.BufferedImage;
 import java.awt.image.ColorModel;
 import java.awt.image.DirectColorModel;
 import java.awt.image.MemoryImageSource;
-import java.awt.image.ImageConsumer;
 import java.awt.image.ImageObserver;
 import java.awt.image.ImageProducer;
 import java.awt.image.VolatileImage;
-import java.io.File;
-import java.io.IOException;
 import java.util.Hashtable;
 import java.util.WeakHashMap;
-import java.util.Vector;
 
 /**
  * QtVolatileImage - wraps a QImage
diff --git a/libjava/classpath/gnu/java/awt/peer/swing/SwingComponentPeer.java b/libjava/classpath/gnu/java/awt/peer/swing/SwingComponentPeer.java
index f60c8e96c1d..96ccc00b8f0 100644
--- a/libjava/classpath/gnu/java/awt/peer/swing/SwingComponentPeer.java
+++ b/libjava/classpath/gnu/java/awt/peer/swing/SwingComponentPeer.java
@@ -48,8 +48,6 @@ import java.awt.Font;
 import java.awt.FontMetrics;
 import java.awt.Graphics;
 import java.awt.GraphicsConfiguration;
-import java.awt.GraphicsDevice;
-import java.awt.GraphicsEnvironment;
 import java.awt.Image;
 import java.awt.Point;
 import java.awt.Rectangle;
@@ -101,8 +99,8 @@ public class SwingComponentPeer
   /**
    * Creates a SwingComponentPeer instance. Subclasses are expected to call
    * this constructor and thereafter call
-   * {@link #init(Component, SwingComponent)} in order to setup the AWT and
-   * Swing components properly.
+   * {@link #init(Component,SwingComponent)}
+   * in order to setup the AWT and Swing components properly.
    */
   protected SwingComponentPeer()
   {
@@ -167,12 +165,9 @@ public class SwingComponentPeer
    */
   public Image createImage(int width, int height)
   {
-    GraphicsEnvironment graphicsEnv =
-      GraphicsEnvironment.getLocalGraphicsEnvironment();
-    GraphicsDevice dev = graphicsEnv.getDefaultScreenDevice();
-    GraphicsConfiguration conf = dev.getDefaultConfiguration();
-    Image image = conf.createCompatibleImage(width, height);
-    return image;
+    Component parent = awtComponent.getParent();
+    ComponentPeer parentPeer = parent.getPeer();
+    return parentPeer.createImage(width, height);
   }
 
   /**
@@ -336,21 +331,24 @@ public class SwingComponentPeer
     {
       case PaintEvent.UPDATE:
       case PaintEvent.PAINT:
-        Graphics g = getGraphics();
-        Rectangle clip = ((PaintEvent)e).getUpdateRect();
-        g.clipRect(clip.x, clip.y, clip.width, clip.height);
-        //if (this instanceof LightweightPeer)
-        //  {
+        // This only will work when the component is showing.
+        if (awtComponent.isShowing())
+          {
+            Graphics g = getGraphics();
+            Rectangle clip = ((PaintEvent)e).getUpdateRect();
+            g.clipRect(clip.x, clip.y, clip.width, clip.height);
+            //if (this instanceof LightweightPeer)
+            //  {
             if (e.getID() == PaintEvent.UPDATE)
               awtComponent.update(g);
             else
               awtComponent.paint(g);
-        //  }
-        // We paint the 'heavyweights' at last, so that they appear on top of
-        // everything else.
-        peerPaint(g);
-
-        g.dispose();
+            //  }
+            // We paint the 'heavyweights' at last, so that they appear on top of
+            // everything else.
+            peerPaint(g);
+            g.dispose();
+          }
         break;
       case MouseEvent.MOUSE_PRESSED:
       case MouseEvent.MOUSE_RELEASED:
@@ -384,6 +382,11 @@ public class SwingComponentPeer
   {
     if (swingComponent != null)
       swingComponent.getJComponent().setVisible(false);
+
+    Component parent = awtComponent.getParent();
+    if (parent != null)
+      parent.repaint(awtComponent.getX(), awtComponent.getY(),
+                     awtComponent.getWidth(), awtComponent.getHeight());
   }
 
   /**
@@ -470,17 +473,15 @@ public class SwingComponentPeer
   public boolean prepareImage(Image img, int width, int height, ImageObserver ob)
   {
     Component parent = awtComponent.getParent();
-    boolean res;
     if(parent != null)
-      {
-        ComponentPeer parentPeer = parent.getPeer();
-        res = parentPeer.prepareImage(img, width, height, ob);
-      }
+    {
+      ComponentPeer parentPeer = parent.getPeer();
+      return parentPeer.prepareImage(img, width, height, ob);
+    }
     else
-      {
-        res = Toolkit.getDefaultToolkit().prepareImage(img, width, height, ob);
-      }
-    return res;
+    {
+      return Toolkit.getDefaultToolkit().prepareImage(img, width, height, ob);
+    }
   }
 
   public void print(Graphics graphics)
@@ -662,8 +663,10 @@ public class SwingComponentPeer
    */
   public void setVisible(boolean visible)
   {
-    if (swingComponent != null)
-      swingComponent.getJComponent().setVisible(visible);
+    if (visible)
+      show();
+    else
+      hide();
   }
 
   /**
@@ -782,8 +785,13 @@ public class SwingComponentPeer
   public VolatileImage createVolatileImage(int width, int height)
   {
     Component parent = awtComponent.getParent();
-    ComponentPeer parentPeer = parent.getPeer();
-    return parentPeer.createVolatileImage(width, height);
+    VolatileImage im = null;
+    if (parent != null)
+      {
+        ComponentPeer parentPeer = parent.getPeer();
+        im = parentPeer.createVolatileImage(width, height);
+      }
+    return im;
   }
 
   /**
diff --git a/libjava/classpath/gnu/java/awt/peer/x/GLGraphics.java b/libjava/classpath/gnu/java/awt/peer/x/GLGraphics.java
new file mode 100644
index 00000000000..c80c85c28f0
--- /dev/null
+++ b/libjava/classpath/gnu/java/awt/peer/x/GLGraphics.java
@@ -0,0 +1,123 @@
+/* GLGraphics.java -- Graphics2D impl on top of GLX
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.java.awt.peer.x;
+
+import java.awt.Color;
+import java.awt.GraphicsConfiguration;
+import java.awt.image.ColorModel;
+
+import gnu.java.awt.java2d.AbstractGraphics2D;
+import gnu.x11.extension.glx.GL;
+
+/**
+ * An implementation of Graphics2D on top of the GLX extension of X.
+ *
+ * @author Roman Kennke (kennke@aicas.com)
+ */
+public class GLGraphics extends AbstractGraphics2D
+{
+
+  /**
+   * The rendering context.
+   */
+  private GL gl;
+
+  /**
+   * Creates a new GLGraphics that paints on the specified GL context.
+   *
+   * @param g the GL context to paint to
+   */
+  GLGraphics(GL g)
+  {
+    gl = g;
+  }
+
+  public void setBackground(Color b)
+  {
+    super.setBackground(b);
+    gl.clear_color(b.getRed() / 255.F, b.getGreen() / 255.F,
+                   b.getBlue() / 255.F, b.getAlpha() / 255.F);
+  }
+
+  public void clearRect(int x, int y, int w, int h)
+  {
+    // TODO: Maybe use fillRect().
+    gl.clear(GL.COLOR_BUFFER_BIT);
+  }
+
+  public void drawLine(int x1, int y1, int x2, int y2)
+  {
+    gl.begin(GL.LINES);
+    gl.vertex2i(x1, y1);
+    gl.vertex2i(x2, y2);
+    gl.end();
+    // TODO: Maybe do:
+    // gl.flush();
+  }
+
+  public void drawRect(int x, int y, int w, int h)
+  {
+    gl.polygon_mode(GL.FRONT_AND_BACK, GL.LINE);
+    gl.begin(GL.POLYGON);
+    gl.recti(x, y, x + w, y + h);
+    gl.end();
+    // TODO: Maybe do:
+    // gl.flush();
+  }
+
+  public void fillRect(int x, int y, int w, int h)
+  {
+    gl.polygon_mode(GL.FRONT_AND_BACK, GL.FILL);
+    gl.recti(x, y, x + w, y + h);
+    // TODO: Maybe do:
+    // gl.flush();
+  }
+
+  protected ColorModel getColorModel()
+  {
+    // FIXME: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented");
+  }
+
+  public GraphicsConfiguration getDeviceConfiguration()
+  {
+    // FIXME: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented");
+  }
+
+}
diff --git a/libjava/classpath/gnu/java/awt/peer/x/ImageConverter.java b/libjava/classpath/gnu/java/awt/peer/x/ImageConverter.java
new file mode 100644
index 00000000000..6d32448eece
--- /dev/null
+++ b/libjava/classpath/gnu/java/awt/peer/x/ImageConverter.java
@@ -0,0 +1,113 @@
+/* ImageConverter.java -- Convert arbitrary Image impl to XImage
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.java.awt.peer.x;
+
+import java.awt.Color;
+import java.awt.Graphics;
+import java.awt.image.ColorModel;
+import java.awt.image.ImageConsumer;
+import java.util.Hashtable;
+
+/**
+ * Convert a non-XImage to an XImage.
+ * 
+ * @author Roman Kennke (kennke@aicas.com)
+ */
+public class ImageConverter implements ImageConsumer
+{
+
+  private XImage image;
+  private Graphics imageGraphics;
+
+  public void setDimensions(int width, int height)
+  {
+    image = new XImage(width, height);
+  }
+
+  public void setProperties(Hashtable props)
+  {
+    // Ignore for now.
+  }
+
+  public void setColorModel(ColorModel model)
+  {
+    // Ignore for now.
+  }
+
+  public void setHints(int flags)
+  {
+    // Ignore for now.
+  }
+
+  public void setPixels(int x, int y, int w, int h, ColorModel model,
+                        byte[] pixels, int offset, int scansize)
+  {
+    // FIXME: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented");
+  }
+
+  public void setPixels(int x, int y, int w, int h, ColorModel model,
+                        int[] pixels, int offset, int scansize)
+  {
+    System.err.println("transferType: " + model.getTransferType());
+    System.err.println("colorModel: " + model);
+    if (imageGraphics == null)
+      imageGraphics = image.getGraphics();
+    int xend = x + w;
+    int yend = y + h;
+    for (int yy = y; yy < yend; yy++)
+      {
+        for (int xx = x; xx < xend; xx++)
+          {
+            int pixel = pixels[yy * scansize + xx + offset];
+            imageGraphics.setColor(new Color(model.getRGB(pixel)));
+            imageGraphics.fillRect(xx, yy, 1, 1);
+          }
+      }
+  }
+
+  public void imageComplete(int status)
+  {
+    // Nothing to do here.
+  }
+
+  XImage getXImage()
+  {
+    return image;
+  }
+}
diff --git a/libjava/classpath/gnu/java/awt/peer/x/KeyboardMapping.java b/libjava/classpath/gnu/java/awt/peer/x/KeyboardMapping.java
new file mode 100644
index 00000000000..8e0a31f5d36
--- /dev/null
+++ b/libjava/classpath/gnu/java/awt/peer/x/KeyboardMapping.java
@@ -0,0 +1,415 @@
+/* KeyboardMapping.java -- Maps X keysyms to Java keyCode and keyChar
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.java.awt.peer.x;
+
+import gnu.x11.Input;
+import gnu.x11.keysym.Latin1;
+import gnu.x11.keysym.Misc;
+
+import java.awt.event.KeyEvent;
+
+/**
+ * Defines the keyboard mapping from X keysyms to Java
+ * keycodes and keychars.
+ *
+ * @author Roman Kennke (kennke@aicas.com)
+ */
+final class KeyboardMapping
+{
+
+  /**
+   * Maps X keycodes to AWT keycodes.
+   * 
+   * @param xInput the X input event
+   * @param xKeyCode the X keycode to map
+   * @param xMods the X modifiers
+   *
+   * @return the AWT keycode and keychar
+   */
+  static int mapToKeyCode(gnu.x11.Input xInput, int xKeyCode, int xMods)
+  {
+    int mapped = KeyEvent.VK_UNDEFINED;
+    int keysym = xInput.keycode_to_keysym(xKeyCode, xMods, true);
+
+    // Special keys.
+    if (keysym >= 255 << 8)
+      {
+        // FIXME: Add missing mappings.
+        switch (keysym)
+        {
+          case Misc.BACKSPACE:
+            mapped = KeyEvent.VK_BACK_SPACE;
+            break;
+          case Misc.TAB:
+            mapped = KeyEvent.VK_TAB;
+            break;
+          case Misc.CLEAR:
+            mapped = KeyEvent.VK_CLEAR;
+            break;
+          case Misc.RETURN:
+            mapped = KeyEvent.VK_ENTER;
+            break;
+          case Misc.PAUSE:
+            mapped = KeyEvent.VK_PAUSE;
+            break;
+          case Misc.SCROLL_LOCK:
+            mapped = KeyEvent.VK_SCROLL_LOCK;
+            break;
+          case Misc.ESCAPE:
+            mapped = KeyEvent.VK_ESCAPE;
+            break;
+          case Misc.HOME:
+            mapped = KeyEvent.VK_HOME;
+            break;
+          case Misc.LEFT:
+            mapped = KeyEvent.VK_LEFT;
+            break;
+          case Misc.UP:
+            mapped = KeyEvent.VK_UP;
+            break;
+          case Misc.RIGHT:
+            mapped = KeyEvent.VK_RIGHT;
+            break;
+          case Misc.DOWN:
+            mapped = KeyEvent.VK_DOWN;
+            break;
+          case Misc.PAGE_UP:
+            mapped = KeyEvent.VK_PAGE_UP;
+            break;
+          case Misc.PAGE_DOWN:
+            mapped = KeyEvent.VK_PAGE_DOWN;
+            break;
+          case Misc.END:
+            mapped = KeyEvent.VK_END;
+            break;
+          case Misc.BEGIN:
+            mapped = KeyEvent.VK_BEGIN;
+            break;
+          case Misc.INSERT:
+            mapped = KeyEvent.VK_INSERT;
+            break;
+          case Misc.UNDO:
+            mapped = KeyEvent.VK_UNDO;
+            break;
+          case Misc.FIND:
+            mapped = KeyEvent.VK_FIND;
+            break;
+          case Misc.CANCEL:
+            mapped = KeyEvent.VK_CANCEL;
+            break;
+          case Misc.HELP:
+            mapped = KeyEvent.VK_HELP;
+            break;
+          case Misc.MODE_SWITCH:
+            mapped = KeyEvent.VK_MODECHANGE;
+            break;
+          case Misc.NUM_LOCK:
+            mapped = KeyEvent.VK_NUM_LOCK;
+            break;
+          case Misc.KP_LEFT:
+            mapped = KeyEvent.VK_KP_LEFT;
+            break;
+          case Misc.KP_UP:
+            mapped = KeyEvent.VK_KP_UP;
+            break;
+          case Misc.KP_RIGHT:
+            mapped = KeyEvent.VK_KP_RIGHT;
+            break;
+          case Misc.KP_DOWN:
+            mapped = KeyEvent.VK_KP_DOWN;
+            break;
+          case Misc.F1:
+            mapped = KeyEvent.VK_F1;
+            break;
+          case Misc.F2:
+            mapped = KeyEvent.VK_F2;
+            break;
+          case Misc.F3:
+            mapped = KeyEvent.VK_F3;
+            break;
+          case Misc.F4:
+            mapped = KeyEvent.VK_F4;
+            break;
+          case Misc.F5:
+            mapped = KeyEvent.VK_F5;
+            break;
+          case Misc.F6:
+            mapped = KeyEvent.VK_F6;
+            break;
+          case Misc.F7:
+            mapped = KeyEvent.VK_F7;
+            break;
+          case Misc.F8:
+            mapped = KeyEvent.VK_F8;
+            break;
+          case Misc.F9:
+            mapped = KeyEvent.VK_F9;
+            break;
+          case Misc.F10:
+            mapped = KeyEvent.VK_F10;
+            break;
+          case Misc.F11:
+            mapped = KeyEvent.VK_F11;
+            break;
+          case Misc.F12:
+            mapped = KeyEvent.VK_F12;
+            break;
+          case Misc.F13:
+            mapped = KeyEvent.VK_F13;
+            break;
+          case Misc.F14:
+            mapped = KeyEvent.VK_F14;
+            break;
+          case Misc.F15:
+            mapped = KeyEvent.VK_F15;
+            break;
+          case Misc.F16:
+            mapped = KeyEvent.VK_F16;
+            break;
+          case Misc.F17:
+            mapped = KeyEvent.VK_F17;
+            break;
+          case Misc.F18:
+            mapped = KeyEvent.VK_F18;
+            break;
+          case Misc.F19:
+            mapped = KeyEvent.VK_F19;
+            break;
+          case Misc.F20:
+            mapped = KeyEvent.VK_F20;
+            break;
+          case Misc.F21:
+            mapped = KeyEvent.VK_F21;
+            break;
+          case Misc.F22:
+            mapped = KeyEvent.VK_F22;
+            break;
+          case Misc.F23:
+            mapped = KeyEvent.VK_F23;
+            break;
+          case Misc.F24:
+            mapped = KeyEvent.VK_F24;
+            break;
+          case Misc.SHIFT_L:
+          case Misc.SHIFT_R:
+            mapped = KeyEvent.VK_SHIFT;
+            break;
+          case Misc.CONTROL_L:
+          case Misc.CONTROL_R:
+            mapped = KeyEvent.VK_CONTROL;
+            break;
+          case Misc.CAPS_LOCK:
+          case Misc.SHIFT_LOCK:
+            mapped = KeyEvent.VK_CAPS_LOCK;
+            break;
+          case Misc.META_L:
+          case Misc.META_R:
+            mapped = KeyEvent.VK_META;
+            break;
+          case Misc.ALT_L:
+          case Misc.ALT_R:
+            mapped = KeyEvent.VK_ALT;
+            break;
+          case Misc.DELETE:
+            mapped = KeyEvent.VK_DELETE;
+            break;
+          default:
+            mapped = KeyEvent.VK_UNDEFINED;
+        }
+      }
+    // Map Latin1 characters.
+    else if (keysym < 256)
+      {
+        // TODO: Add missing mappings, if any.
+        // Lowercase characters are mapped to
+        // their corresponding upper case pendants.
+        if (keysym >= Latin1.A_SMALL && keysym <= Latin1.Z_SMALL)
+          mapped = keysym - 0x20;
+        // Uppercase characters are mapped 1:1.
+        else if (keysym >= Latin1.A && keysym <= Latin1.Z)
+          mapped = keysym;
+        // Digits are mapped 1:1.
+        else if (keysym >= Latin1.NUM_0 && keysym <= Latin1.NUM_9)
+          mapped = keysym;
+        else
+          {
+            switch (keysym)
+            {
+              case Latin1.SPACE:
+                mapped = KeyEvent.VK_SPACE;
+                break;
+              case Latin1.EXCLAM:
+                mapped = KeyEvent.VK_EXCLAMATION_MARK;
+                break;
+              case Latin1.QUOTE_DBL:
+                mapped = KeyEvent.VK_QUOTEDBL;
+                break;
+              case Latin1.NUMBER_SIGN:
+                mapped = KeyEvent.VK_NUMBER_SIGN;
+                break;
+              case Latin1.DOLLAR:
+                mapped = KeyEvent.VK_DOLLAR;
+                break;
+              case Latin1.AMPERSAND:
+                mapped = KeyEvent.VK_AMPERSAND;
+                break;
+              case Latin1.APOSTROPHE:
+                mapped = KeyEvent.VK_QUOTE;
+                break;
+              case Latin1.PAREN_LEFT:
+                mapped = KeyEvent.VK_LEFT_PARENTHESIS;
+                break;
+              case Latin1.PAREN_RIGHT:
+                mapped = KeyEvent.VK_RIGHT_PARENTHESIS;
+                break;
+              case Latin1.ASTERISK:
+                mapped = KeyEvent.VK_ASTERISK;
+                break;
+              case Latin1.PLUS:
+                mapped = KeyEvent.VK_PLUS;
+                break;
+              case Latin1.COMMA:
+                mapped = KeyEvent.VK_COMMA;
+                break;
+              case Latin1.MINUS:
+                mapped = KeyEvent.VK_MINUS;
+                break;
+              case Latin1.PERIOD:
+                mapped = KeyEvent.VK_PERIOD;
+                break;
+              case Latin1.SLASH:
+                mapped = KeyEvent.VK_SLASH;
+                break;
+              case Latin1.COLON:
+                mapped = KeyEvent.VK_COLON;
+                break;
+              case Latin1.SEMICOLON:
+                mapped = KeyEvent.VK_SEMICOLON;
+                break;
+              case Latin1.LESS:
+                mapped = KeyEvent.VK_LESS;
+                break;
+              case Latin1.EQUAL:
+                mapped = KeyEvent.VK_EQUALS;
+                break;
+              case Latin1.GREATER:
+                mapped = KeyEvent.VK_GREATER;
+                break;
+              case Latin1.AT:
+                mapped = KeyEvent.VK_AT;
+                break;
+              case Latin1.BRACKET_LEFT:
+                mapped = KeyEvent.VK_OPEN_BRACKET;
+                break;
+              case Latin1.BACKSLASH:
+                mapped = KeyEvent.VK_BACK_SLASH;
+                break;
+              case Latin1.BRACKET_RIGHT:
+                mapped = KeyEvent.VK_CLOSE_BRACKET;
+                break;
+              case Latin1.ASCII_CIRCUM:
+                mapped = KeyEvent.VK_CIRCUMFLEX;
+                break;
+              case Latin1.UNDERSCORE:
+                mapped = KeyEvent.VK_UNDERSCORE;
+                break;
+              case Latin1.GRAVE:
+                mapped = KeyEvent.VK_DEAD_GRAVE;
+                break;
+              case Latin1.BRACE_LEFT:
+                mapped = KeyEvent.VK_BRACELEFT;
+                break;
+              case Latin1.BRACE_RIGHT:
+                mapped = KeyEvent.VK_BRACERIGHT;
+                break;
+              case Latin1.ASCII_TILDE:
+                mapped = KeyEvent.VK_DEAD_TILDE;
+                break;
+              case Latin1.EXCLAM_DOWN:
+                mapped = KeyEvent.VK_INVERTED_EXCLAMATION_MARK;
+                break;
+              default:
+                mapped = KeyEvent.VK_UNDEFINED;
+            }
+          }
+      }
+    return mapped;
+  }
+
+  /**
+   * Maps X keycodes+modifiers to Java keychars.
+   *
+   * @param xInput The X Input to use for mapping
+   * @param xKeyCode the X keycode
+   * @param xMods the X key modifiers
+   *
+   * @return the Java keychar
+   */
+  static char mapToKeyChar(gnu.x11.Input xInput, int xKeyCode, int xMods)
+  {
+    char mapped = KeyEvent.CHAR_UNDEFINED;
+    char keysym = (char) xInput.keycode_to_keysym(xKeyCode, xMods, false);
+    // FIXME: Map other encodings properly.
+    if (keysym < 256) // Latin1.
+      {
+        mapped = keysym;
+      }
+    return mapped;
+  }
+
+  /**
+   * Maps X modifier masks to AWT modifier masks.
+   *
+   * @param xMods the X modifiers
+   *
+   * @return the AWT modifiers
+   */
+  static int mapModifiers(int xMods)
+  {
+    int mods = 0;
+
+    if ((xMods & Input.SHIFT_MASK) != 0)
+      mods |= KeyEvent.SHIFT_MASK | KeyEvent.SHIFT_DOWN_MASK;
+    if ((xMods & Input.ALT_MASK) != 0)
+      mods |= KeyEvent.ALT_MASK | KeyEvent.ALT_DOWN_MASK;
+    if ((xMods & Input.CONTROL_MASK) != 0)
+      mods |= KeyEvent.CTRL_MASK | KeyEvent.CTRL_DOWN_MASK;
+
+    return mods;
+  }
+}
diff --git a/libjava/classpath/gnu/java/awt/peer/x/XDialogPeer.java b/libjava/classpath/gnu/java/awt/peer/x/XDialogPeer.java
new file mode 100644
index 00000000000..45ad24d67e9
--- /dev/null
+++ b/libjava/classpath/gnu/java/awt/peer/x/XDialogPeer.java
@@ -0,0 +1,61 @@
+/* XDialogPeer.java -- The peer for AWT dialogs
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.java.awt.peer.x;
+
+import java.awt.Dialog;
+import java.awt.peer.DialogPeer;
+
+public class XDialogPeer
+  extends XWindowPeer
+  implements DialogPeer
+{
+
+  XDialogPeer(Dialog target)
+  {
+    super(target);
+  }
+
+  public void setResizable(boolean resizeable)
+  {
+  }
+
+  public void setTitle(String title)
+  {
+  }
+}
diff --git a/libjava/classpath/gnu/java/awt/peer/x/XEventPump.java b/libjava/classpath/gnu/java/awt/peer/x/XEventPump.java
new file mode 100644
index 00000000000..870edf3796d
--- /dev/null
+++ b/libjava/classpath/gnu/java/awt/peer/x/XEventPump.java
@@ -0,0 +1,287 @@
+/* XEventPump.java -- Pumps events from X to AWT
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.java.awt.peer.x;
+
+import java.awt.Graphics;
+import java.awt.Rectangle;
+import java.awt.Toolkit;
+import java.awt.Window;
+import java.awt.event.ComponentEvent;
+import java.awt.event.KeyEvent;
+import java.awt.event.MouseEvent;
+import java.awt.event.PaintEvent;
+import java.util.HashMap;
+
+import gnu.x11.Display;
+import gnu.x11.event.ButtonPress;
+import gnu.x11.event.ButtonRelease;
+import gnu.x11.event.ConfigureNotify;
+import gnu.x11.event.Event;
+import gnu.x11.event.Expose;
+import gnu.x11.event.Input;
+import gnu.x11.event.KeyPress;
+import gnu.x11.event.KeyRelease;
+import gnu.x11.event.MotionNotify;
+
+/**
+ * Fetches events from X, translates them to AWT events and pumps them up
+ * into the AWT event queue.
+ *
+ * @author Roman Kennke (kennke@aicas.com)
+ */
+public class XEventPump
+  implements Runnable
+{
+
+  /**
+   * The X Display from which we fetch and pump up events.
+   */
+  private Display display;
+
+  /**
+   * Maps X Windows to AWT Windows to be able to correctly determine the
+   * event targets.
+   */
+  private HashMap windows;
+
+  /**
+   * Indicates if we are currently inside a drag operation. This is
+   * set to the button ID when a button is pressed and to -1 (indicating
+   * that no drag is active) when the mouse is released.
+   */
+  private int drag;
+
+  /**
+   * Creates a new XEventPump for the specified X Display.
+   *
+   * @param d the X Display
+   */
+  XEventPump(Display d)
+  {
+    display = d;
+    windows = new HashMap();
+    drag = -1;
+    Thread t = new Thread(this);
+    t.start();
+  }
+
+  /**
+   * The main event pump loop. This basically fetches events from the
+   * X Display and pumps them into the system event queue.
+   */
+  public void run()
+  {
+    while (display.connected)
+      {
+        try
+          {
+            Event xEvent = display.next_event();
+            handleEvent(xEvent);
+          }
+        catch (ThreadDeath death)
+          {
+            // If someone wants to kill us, let them.
+            return;
+          }
+        catch (Throwable x)
+          {
+            System.err.println("Exception during event dispatch:");
+            x.printStackTrace(System.err);
+          }
+      }
+  }
+
+  /**
+   * Adds an X Window to AWT Window mapping. This is required so that the
+   * event pump can correctly determine the event targets.
+   *
+   * @param xWindow the X Window
+   * @param awtWindow the AWT Window
+   */
+  void registerWindow(gnu.x11.Window xWindow, Window awtWindow)
+  {
+    if (XToolkit.DEBUG)
+      System.err.println("registering window id: " + xWindow.id);
+    windows.put(new Integer(xWindow.id), awtWindow);
+  }
+
+  void unregisterWindow(gnu.x11.Window xWindow)
+  {
+    windows.remove(new Integer(xWindow.id));
+  }
+
+  private void handleEvent(Event xEvent)
+  {
+    Integer key = new Integer(xEvent.window_id());;
+    Window awtWindow = (Window) windows.get(key);
+
+    if (XToolkit.DEBUG)
+      System.err.println("fetched event: " + xEvent);
+    switch (xEvent.code())
+    {
+    case ButtonPress.CODE:
+      ButtonPress bp = (ButtonPress) xEvent;
+      // Create and post the mouse event.
+      int button = bp.detail();
+      drag = button;
+      MouseEvent mp = new MouseEvent(awtWindow, MouseEvent.MOUSE_PRESSED,
+                                     System.currentTimeMillis(), 0,
+                                     bp.event_x(), bp.event_y(),
+                                     1, false, button);
+      Toolkit.getDefaultToolkit().getSystemEventQueue().postEvent(mp);
+      break;
+    case ButtonRelease.CODE:
+      ButtonRelease br = (ButtonRelease) xEvent;
+      drag = -1;
+      MouseEvent mr = new MouseEvent(awtWindow, MouseEvent.MOUSE_RELEASED,
+                                     System.currentTimeMillis(), 0,
+                                     br.event_x(), br.event_y(),
+                                     1, false, br.detail());
+      Toolkit.getDefaultToolkit().getSystemEventQueue().postEvent(mr);
+      break;
+    case MotionNotify.CODE:
+      MotionNotify mn = (MotionNotify) xEvent;
+      MouseEvent mm;
+      if (drag == -1)
+        {
+          mm = new MouseEvent(awtWindow, MouseEvent.MOUSE_MOVED,
+                              System.currentTimeMillis(), 0,
+                              mn.event_x(), mn.event_y(),
+                              1, false);
+        }
+      else
+        {
+          mm = new MouseEvent(awtWindow, MouseEvent.MOUSE_DRAGGED,
+                              System.currentTimeMillis(), 0,
+                              mn.event_x(), mn.event_y(),
+                              1, false);
+        }
+      Toolkit.getDefaultToolkit().getSystemEventQueue().postEvent(mm);
+      break;
+    case ConfigureNotify.CODE:
+      ConfigureNotify c = (ConfigureNotify) xEvent;
+      if (XToolkit.DEBUG)
+        System.err.println("resize request for window id: " + key);
+
+      // Detect and report size changes.
+      if (c.width() != awtWindow.getWidth()
+          || c.height() != awtWindow.getHeight())
+        {
+          if (XToolkit.DEBUG)
+            System.err.println("Setting size on AWT window: " + c.width()
+                             + ", " + c.height() + ", " + awtWindow.getWidth()
+                             + ", " + awtWindow.getHeight());
+          ((XWindowPeer) awtWindow.getPeer()).callback = true;
+          awtWindow.setSize(c.width(), c.height());
+          ((XWindowPeer) awtWindow.getPeer()).callback = false;
+        }
+      break;
+    case Expose.CODE:
+      Expose exp = (Expose) xEvent;
+      if (XToolkit.DEBUG)
+        System.err.println("expose request for window id: " + key);
+      Rectangle r = new Rectangle(exp.x(), exp.y(), exp.width(),
+                                  exp.height());
+      //System.err.println("expose paint: " + r);
+      // We need to clear the background of the exposed rectangle.
+      Graphics g = awtWindow.getGraphics();
+      g.clearRect(r.x, r.y, r.width, r.height);
+      g.dispose();
+      PaintEvent pev = new PaintEvent(awtWindow, PaintEvent.PAINT, r);
+      Toolkit.getDefaultToolkit().getSystemEventQueue().postEvent(pev);
+      break;
+    case KeyPress.CODE:
+    case KeyRelease.CODE:
+      handleKeyEvent(xEvent, awtWindow);
+      break;
+    default:
+      if (XToolkit.DEBUG)
+        System.err.println("Unhandled X event: " + xEvent);
+    }
+  }
+
+  /**
+   * Handles key events from X.
+   *
+   * @param xEvent the X event
+   * @param awtWindow the AWT window to which the event gets posted
+   */
+  private void handleKeyEvent(Event xEvent, Window awtWindow)
+  {
+    Input keyEvent = (Input) xEvent;
+    int xKeyCode = keyEvent.detail();
+    int xMods = keyEvent.state();
+    int keyCode = KeyboardMapping.mapToKeyCode(xEvent.display.input, xKeyCode,
+                                               xMods);
+    char keyChar = KeyboardMapping.mapToKeyChar(xEvent.display.input, xKeyCode,
+                                                xMods);
+    if (XToolkit.DEBUG)
+      System.err.println("XEventPump.handleKeyEvent: " + xKeyCode + ", "
+                         + xMods + ": " + ((int) keyChar) + ", " + keyCode);
+    int awtMods = KeyboardMapping.mapModifiers(xMods);
+    long when = System.currentTimeMillis();
+    KeyEvent ke;
+    if (keyEvent.code() == KeyPress.CODE)
+      {
+        ke = new KeyEvent(awtWindow, KeyEvent.KEY_PRESSED, when,
+                          awtMods, keyCode,
+                          KeyEvent.CHAR_UNDEFINED);
+        Toolkit.getDefaultToolkit().getSystemEventQueue().postEvent(ke);
+        if (keyChar != KeyEvent.CHAR_UNDEFINED)
+          {
+            ke = new KeyEvent(awtWindow, KeyEvent.KEY_TYPED, when,
+                              awtMods, KeyEvent.VK_UNDEFINED,
+                              keyChar);
+            Toolkit.getDefaultToolkit().getSystemEventQueue().postEvent(ke);
+          }
+          
+      }
+    else
+      {
+        ke = new KeyEvent(awtWindow, KeyEvent.KEY_RELEASED, when,
+                          awtMods, keyCode,
+                          KeyEvent.CHAR_UNDEFINED);
+        Toolkit.getDefaultToolkit().getSystemEventQueue().postEvent(ke);
+      }
+
+  }
+
+
+}
+
diff --git a/libjava/classpath/gnu/java/awt/peer/x/XFontPeer.java b/libjava/classpath/gnu/java/awt/peer/x/XFontPeer.java
new file mode 100644
index 00000000000..fd293d8dd43
--- /dev/null
+++ b/libjava/classpath/gnu/java/awt/peer/x/XFontPeer.java
@@ -0,0 +1,766 @@
+/* XFontPeer.java -- The font peer for X
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.java.awt.peer.x;
+
+import java.awt.AWTError;
+import java.awt.Font;
+import java.awt.FontMetrics;
+import java.awt.GraphicsDevice;
+import java.awt.GraphicsEnvironment;
+import java.awt.font.FontRenderContext;
+import java.awt.font.GlyphVector;
+import java.awt.font.LineMetrics;
+import java.awt.font.TextAttribute;
+import java.awt.geom.Rectangle2D;
+import java.io.IOException;
+import java.io.InputStream;
+import java.text.CharacterIterator;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Locale;
+import java.util.Map;
+import java.util.Properties;
+
+import gnu.java.awt.peer.ClasspathFontPeer;
+import gnu.x11.Display;
+import gnu.x11.Fontable;
+
+/**
+ * The bridge from AWT to X fonts.
+ *
+ * @author Roman Kennke (kennke@aicas.com)
+ */
+public class XFontPeer
+  extends ClasspathFontPeer
+{
+
+  /**
+   * The font mapping as specified in the file fonts.properties.
+   */
+  private static Properties fontProperties;
+  static
+  {
+    fontProperties = new Properties();
+    InputStream in = XFontPeer.class.getResourceAsStream("fonts.properties");
+    try
+      {
+        fontProperties.load(in);
+      }
+    catch (IOException e)
+      {
+        e.printStackTrace();
+      }
+  }
+
+  /**
+   * The FontMetrics implementation for XFontPeer.
+   */
+  private class XFontMetrics
+    extends FontMetrics
+  {
+    /**
+     * The ascent of the font.
+     */ 
+    int ascent;
+
+    /**
+     * The descent of the font.
+     */ 
+    int descent;
+
+    /**
+     * The maximum of the character advances.
+     */
+    private int maxAdvance;
+
+    /**
+     * The internal leading.
+     */
+    int leading;
+
+    /**
+     * Cached string metrics. This caches string metrics locally so that the
+     * server doesn't have to be asked each time.
+     */
+    private HashMap metricsCache;
+
+    /**
+     * The widths of the characters indexed by the characters themselves.
+     */
+    private int[] charWidths;
+
+    /**
+     * Creates a new XFontMetrics for the specified font.
+     *
+     * @param font the font
+     */
+    protected XFontMetrics(Font font)
+    {
+      super(font);
+      metricsCache = new HashMap();
+      Fontable.FontReply info = getXFont().info();
+      ascent = info.font_ascent();
+      descent = info.font_descent();
+      maxAdvance = info.max_bounds().character_width();
+      leading = 0; // TODO: Not provided by X. Possible not needed.
+
+      if (info.min_byte1() == 0 && info.max_byte1() == 0)
+        readCharWidthsLinear(info);
+      else
+        readCharWidthsNonLinear(info);
+    }
+
+    /**
+     * Reads the character widths when specified in a linear fashion. That is
+     * when the min-byte1 and max-byte2 fields are both zero in the X protocol.
+     *
+     * @param info the font info reply
+     */
+    private void readCharWidthsLinear(Fontable.FontReply info)
+    {
+      int startIndex = info.min_char_or_byte2();
+      int endIndex = info.max_char_or_byte2();
+      charWidths = new int[endIndex + 1];
+      // All the characters before startIndex are zero width.
+      for (int i = 0; i < startIndex; i++)
+        {
+          charWidths[i] = 0;
+        }
+      // All the other character info is fetched from the font info.
+      int index = startIndex;
+      Iterator charInfos = info.char_infos().iterator();
+      while (charInfos.hasNext())
+        {
+          Fontable.FontReply.CharInfo charInfo =
+            (Fontable.FontReply.CharInfo) charInfos.next();
+          charWidths[index] = charInfo.character_width();
+          index++;
+        }
+    }
+
+    private void readCharWidthsNonLinear(Fontable.FontReply info)
+    {
+      // TODO: Implement.
+      throw new UnsupportedOperationException("Not yet implemented");
+    }
+
+    /**
+     * Returns the ascent of the font.
+     *
+     * @return the ascent of the font
+     */
+    public int getAscent()
+    {
+      return ascent;
+    }
+
+    /**
+     * Returns the descent of the font.
+     *
+     * @return the descent of the font
+     */
+    public int getDescent()
+    {
+      return descent;
+    }
+
+    /**
+     * Returns the overall height of the font. This is the distance from
+     * baseline to baseline (usually ascent + descent + leading).
+     *
+     * @return the overall height of the font
+     */
+    public int getHeight()
+    {
+      return ascent + descent;
+    }
+
+    /**
+     * Returns the leading of the font.
+     *
+     * @return the leading of the font
+     */
+    public int getLeading()
+    {
+      return leading;
+    }
+
+    /**
+     * Returns the maximum advance for this font.
+     *
+     * @return the maximum advance for this font
+     */
+    public int getMaxAdvance()
+    {
+      return maxAdvance;
+    }
+
+    /**
+     * Determines the width of the specified character <code>c</code>.
+     *
+     * @param c the character
+     *
+     * @return the width of the character
+     */
+    public int charWidth(char c)
+    {
+      int width;
+      if (c > charWidths.length)
+        width = charWidths['?'];
+      else
+        width = charWidths[c];
+      return width;
+    }
+
+    /**
+     * Determines the overall width of the specified string.
+     *
+     * @param c the char buffer holding the string
+     * @param offset the starting offset of the string in the buffer
+     * @param length the number of characters in the string buffer 
+     *
+     * @return the overall width of the specified string
+     */
+    public int charsWidth(char[] c, int offset, int length)
+    {
+      int width = 0;
+      if (c.length > 0 && length > 0)
+        {
+          String s = new String(c, offset, length);
+          width = stringWidth(s);
+        }
+      return width;
+    }
+
+    /**
+     * Determines the overall width of the specified string.
+     *
+     * @param s the string
+     *
+     * @return the overall width of the specified string
+     */
+    public int stringWidth(String s)
+    {
+      int width = 0;
+      if (s.length() > 0)
+        {
+          if (metricsCache.containsKey(s))
+            {
+              width = ((Integer) metricsCache.get(s)).intValue();
+            }
+          else
+            {
+              Fontable.TextExtentReply extents = getXFont().text_extent(s);
+              /*
+               System.err.println("string: '" + s + "' : ");
+               System.err.println("ascent: " + extents.getAscent());
+               System.err.println("descent: " + extents.getDescent());
+               System.err.println("overall ascent: " + extents.getOverallAscent());
+               System.err.println("overall descent: " + extents.getOverallDescent());
+               System.err.println("overall width: " + extents.getOverallWidth());
+               System.err.println("overall left: " + extents.getOverallLeft());
+               System.err.println("overall right: " + extents.getOverallRight());
+               */
+              width = extents.overall_width(); // + extents.overall_left();
+              //System.err.println("String: " + s + ", width: " + width);
+              metricsCache.put(s, new Integer(width));
+            }
+        }
+      //System.err.print("stringWidth: '" + s + "': ");
+      //System.err.println(width);
+      return width;
+    }
+  }
+
+  /**
+   * The LineMetrics implementation for the XFontPeer.
+   */
+  private class XLineMetrics
+    extends LineMetrics
+  {
+
+    /**
+     * Returns the ascent of the font.
+     *
+     * @return the ascent of the font
+     */
+    public float getAscent()
+    {
+      return fontMetrics.ascent;
+    }
+
+    public int getBaselineIndex()
+    {
+      // FIXME: Implement this.
+      throw new UnsupportedOperationException();
+    }
+
+    public float[] getBaselineOffsets()
+    {
+      // FIXME: Implement this.
+      throw new UnsupportedOperationException();
+    }
+
+    /**
+     * Returns the descent of the font.
+     *
+     * @return the descent of the font
+     */
+    public float getDescent()
+    {
+      return fontMetrics.descent;
+    }
+
+    /**
+     * Returns the overall height of the font. This is the distance from
+     * baseline to baseline (usually ascent + descent + leading).
+     *
+     * @return the overall height of the font
+     */
+    public float getHeight()
+    {
+      return fontMetrics.ascent + fontMetrics.descent;
+    }
+
+    /**
+     * Returns the leading of the font.
+     *
+     * @return the leading of the font
+     */
+    public float getLeading()
+    {
+      return fontMetrics.leading;
+    }
+
+    public int getNumChars()
+    {
+      // FIXME: Implement this.
+      throw new UnsupportedOperationException();
+    }
+
+    public float getStrikethroughOffset()
+    {
+      return 0.F; // TODO: Provided by X??
+    }
+
+    public float getStrikethroughThickness()
+    {
+      return 1.F; // TODO: Provided by X??
+    }
+
+    public float getUnderlineOffset()
+    {
+      return 0.F; // TODO: Provided by X??
+    }
+
+    public float getUnderlineThickness()
+    {
+      return 1.F; // TODO: Provided by X??
+    }
+      
+  }
+
+  /**
+   * The X font.
+   */
+  private gnu.x11.Font xfont;
+
+  private String name;
+
+  private int style;
+
+  private int size;
+
+  /**
+   * The font metrics for this font.
+   */
+  XFontMetrics fontMetrics; 
+
+  /**
+   * Creates a new XFontPeer for the specified font name, style and size.
+   *
+   * @param name the font name
+   * @param style the font style (bold / italic / normal)
+   * @param size the size of the font
+   */
+  public XFontPeer(String name, int style, int size)
+  {
+    super(name, style, size);
+    this.name = name;
+    this.style = style;
+    this.size = size;
+  }
+
+  /**
+   * Creates a new XFontPeer for the specified font name and style
+   * attributes.
+   *
+   * @param name the font name
+   * @param atts the font attributes
+   */
+  public XFontPeer(String name, Map atts)
+  {
+    super(name, atts);
+    String family = name;
+    if (family == null || family.equals(""))
+      family = (String) atts.get(TextAttribute.FAMILY);
+    if (family == null)
+      family = "SansSerif";
+
+    int size = 12;
+    Float sizeFl = (Float) atts.get(TextAttribute.SIZE);
+    if (sizeFl != null)
+      size = sizeFl.intValue();
+
+    int style = 0;
+    // Detect italic attribute.
+    Float posture = (Float) atts.get(TextAttribute.POSTURE);
+    if (posture != null && !posture.equals(TextAttribute.POSTURE_REGULAR))
+      style |= Font.ITALIC;
+
+    // Detect bold attribute.
+    Float weight = (Float) atts.get(TextAttribute.WEIGHT);
+    if (weight != null && weight.compareTo(TextAttribute.WEIGHT_REGULAR) > 0)
+      style |= Font.BOLD;
+
+    this.name = name;
+    this.style = style;
+    this.size = size;
+  }
+
+  /**
+   * Initializes the font peer with the specified attributes. This method is
+   * called from both constructors.
+   *
+   * @param name the font name
+   * @param style the font style
+   * @param size the font size
+   */
+  private void init(String name, int style, int size)
+  {
+    GraphicsEnvironment env = GraphicsEnvironment.getLocalGraphicsEnvironment();
+    GraphicsDevice dev = env.getDefaultScreenDevice();
+    if (dev instanceof XGraphicsDevice)
+      {
+        Display display = ((XGraphicsDevice) dev).getDisplay();
+        String fontDescr = encodeFont(name, style, size);
+        if (XToolkit.DEBUG)
+          System.err.println("XLFD font description: " + fontDescr);
+        xfont = new gnu.x11.Font(display, fontDescr);
+      }
+    else
+      {
+        throw new AWTError("Local GraphicsEnvironment is not XWindowGraphicsEnvironment");
+      }
+  }
+
+  public boolean canDisplay(Font font, char c)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public int canDisplayUpTo(Font font, CharacterIterator i, int start, int limit)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public String getSubFamilyName(Font font, Locale locale)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public String getPostScriptName(Font font)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public int getNumGlyphs(Font font)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public int getMissingGlyphCode(Font font)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public byte getBaselineFor(Font font, char c)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public String getGlyphName(Font font, int glyphIndex)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public GlyphVector createGlyphVector(Font font, FontRenderContext frc,
+                                       CharacterIterator ci)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public GlyphVector createGlyphVector(Font font, FontRenderContext ctx,
+                                       int[] glyphCodes)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public GlyphVector layoutGlyphVector(Font font, FontRenderContext frc,
+                                       char[] chars, int start, int limit,
+                                       int flags)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  /**
+   * Returns the font metrics for the specified font.
+   *
+   * @param font the font for which to fetch the font metrics
+   *
+   * @return the font metrics for the specified font
+   */
+  public FontMetrics getFontMetrics(Font font)
+  {
+    if (font.getPeer() != this)
+      throw new AWTError("The specified font has a different peer than this");
+
+    if (fontMetrics == null)
+      fontMetrics = new XFontMetrics(font);
+    return fontMetrics;
+  }
+
+  /**
+   * Frees the font in the X server.
+   */
+  protected void finalize()
+  {
+    if (xfont != null)
+      xfont.close();
+  }
+
+  public boolean hasUniformLineMetrics(Font font)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  /**
+   * Returns the line metrics for this font and the specified string and
+   * font render context.
+   */
+  public LineMetrics getLineMetrics(Font font, CharacterIterator ci, int begin,
+                                    int limit, FontRenderContext rc)
+  {
+    return new XLineMetrics();
+  }
+
+  public Rectangle2D getMaxCharBounds(Font font, FontRenderContext rc)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public Rectangle2D getStringBounds(Font font, CharacterIterator ci,
+                                     int begin, int limit, FontRenderContext frc)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  /**
+   * Encodes a font name + style + size specification into a X logical font
+   * description (XLFD) as described here:
+   *
+   * http://www.meretrx.com/e93/docs/xlfd.html
+   *
+   * This is implemented to look up the font description in the
+   * fonts.properties of this package.
+   *
+   * @param name the font name
+   * @param atts the text attributes
+   *
+   * @return the encoded font description
+   */
+  static String encodeFont(String name, Map atts)
+  {
+    String family = name;
+    if (family == null || family.equals(""))
+      family = (String) atts.get(TextAttribute.FAMILY);
+    if (family == null)
+      family = "SansSerif";
+
+    int size = 12;
+    Float sizeFl = (Float) atts.get(TextAttribute.SIZE);
+    if (sizeFl != null)
+      size = sizeFl.intValue();
+
+    int style = 0;
+    // Detect italic attribute.
+    Float posture = (Float) atts.get(TextAttribute.POSTURE);
+    if (posture != null && !posture.equals(TextAttribute.POSTURE_REGULAR))
+      style |= Font.ITALIC;
+
+    // Detect bold attribute.
+    Float weight = (Float) atts.get(TextAttribute.WEIGHT);
+    if (weight != null && weight.compareTo(TextAttribute.WEIGHT_REGULAR) > 0)
+      style |= Font.BOLD;
+
+    return encodeFont(name, style, size);
+  }
+
+  /**
+   * Encodes a font name + style + size specification into a X logical font
+   * description (XLFD) as described here:
+   *
+   * http://www.meretrx.com/e93/docs/xlfd.html
+   *
+   * This is implemented to look up the font description in the
+   * fonts.properties of this package.
+   *
+   * @param name the font name
+   * @param style the font style
+   * @param size the font size
+   *
+   * @return the encoded font description
+   */
+  static String encodeFont(String name, int style, int size)
+  {
+    StringBuilder key = new StringBuilder();
+    key.append(validName(name));
+    key.append('.');
+    switch (style)
+    {
+      case Font.BOLD:
+        key.append("bold");
+        break;
+      case Font.ITALIC:
+        key.append("italic");
+        break;
+      case (Font.BOLD | Font.ITALIC):
+        key.append("bolditalic");
+        break;
+      case Font.PLAIN:
+      default:
+        key.append("plain");
+      
+    }
+
+    String protoType = fontProperties.getProperty(key.toString());
+    int s = validSize(size);
+    return protoType.replaceFirst("%d", String.valueOf(s * 10));
+  }
+
+  /**
+   * Checks the specified font name for a valid font name. If the font name
+   * is not known, then this returns 'sansserif' as fallback.
+   *
+   * @param name the font name to check
+   *
+   * @return a valid font name
+   */
+  static String validName(String name)
+  {
+    String retVal;
+    if (name.equalsIgnoreCase("sansserif")
+        || name.equalsIgnoreCase("serif")
+        || name.equalsIgnoreCase("monospaced")
+        || name.equalsIgnoreCase("dialog")
+        || name.equalsIgnoreCase("dialoginput"))
+      {
+        retVal = name.toLowerCase();
+      }
+    else
+      {
+        retVal = "sansserif";
+      }
+    return retVal;
+  }
+
+  /**
+   * Translates an arbitrary point size to a size that is typically available
+   * on an X server. These are the sizes 8, 10, 12, 14, 18 and 24.
+   *
+   * @param size the queried size
+   * @return the real available size
+   */
+  private static final int validSize(int size)
+  {
+    int val;
+    if (size <= 9)
+      val = 8;
+    else if (size <= 11)
+      val = 10;
+    else if (size <= 13)
+      val = 12;
+    else if (size <= 17)
+      val = 14;
+    else if (size <= 23)
+      val = 18;
+    else
+      val = 24;
+    return val;
+  }
+
+  /**
+   * Returns the X Font reference. This lazily loads the font when first
+   * requested.
+   *
+   * @return the X Font reference
+   */
+  gnu.x11.Font getXFont()
+  {
+    if (xfont == null)
+      {
+        init(name, style, size);
+      }
+    return xfont;
+  }
+}
diff --git a/libjava/classpath/gnu/java/awt/peer/x/XFontPeer2.java b/libjava/classpath/gnu/java/awt/peer/x/XFontPeer2.java
new file mode 100644
index 00000000000..25371de1a41
--- /dev/null
+++ b/libjava/classpath/gnu/java/awt/peer/x/XFontPeer2.java
@@ -0,0 +1,335 @@
+/* XFontPeer2.java -- A Java based TTF font peer for X
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.java.awt.peer.x;
+
+import java.awt.Font;
+import java.awt.FontMetrics;
+import java.awt.font.FontRenderContext;
+import java.awt.font.GlyphVector;
+import java.awt.font.LineMetrics;
+import java.awt.geom.AffineTransform;
+import java.awt.geom.Point2D;
+import java.awt.geom.Rectangle2D;
+import java.io.File;
+import java.io.FileInputStream;
+import java.nio.ByteBuffer;
+import java.nio.channels.FileChannel;
+import java.text.CharacterIterator;
+import java.text.StringCharacterIterator;
+import java.util.Locale;
+import java.util.Map;
+
+import gnu.java.awt.font.FontDelegate;
+import gnu.java.awt.font.FontFactory;
+import gnu.java.awt.peer.ClasspathFontPeer;
+
+public class XFontPeer2
+  extends ClasspathFontPeer
+{
+
+  private class XLineMetrics
+    extends LineMetrics
+  {
+
+    private Font font;
+//    private CharacterIterator characterIterator;
+//    private int begin;
+//    private int limit;
+    private FontRenderContext fontRenderContext;
+    XLineMetrics(Font f, CharacterIterator ci, int b, int l,
+                 FontRenderContext rc)
+    {
+      font = f;
+//      characterIterator = ci;
+//      begin = b;
+//      limit = l;
+      fontRenderContext = rc;
+    }
+
+    public float getAscent()
+    {
+      return fontDelegate.getAscent(font.getSize(), fontRenderContext.getTransform(),
+                             fontRenderContext.isAntiAliased(),
+                             fontRenderContext.usesFractionalMetrics(), true);
+      }
+
+    public int getBaselineIndex()
+    {
+      // FIXME: Implement this.
+      throw new UnsupportedOperationException("Not yet implemented");
+    }
+
+    public float[] getBaselineOffsets()
+    {
+      // FIXME: Implement this.
+      throw new UnsupportedOperationException("Not yet implemented");
+    }
+
+    public float getDescent()
+    {
+      return (int) fontDelegate.getDescent(font.getSize(),
+                                           new AffineTransform(), false, false,
+                                           false);
+    }
+
+    public float getHeight()
+    {
+      // FIXME: Implement this.
+      throw new UnsupportedOperationException("Not yet implemented");
+    }
+
+    public float getLeading()
+    {
+      // FIXME: Implement this.
+      throw new UnsupportedOperationException("Not yet implemented");
+    }
+
+    public int getNumChars()
+    {
+      // FIXME: Implement this.
+      throw new UnsupportedOperationException("Not yet implemented");
+    }
+
+    public float getStrikethroughOffset()
+    {
+      return 0.F;
+    }
+
+    public float getStrikethroughThickness()
+    {
+      return 0.F;
+    }
+
+    public float getUnderlineOffset()
+    {
+      return 0.F;
+    }
+
+    public float getUnderlineThickness()
+    {
+      return 0.F;
+    }
+    
+  }
+
+  private class XFontMetrics
+    extends FontMetrics
+  {
+    XFontMetrics(Font f)
+    {
+      super(f);
+    }
+
+    public int getAscent()
+    {
+      return (int) fontDelegate.getAscent(getFont().getSize(),
+                                          new AffineTransform(), false, false,
+                                          false);
+    }
+
+    public int getDescent()
+    {
+      return (int) fontDelegate.getDescent(getFont().getSize(),
+                                           new AffineTransform(), false, false,
+                                           false);
+    }
+    
+    public int getHeight()
+    {
+      GlyphVector gv = fontDelegate.createGlyphVector(getFont(),
+                    new FontRenderContext(new AffineTransform(), false, false),
+                    new StringCharacterIterator("m"));
+      Rectangle2D b = gv.getVisualBounds();
+      return (int) b.getHeight();
+    }
+
+    public int charWidth(char c)
+    {
+      Point2D advance = new Point2D.Double();
+      fontDelegate.getAdvance(c, getFont().getSize(), new AffineTransform(),
+                              false, false, true, advance);
+      return (int) advance.getX();
+    }
+
+    public int charsWidth(char[] chars, int offs, int len)
+    {
+      return stringWidth(new String(chars, offs, len));
+    }
+
+    public int stringWidth(String s)
+    {
+      GlyphVector gv = fontDelegate.createGlyphVector(getFont(),
+                    new FontRenderContext(new AffineTransform(), false, false),
+                    new StringCharacterIterator(s));
+      Rectangle2D b = gv.getVisualBounds();
+      return (int) b.getWidth();
+    }
+  }
+
+  private FontDelegate fontDelegate;
+
+  XFontPeer2(String name, int style, int size)
+  {
+    super(name, style, size);
+    try
+      {
+        File fontfile = new File("/usr/share/fonts/truetype/ttf-bitstream-vera/Vera.ttf");
+        FileInputStream in = new FileInputStream(fontfile);
+        FileChannel ch = in.getChannel();
+        ByteBuffer buffer = ch.map(FileChannel.MapMode.READ_ONLY, 0,
+                                   fontfile.length());
+        fontDelegate = FontFactory.createFonts(buffer)[0];
+      }
+    catch (Exception ex)
+      {
+        ex.printStackTrace();
+      }
+  }
+
+  XFontPeer2(String name, Map atts)
+  {
+    super(name, atts);
+    try
+      {
+        File fontfile = new File("/usr/share/fonts/truetype/freefont/FreeSans.ttf");
+        FileInputStream in = new FileInputStream(fontfile);
+        FileChannel ch = in.getChannel();
+        ByteBuffer buffer = ch.map(FileChannel.MapMode.READ_ONLY, 0,
+                                   fontfile.length());
+        fontDelegate = FontFactory.createFonts(buffer)[0];
+      }
+    catch (Exception ex)
+      {
+        ex.printStackTrace();
+      }
+  }
+
+  public boolean canDisplay(Font font, char c)
+  {
+    // FIXME: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented");
+  }
+
+  public int canDisplayUpTo(Font font, CharacterIterator i, int start, int limit)
+  {
+    // FIXME: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented");
+  }
+
+  public String getSubFamilyName(Font font, Locale locale)
+  {
+    // FIXME: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented");
+  }
+
+  public String getPostScriptName(Font font)
+  {
+    // FIXME: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented");
+  }
+
+  public int getNumGlyphs(Font font)
+  {
+    // FIXME: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented");
+  }
+
+  public int getMissingGlyphCode(Font font)
+  {
+    // FIXME: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented");
+  }
+
+  public byte getBaselineFor(Font font, char c)
+  {
+    // FIXME: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented");
+  }
+
+  public String getGlyphName(Font font, int glyphIndex)
+  {
+    // FIXME: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented");
+  }
+
+  public GlyphVector createGlyphVector(Font font, FontRenderContext frc, CharacterIterator ci)
+  {
+    return fontDelegate.createGlyphVector(font, frc, ci);
+  }
+
+  public GlyphVector createGlyphVector(Font font, FontRenderContext ctx, int[] glyphCodes)
+  {
+    // FIXME: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented");
+  }
+
+  public GlyphVector layoutGlyphVector(Font font, FontRenderContext frc, char[] chars, int start, int limit, int flags)
+  {
+    StringCharacterIterator i = new StringCharacterIterator(new String(chars), start, limit, 0);
+    return fontDelegate.createGlyphVector(font, frc, i);
+  }
+
+  public FontMetrics getFontMetrics(Font font)
+  {
+    return new XFontMetrics(font);
+  }
+
+  public boolean hasUniformLineMetrics(Font font)
+  {
+    // FIXME: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented");
+  }
+
+  public LineMetrics getLineMetrics(Font font, CharacterIterator ci, int begin, int limit, FontRenderContext rc)
+  {
+    return new XLineMetrics(font, ci, begin, limit, rc);
+  }
+
+  public Rectangle2D getMaxCharBounds(Font font, FontRenderContext rc)
+  {
+    // FIXME: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented");
+  }
+
+  public Rectangle2D getStringBounds(Font font, CharacterIterator ci, int begin, int limit, FontRenderContext frc)
+  {
+    // FIXME: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented");
+  }
+
+}
diff --git a/libjava/classpath/gnu/java/awt/peer/x/XFramePeer.java b/libjava/classpath/gnu/java/awt/peer/x/XFramePeer.java
new file mode 100644
index 00000000000..439a2a7bbf1
--- /dev/null
+++ b/libjava/classpath/gnu/java/awt/peer/x/XFramePeer.java
@@ -0,0 +1,140 @@
+/* XFramePeer.java -- The X FramePeer implementation
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.java.awt.peer.x;
+
+import java.awt.Component;
+import java.awt.EventQueue;
+import java.awt.Font;
+import java.awt.FontMetrics;
+import java.awt.Frame;
+import java.awt.Graphics;
+import java.awt.Image;
+import java.awt.Insets;
+import java.awt.MenuBar;
+import java.awt.Point;
+import java.awt.Rectangle;
+import java.awt.event.PaintEvent;
+import java.awt.event.WindowEvent;
+import java.awt.peer.FramePeer;
+
+import gnu.java.awt.peer.swing.SwingFramePeer;
+import gnu.x11.Window;
+import gnu.x11.event.Event;
+
+public class XFramePeer
+  extends XWindowPeer
+  implements FramePeer
+{
+
+  XFramePeer(Frame f)
+  {
+    super(f);
+  }
+
+  public void setIconImage(Image image)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public void setMenuBar(MenuBar mb)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public void setResizable(boolean resizable)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public void setTitle(String title)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public int getState()
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public void setState(int state)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public void setMaximizedBounds(Rectangle r)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+  
+  /**
+   * Check if this frame peer supports being restacked.
+   * 
+   * @return true if this frame peer can be restacked,
+   * false otherwise
+   * @since 1.5
+   */
+  public boolean isRestackSupported()
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+  
+  /**
+   * Sets the bounds of this frame peer.
+   * 
+   * @param x the new x co-ordinate
+   * @param y the new y co-ordinate
+   * @param width the new width
+   * @param height the new height
+   * @since 1.5
+   */
+  public void setBoundsPrivate(int x, int y, int width, int height)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+}
diff --git a/libjava/classpath/gnu/java/awt/peer/x/XGraphics.java b/libjava/classpath/gnu/java/awt/peer/x/XGraphics.java
new file mode 100644
index 00000000000..134d7d3305e
--- /dev/null
+++ b/libjava/classpath/gnu/java/awt/peer/x/XGraphics.java
@@ -0,0 +1,792 @@
+/* XGraphics.java -- The Graphics implementation for X
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.java.awt.peer.x;
+
+import gnu.x11.Colormap;
+import gnu.x11.Data;
+import gnu.x11.Display;
+import gnu.x11.Drawable;
+import gnu.x11.GC;
+import gnu.x11.Pixmap;
+import gnu.x11.Point;
+import gnu.x11.image.ZPixmap;
+
+import java.awt.AWTError;
+import java.awt.Color;
+import java.awt.Font;
+import java.awt.FontMetrics;
+import java.awt.Graphics;
+import java.awt.Image;
+import java.awt.Rectangle;
+import java.awt.Shape;
+import java.awt.Toolkit;
+import java.awt.Transparency;
+import java.awt.image.BufferedImage;
+import java.awt.image.ImageObserver;
+import java.awt.image.ImageProducer;
+import java.text.AttributedCharacterIterator;
+import java.util.HashMap;
+
+public class XGraphics
+  extends Graphics
+  implements Cloneable
+{
+
+  /**
+   * The X Drawable to draw on.
+   */
+  private Drawable xdrawable;
+
+  /**
+   * The X graphics context (GC).
+   */
+  private GC xgc;
+
+  /**
+   * The current translation.
+   */
+  private int translateX;
+  private int translateY;
+
+  /**
+   * The current clip. Possibly null.
+   */
+  private Rectangle clip;
+
+  /**
+   * The current font, possibly null.
+   */
+  private Font font;
+
+  /**
+   * The current foreground color, possibly null.
+   */
+  private Color foreground;
+
+  /**
+   * Indicates if this object has been disposed.
+   */
+  private boolean disposed = false;
+
+  // TODO: Workaround for limitation in current Escher.
+  private Pixmap.Format pixmapFormat;
+  private int imageByteOrder;
+  private int pixelByteCount;
+  
+  /**
+   * Creates a new XGraphics on the specified X Drawable.
+   *
+   * @param d the X Drawable for which we create the Graphics
+   */
+  XGraphics(Drawable d)
+  {
+    xdrawable = d;
+    xgc = new GC(d);
+    translateX = 0;
+    translateY = 0;
+    clip = new Rectangle(0, 0, d.width, d.height);
+
+    Display display = xdrawable.display;
+    pixmapFormat = display.default_pixmap_format;
+    imageByteOrder = display.image_byte_order;
+    pixelByteCount = pixmapFormat.bits_per_pixel () / 8;
+  }
+
+  /**
+   * Creates an exact copy of this graphics context.
+   *
+   * @return an exact copy of this graphics context
+   */
+  public Graphics create()
+  {
+    XGraphics copy = (XGraphics) clone();
+    return copy;
+  }
+
+  /**
+   * Translates the origin by (x, y).
+   */
+  public void translate(int x, int y)
+  {
+    translateX += x;
+    translateY += y;
+    if (clip != null)
+      {
+        clip.x -= x;
+        clip.y -= y;
+      }
+  }
+
+  /**
+   * Returns the current foreground color, possibly <code>null</code>.
+   *
+   * @return the current foreground color, possibly <code>null</code>
+   */
+  public Color getColor()
+  {
+    return foreground;
+  }
+
+  /**
+   * Sets the current foreground color. A <code>null</code> value doesn't
+   * change the current setting.
+   *
+   * @param c the foreground color to set
+   */
+  public void setColor(Color c)
+  {
+    if (c != null)
+      {
+        XToolkit tk = (XToolkit) Toolkit.getDefaultToolkit();
+        HashMap colorMap = tk.colorMap;
+        gnu.x11.Color col = (gnu.x11.Color) colorMap.get(c);
+        if (col == null)
+          {
+            Colormap map = xdrawable.display.default_colormap;
+            col = map.alloc_color (c.getRed() * 256,
+                                   c.getGreen() * 256,
+                                   c.getBlue() * 256);
+            colorMap.put(c, col);
+          }
+        xgc.set_foreground(col);
+        foreground = c;
+      }
+  }
+
+  public void setPaintMode()
+  {
+    // FIXME: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented");
+  }
+
+  public void setXORMode(Color color)
+  {
+    // FIXME: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented");
+  }
+
+  /**
+   * Returns the current font, possibly <code>null</code>.
+   *
+   * @return the current font, possibly <code>null</code>
+   */
+  public Font getFont()
+  {
+    return font;
+  }
+
+  /**
+   * Sets the font on the graphics context. A <code>null</code> value doesn't
+   * change the current setting.
+   *
+   * @param f the font to set
+   */
+  public void setFont(Font f)
+  {
+    if (f != null)
+      {
+        XFontPeer xFontPeer = (XFontPeer) f.getPeer();
+        xgc.set_font(xFontPeer.getXFont());
+        font = f;
+      }
+  }
+
+  /**
+   * Returns the font metrics for the specified font.
+   *
+   * @param font the font for which we want the font metrics
+   *
+   * @return the font metrics for the specified font
+   */
+  public FontMetrics getFontMetrics(Font font)
+  {
+    if (font == null)
+      {
+        if (this.font == null)
+          setFont(new Font("Dialog", Font.PLAIN, 12));
+        font = this.font;
+      }
+    XFontPeer xFontPeer = (XFontPeer) font.getPeer();
+    return xFontPeer.getFontMetrics(font);
+  }
+
+  /**
+   * Returns the bounds of the current clip.
+   *
+   * @return the bounds of the current clip
+   */
+  public Rectangle getClipBounds()
+  {
+    return clip != null ? clip.getBounds() : null;
+  }
+
+  /**
+   * Clips the current clip with the specified clip.
+   */
+  public void clipRect(int x, int y, int width, int height)
+  {
+    if (clip == null)
+      {
+        clip = new Rectangle(x, y, width, height);
+      }
+    else
+      {
+        computeIntersection(x, y, width, height, clip);
+      }
+    // Update the X clip setting.
+    setXClip(clip.x, clip.y, clip.width, clip.height);
+  }
+
+  /**
+   * Returns <code>true</code> when the specified rectangle intersects with
+   * the current clip, <code>false</code> otherwise. This is overridden to
+   * avoid unnecessary creation of Rectangles via getBounds().
+   *
+   * @param x the x coordinate of the rectangle
+   * @param y the y coordinate of the rectangle
+   * @param w the width of the rectangle
+   * @param h the height of the rectangle
+   *
+   * @return <code>true</code> when the specified rectangle intersects with
+   *         the current clip, <code>false</code> otherwise
+   */
+  public boolean hitClip(int x, int y, int w, int h)
+  {
+    boolean hit;
+    if (clip == null)
+      {
+        hit = true;
+      }
+    else
+      {
+        // It's easier to determine if the rectangle lies outside the clip,
+        // so we determine that and reverse the result (if it's not completely
+        // outside, it most likely hits the clip rectangle).
+        int x2 = x + w;
+        int y2 = y + h;
+        int clipX2 = clip.x + clip.width;
+        int clipY2 = clip.y + clip.height;
+        boolean outside = (x < clip.x && x2 < clip.x)     // Left.
+                          || (x > clipX2  && x2 > clipX2) // Right.
+                          || (y < clip.y && y2 < clip.y)  // Top.
+                          || (y > clipY2 && y2 > clipY2); // Bottom.
+        hit = ! outside;
+      }
+    return hit;
+  }
+
+  public void setClip(int x, int y, int width, int height)
+  {
+    if (clip != null)
+      clip.setBounds(x, y, width, height);
+    else
+      clip = new Rectangle(x, y, width, height);
+    setXClip(clip.x, clip.y, clip.width, clip.height);
+  }
+
+  /**
+   * Sets the clip on the X server GC. The coordinates are not yet translated,
+   * this will be performed by the X server.
+   *
+   * @param x the clip, X coordinate
+   * @param y the clip, Y coordinate
+   * @param w the clip, width
+   * @param h the clip, height
+   */
+  private void setXClip(int x, int y, int w, int h)
+  {
+    gnu.x11.Rectangle[] clipRects = new gnu.x11.Rectangle[] {
+                                  new gnu.x11.Rectangle(x, y, w, h) };
+    xgc.set_clip_rectangles(translateX, translateY, clipRects, GC.YX_BANDED);
+  }
+
+  public Shape getClip()
+  {
+    // Return a copy here, so nobody can trash our clip.
+    return clip == null ? null : clip.getBounds();
+  }
+
+  /**
+   * Sets the current clip.
+   *
+   * @param c the clip to set
+   */
+  public void setClip(Shape c)
+  {
+    if (c != null)
+      {
+        Rectangle b;
+        if (c instanceof Rectangle)
+          {
+            b = (Rectangle) c;
+          }
+        else
+          {
+            b = c.getBounds();
+          }
+        clip.setBounds(b);
+        setXClip(b.x, b.y, b.width, b.height);
+      }
+    else
+      {
+        clip.setBounds(0, 0, xdrawable.width, xdrawable.height);
+        setXClip(0, 0, xdrawable.width, xdrawable.height);
+      }
+  }
+
+  public void copyArea(int x, int y, int width, int height, int dx, int dy)
+  {
+    // Clip and translate src rectangle.
+    int srcX = Math.min(Math.max(x, clip.x), clip.x + clip.width)
+               + translateX;
+    int srcY = Math.min(Math.max(y, clip.y), clip.y + clip.height)
+               + translateY;
+    int srcWidth = Math.min(Math.max(x + width, clip.x),
+                            clip.x + clip.width) - x;
+    int srcHeight = Math.min(Math.max(y + height, clip.y),
+                            clip.y + clip.height) - y;
+    xdrawable.copy_area(xdrawable, xgc, srcX, srcY, srcWidth, srcHeight,
+                        srcX + dx, srcY + dy);
+  }
+
+  /**
+   * Draws a line from point (x1, y1) to point (x2, y2).
+   */
+  public void drawLine(int x1, int y1, int x2, int y2)
+  {
+    //System.err.println("drawLine: " + (x1 + translateX) + ", " + ( y1 + translateY) + ", " + (x2 + translateX) + ", " + (y2 + translateY) + " on: " + xdrawable);
+    xdrawable.line(xgc, x1 + translateX, y1 + translateY,
+                   x2 + translateX, y2 + translateY);
+  }
+
+  /**
+   * Fills the specified rectangle.
+   */
+  public void fillRect(int x, int y, int width, int height)
+  {
+    xdrawable.rectangle(xgc, x + translateX, y + translateY,
+                        width, height, true);
+  }
+
+  public void clearRect(int x, int y, int width, int height)
+  {
+    xgc.set_foreground(Color.WHITE.getRGB());
+    xdrawable.rectangle(xgc, x, y, width, height, true);
+    if (foreground != null)
+      xgc.set_foreground(foreground.getRGB());
+  }
+
+  public void drawRoundRect(int x, int y, int width, int height, int arcWidth,
+                            int arcHeight)
+  {
+    // Draw 4 lines.
+    int arcRadiusX = arcWidth / 2;
+    int arcRadiusY = arcHeight / 2;
+    drawLine(x + arcRadiusX, y, x + width - arcRadiusX, y);
+    drawLine(x, y + arcRadiusY, x, y + height - arcRadiusY);
+    drawLine(x + arcRadiusX, y + height, x + width - arcRadiusX, y + height);
+    drawLine(x + width, y + arcRadiusY, x + width, y + height - arcRadiusY);
+
+    // Draw the 4 arcs at the corners.
+    // Upper left.
+    drawArc(x, y, arcWidth, arcHeight, 90, 90);
+    // Lower left.
+    drawArc(x, y + height - arcHeight, arcWidth, arcHeight, 180, 90);
+    // Upper right.
+    drawArc(x + width - arcWidth, y, arcWidth, arcHeight, 0, 90);
+    // Lower right.
+    drawArc(x + width - arcWidth, y + height - arcHeight, arcWidth, arcHeight,
+            270, 90);
+  }
+
+  public void fillRoundRect(int x, int y, int width, int height, int arcWidth,
+                            int arcHeight)
+  {
+    // Fill the 3 rectangles that make up the inner area.
+    int arcRadiusX = arcWidth / 2;
+    int arcRadiusY = arcHeight / 2;
+    // Left.
+    fillRect(x, y + arcRadiusY, arcRadiusX, height - arcHeight);
+    // Middle.
+    fillRect(x + arcRadiusX, y, width - arcWidth, height);
+    // Right.
+    fillRect(x + width - arcRadiusX, y + arcRadiusY, arcRadiusX,
+             height - arcHeight);
+
+    // Fill the 4 arcs in the corners.
+    // Upper left.
+    fillArc(x, y, arcWidth, arcHeight, 90, 90);
+    // Lower left.
+    fillArc(x, y + height - arcHeight, arcWidth, arcHeight, 180, 90);
+    // Upper right.
+    fillArc(x + width - arcWidth, y, arcWidth, arcHeight, 0, 90);
+    // Lower right.
+    fillArc(x + width - arcWidth, y + height - arcHeight, arcWidth, arcHeight,
+            270, 90);
+  }
+
+  public void drawOval(int x, int y, int width, int height)
+  {
+    xdrawable.arc(xgc, x, y, width, height, 0, 360 * 64, false);
+  }
+
+  public void fillOval(int x, int y, int width, int height)
+  {
+    xdrawable.arc(xgc, x, y, width, height, 0, 360 * 64, true);
+  }
+
+  public void drawArc(int x, int y, int width, int height, int arcStart,
+                      int arcAngle)
+  {
+    xdrawable.arc(xgc, x, y, width, height, arcStart * 64, arcAngle * 64, false);
+  }
+
+  public void fillArc(int x, int y, int width, int height, int arcStart,
+                      int arcAngle)
+  {
+    xdrawable.arc(xgc, x, y, width, height, arcStart * 64, arcAngle * 64, true);
+  }
+
+  public void drawPolyline(int[] xPoints, int[] yPoints, int npoints)
+  {
+    int numPoints = Math.min(xPoints.length, yPoints.length);
+    Point[] points = new Point[numPoints];
+    // FIXME: Improve Escher API to accept arrays to avoid creation
+    // of many Point objects.
+    for (int i = 0; i < numPoints; i++)
+      points[i] = new Point(xPoints[i], yPoints[i]);
+    xdrawable.poly_line(xgc, points, Drawable.ORIGIN);
+  }
+
+  public void drawPolygon(int[] xPoints, int[] yPoints, int npoints)
+  {
+    int numPoints = Math.min(xPoints.length, yPoints.length);
+    Point[] points = new Point[numPoints];
+    // FIXME: Improve Escher API to accept arrays to avoid creation
+    // of many Point objects.
+    for (int i = 0; i < numPoints; i++)
+      points[i] = new Point(xPoints[i], yPoints[i]);
+    xdrawable.poly_line(xgc, points, Drawable.ORIGIN);
+  }
+
+  public void fillPolygon(int[] xPoints, int[] yPoints, int npoints)
+  {
+    int numPoints = Math.min(xPoints.length, yPoints.length);
+    Point[] points = new Point[numPoints];
+    // FIXME: Improve Escher API to accept arrays to avoid creation
+    // of many Point objects.
+    for (int i = 0; i < numPoints; i++)
+      points[i] = new Point(xPoints[i], yPoints[i]);
+    xdrawable.fill_poly(xgc, points, Drawable.COMPLEX, Drawable.ORIGIN);
+  }
+
+  /**
+   * Draws the specified string at (x, y).
+   */
+  public void drawString(String string, int x, int y)
+  {
+    if (disposed)
+      throw new AWTError("XGraphics already disposed");
+
+    xdrawable.text(xgc, x + translateX, y + translateY, string);
+  }
+
+  public void drawString(AttributedCharacterIterator ci, int x, int y)
+  {
+    // FIXME: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented");
+  }
+
+  /**
+   * Draws the specified image on the drawable at position (x,y).
+   */
+  public boolean drawImage(Image image, int x, int y, ImageObserver observer)
+  {
+    if (image instanceof XImage)
+      {
+        XImage xim = (XImage) image;
+        Pixmap pm = xim.pixmap;
+        xdrawable.copy_area(pm, xgc, 0, 0, pm.width, pm.height,
+                            x + translateX, y + translateY);
+      }
+    else if (image instanceof BufferedImage
+        && ((BufferedImage) image).getTransparency() != Transparency.OPAQUE)
+      {
+        BufferedImage bi = (BufferedImage) image;
+        int width = bi.getWidth();
+        int height = bi.getHeight();
+        Data img = xdrawable.image(x + translateX, y + translateY,
+                                   width, height, 0xFFFFFFFF, 2);
+
+        // Compute line byte count.
+        int lineBitCount = width * pixmapFormat.bits_per_pixel ();
+        int rem = lineBitCount % pixmapFormat.scanline_pad ();
+        int linePadCount = lineBitCount / pixmapFormat.scanline_pad ()
+                             + (rem == 0 ? 0 : 1);
+        int lineByteCount = linePadCount * pixmapFormat.scanline_pad () / 8;
+
+        // Composite source and destination pixel data.
+        int[] trgb = new int[3]; // The device rgb pixels.
+        for (int yy = 0; yy < height; yy++)
+          {
+            for (int xx = 0; xx < width; xx++)
+              {
+                getRGB(xx, yy, img, trgb, lineByteCount);
+                int srgb = bi.getRGB(xx, yy);
+                float alpha = ((srgb >> 24) & 0xff) / 256F;
+                float tAlpha = 1.F - alpha;
+                int red = (srgb >> 16) & 0xFF;
+                int green = (srgb >> 8) & 0xFF;
+                int blue = (srgb) & 0xFF;
+                trgb[0] = (int) (trgb[0] * tAlpha + red * alpha);
+                trgb[1] = (int) (trgb[1] * tAlpha + green * alpha);
+                trgb[2] = (int) (trgb[2] * tAlpha + blue * alpha);
+                setRGB(xx, yy, img, trgb, lineByteCount);
+              }
+          }
+
+        // Now we have the transparent image composited onto the target
+        // Image, now we only must copy it to the Drawable.
+        ZPixmap pm = new ZPixmap(xdrawable.display);
+        pm.width = width;
+        pm.height = height;
+        pm.init();
+        System.arraycopy(img.data, 32, pm.data, 0, img.data.length - 32);
+        xdrawable.put_image(xgc, pm, x + translateX, y + translateY);
+      }
+    else
+      {
+        // Pre-render the image into an XImage.
+        ImageProducer source = image.getSource();
+        ImageConverter conv = new ImageConverter();
+        source.startProduction(conv);
+        XImage xim = conv.getXImage();
+        Pixmap pm = xim.pixmap;
+        xdrawable.copy_area(pm, xgc, 0, 0, pm.width, pm.height,
+                            x + translateX, y + translateY);
+      }
+    return true;
+  }
+
+  /**
+   * Helper method to work around limitation in the current Escher impl.
+   *
+   * @param x the x position
+   * @param y the y position
+   * @param img the image data
+   * @param rgb an 3-size array that holds the rgb values on method exit
+   */
+  private void getRGB(int x, int y, Data img, int[] rgb, int lineByteCount)
+  {
+    // TODO: Does this also work on non-RGB devices?
+    int i = y * lineByteCount + pixelByteCount * x;
+    if (imageByteOrder == gnu.x11.image.Image.LSB_FIRST)
+      {//if (i >= 5716-33) System.err.println("lbc: " + lineByteCount + ", " + pixelByteCount);
+        rgb[2] = img.data[32 + i];
+        rgb[1] = img.data[32 + i + 1];
+        rgb[0] = img.data[32 + i + 2];
+      }
+    else
+      {                    // MSB_FIRST
+        rgb[0] = img.data[32 + i];
+        rgb[1] = img.data[32 + i + 1];
+        rgb[2] = img.data[32 + i + 2];
+      }
+
+  }
+
+  /**
+   * Helper method to work around limitation in the current Escher impl.
+   *
+   * @param x the x position
+   * @param y the y position
+   * @param img the image data
+   * @param rgb an 3-size array that holds the rgb values on method exit
+   */
+  private void setRGB(int x, int y, Data img, int[] rgb, int lineByteCount)
+  {
+    // TODO: Does this also work on non-RGB devices?
+    int i = y * lineByteCount + pixelByteCount * x;
+    if (imageByteOrder == gnu.x11.image.Image.LSB_FIRST)
+      {
+        img.data[32 + i] = (byte) rgb[2];
+        img.data[32 + i + 1] = (byte) rgb[1];
+        img.data[32 + i + 2] = (byte) rgb[0];
+      }
+    else
+      {                    // MSB_FIRST
+        img.data[32 + i] = (byte) rgb[0];
+        img.data[32 + i + 1] = (byte) rgb[1];
+        img.data[32 + i + 2] = (byte) rgb[2];
+      }
+  }
+
+  public boolean drawImage(Image image, int x, int y, int width, int height,
+                           ImageObserver observer)
+  {
+    // FIXME: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented");
+  }
+
+  public boolean drawImage(Image image, int x, int y, Color bgcolor,
+                           ImageObserver observer)
+  {
+    // FIXME: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented");
+  }
+
+  public boolean drawImage(Image image, int x, int y, int width, int height,
+                           Color bgcolor, ImageObserver observer)
+  {
+    // FIXME: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented");
+  }
+
+  public boolean drawImage(Image image, int dx1, int dy1, int dx2, int dy2,
+                           int sx1, int sy1, int sx2, int sy2,
+                           ImageObserver observer)
+  {
+    return drawImage(image, dx1, dy1, dx2, dy2, sx1, sy1, sx2, sy2, null,
+                     observer);
+  }
+
+  public boolean drawImage(Image image, int dx1, int dy1, int dx2, int dy2,
+                           int sx1, int sy1, int sx2, int sy2, Color bgcolor,
+                           ImageObserver observer)
+  {
+
+    // FIXME: What to do with bgcolor?
+
+    // Scale the image.
+    int sw = image.getWidth(observer);
+    int sh = image.getHeight(observer);
+    double scaleX = Math.abs(dx2 - dx1) / (double) Math.abs(sx2 - sx1);
+    double scaleY = Math.abs(dy2 - dy1) / (double) Math.abs(sy2 - sy1);
+    Image scaled = image.getScaledInstance((int) (scaleX * sw),
+                                           (int) (scaleY * sh),
+                                           Image.SCALE_FAST);
+
+    // Scaled source coordinates.
+    int sx1s = (int) (scaleX * Math.min(sx1, sx2));
+    int sx2s = (int) (scaleX * Math.max(sx1, sx2));
+
+    // Temporarily clip to the target rectangle.
+    Rectangle old = clip;
+    clipRect(dx1, dy1, dx2 - dx1, dy2 - dy1);
+
+    // Draw scaled image.
+    boolean res = drawImage(scaled, dx1 - sx1s, dy1 - sx2s, observer);
+
+    // Reset clip.
+    setClip(old);
+
+    return res;
+  }
+
+  /**
+   * Frees any resources associated with this object.
+   */
+  public void dispose()
+  {
+    if (! disposed)
+      {
+        xgc.free();
+        xdrawable.display.flush();
+        disposed = true;
+      }
+  }
+
+  // Additional helper methods.
+
+  /**
+   * Creates and returns an exact copy of this XGraphics.
+   */
+  protected Object clone()
+  {
+    try
+      {
+        XGraphics copy = (XGraphics) super.clone();
+        copy.xgc = xgc.copy();
+        if (clip != null)
+          {
+            copy.clip = new Rectangle(clip);
+            copy.setXClip(clip.x, clip.y, clip.width, clip.height);
+          }
+        return copy;
+      }
+    catch (CloneNotSupportedException ex)
+      {
+        assert false;
+      }
+    return null;
+  }
+  
+  /**
+   * Computes the intersection between two rectangles and stores the result
+   * int the second rectangle.
+   *
+   * This method has been copied from {@link javax.swing.SwingUtilities}.
+   *
+   * @param x the x coordinate of the rectangle #1
+   * @param y the y coordinate of the rectangle #1
+   * @param w the width of the rectangle #1
+   * @param h the height of the rectangle #1
+   * @param rect the rectangle #2 and output rectangle
+   */
+  private static void computeIntersection(int x, int y, int w, int h,
+                                          Rectangle rect)
+  {
+    int x2 = (int) rect.x;
+    int y2 = (int) rect.y;
+    int w2 = (int) rect.width;
+    int h2 = (int) rect.height;
+
+    int dx = (x > x2) ? x : x2;
+    int dy = (y > y2) ? y : y2;
+    int dw = (x + w < x2 + w2) ? (x + w - dx) : (x2 + w2 - dx);
+    int dh = (y + h < y2 + h2) ? (y + h - dy) : (y2 + h2 - dy);
+
+    if (dw >= 0 && dh >= 0)
+      rect.setBounds(dx, dy, dw, dh);
+    else
+      rect.setBounds(0, 0, 0, 0);
+  }
+
+
+}
diff --git a/libjava/classpath/gnu/java/awt/peer/x/XGraphics2D.java b/libjava/classpath/gnu/java/awt/peer/x/XGraphics2D.java
new file mode 100644
index 00000000000..5dc79ff5c2b
--- /dev/null
+++ b/libjava/classpath/gnu/java/awt/peer/x/XGraphics2D.java
@@ -0,0 +1,295 @@
+/* XGraphics2D.java -- A Java based Graphics2D impl for X
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.java.awt.peer.x;
+
+import java.awt.Graphics;
+import java.awt.GraphicsConfiguration;
+import java.awt.Rectangle;
+import java.awt.Shape;
+import java.awt.Toolkit;
+import java.awt.geom.AffineTransform;
+import java.awt.image.ColorModel;
+import java.awt.image.Raster;
+
+import gnu.java.awt.java2d.AbstractGraphics2D;
+import gnu.x11.Drawable;
+import gnu.x11.GC;
+import gnu.x11.image.ZPixmap;
+
+public class XGraphics2D
+  extends AbstractGraphics2D
+{
+
+  /**
+   * The X Drawable to draw on.
+   */
+  private Drawable xdrawable;
+
+  /**
+   * The X graphics context (GC).
+   */
+  private GC xgc;
+
+  /**
+   * Indicates if this graphics has already been disposed.
+   */
+  private boolean disposed;
+
+  XGraphics2D(Drawable d)
+  {
+    super();
+    xdrawable = d;
+    xgc = new GC(d);
+    init();
+    disposed = false;
+    //setClip(new Rectangle(0, 0, xdrawable.width, xdrawable.height));
+  }
+
+  /**
+   * Draws a pixel in the target coordinate space using the specified color.
+   * 
+   * @param x the x coordinate
+   * @param y the y coordinate
+   */
+  protected void rawSetPixel(int x, int y)
+  {
+    xdrawable.point(xgc, x, y);
+  }
+
+//  protected void rawFillPolygon(double[] xpoints, double[] ypoints, int npoints)
+//  {
+//    Point[] points = new Point[npoints];
+//    for (int n = 0; n < npoints; n++)
+//      {
+//        points[n] = new Point((int) xpoints[n], (int) ypoints[n]);
+//      }
+//    xdrawable.fill_poly(xgc, points, Drawable.COMPLEX, Drawable.ORIGIN);
+//    xdrawable.display.flush();
+//  }
+
+  protected void rawDrawLine(int x0, int y0, int x1, int y1)
+  {
+    xdrawable.line(xgc, x0, y0, x1, y1);
+  }
+
+  protected void rawFillRect(int x, int y, int w, int h)
+  {
+    xdrawable.rectangle(xgc, x, y, w, h, true);
+  }
+
+  protected void rawSetForeground(java.awt.Color c)
+  {
+    if (c != null)
+      xgc.set_foreground(c.getRGB());
+  }
+
+  protected void rawSetForeground(int r, int g, int b)
+  {
+    xgc.set_foreground( r << 16 | g << 8 | b );
+  }
+
+  /**
+   * Returns the color model of this Graphics object.
+   *
+   * @return the color model of this Graphics object
+   */
+  protected ColorModel getColorModel()
+  {
+    return Toolkit.getDefaultToolkit().getColorModel();
+  }
+
+  /**
+   * Returns the color model of the target device.
+   *
+   * @return the color model of the target device
+   */
+  protected ColorModel getDestinationColorModel()
+  {
+    return Toolkit.getDefaultToolkit().getColorModel();
+  }
+
+  /**
+   * Returns the bounds of the target.
+   *
+   * @return the bounds of the target
+   */
+  protected Rectangle getDeviceBounds()
+  {
+    return new Rectangle(0, 0, xdrawable.width, xdrawable.height);
+  }
+
+  public GraphicsConfiguration getDeviceConfiguration()
+  {
+    // FIXME: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented");
+  }
+
+  public void dispose()
+  {
+    if (!disposed)
+      {
+        xgc.free();
+        xdrawable.display.flush();
+        disposed = true;
+      }
+  }
+
+  public Graphics create()
+  {
+    // super.create() returns a copy created by clone(), so it should
+    // be a XGraphics2D.
+    XGraphics2D copy = (XGraphics2D) super.create();
+    copy.xgc = xgc.copy();
+    return copy;
+  }
+
+//  /**
+//   * Draws the specified image on the drawable at position (x,y).
+//   */
+//
+//  public boolean drawImage(Image image, int x, int y, ImageObserver observer)
+//  {
+//    AffineTransform transform = getTransform();
+//    int translateX = (int) transform.getTranslateX();
+//    int translateY = (int) transform.getTranslateY();
+//    if (image instanceof XImage)
+//      {
+//        XImage xim = (XImage) image;
+//        Pixmap pm = xim.pixmap;
+//        xdrawable.copy_area(pm, xgc, 0, 0, pm.width, pm.height,
+//                            x + translateX, y + translateY);
+//      }
+//    else if (image instanceof BufferedImage)
+//      {
+//        BufferedImage bufferedImage = (BufferedImage) image;
+//        Raster raster = bufferedImage.getData();
+//        int w = bufferedImage.getWidth();
+//        int h = bufferedImage.getHeight();
+//        // Push data to X server.
+//        ZPixmap zPixmap = new ZPixmap(xdrawable.display, w, h,
+//                                      xdrawable.display.default_pixmap_format);
+//        System.err.println("data buffer length: " + zPixmap.data.length);
+//        int[] pixel = new int[4];
+//        for (int tx = 0; tx < w; tx++)
+//          {
+//            for (int ty = 0; ty < h; ty++)
+//              {
+//                pixel = raster.getPixel(tx, ty, pixel);
+////                System.err.print("r: " + pixel[0]);
+////                System.err.print(", g: " + pixel[1]);
+////                System.err.println(", b: " + pixel[2]);
+//                zPixmap.set_red(tx, ty, pixel[0]);
+//                zPixmap.set_green(tx, ty, pixel[1]);
+//                zPixmap.set_blue(tx, ty, pixel[2]);
+//              }
+//          }
+//        xdrawable.put_image(xgc, zPixmap, x, y);
+//      }
+//    else
+//      {
+//        throw new UnsupportedOperationException("Not yet implemented.");
+//      }
+//    return true;
+//  }
+//
+  public void setClip(Shape c)
+  {
+    super.setClip(c);
+    if (c instanceof Rectangle)
+      {
+        Rectangle r = (Rectangle) c;
+        AffineTransform t = getTransform();
+        int translateX = (int) t.getTranslateX();
+        //System.err.println("translateX: " + translateX);
+        int translateY = (int) t.getTranslateY();
+        //System.err.println("translateY: " + translateY);
+        //System.err.println("clip: " + c);
+        gnu.x11.Rectangle clip = new gnu.x11.Rectangle(r.x, r.y, r.width,
+                                                       r.height);
+        xgc.set_clip_rectangles(translateX, translateY,
+                                new gnu.x11.Rectangle[]{clip}, GC.UN_SORTED);
+      }
+  }
+
+  /**
+   * Notifies the backend that the raster has changed in the specified
+   * rectangular area. The raster that is provided in this method is always
+   * the same as the one returned in {@link #getDestinationRaster}.
+   * Backends that reflect changes to this raster directly don't need to do
+   * anything here.
+   *
+   * @param raster the updated raster, identical to the raster returned
+   *        by {@link #getDestinationRaster()}
+   * @param x the upper left corner of the updated region, X coordinate
+   * @param y the upper lef corner of the updated region, Y coordinate
+   * @param w the width of the updated region
+   * @param h the height of the updated region
+   */
+  protected void updateRaster(Raster raster, int x, int y, int w, int h)
+  {
+    if (w > 0 && h > 0)
+      {
+        ZPixmap zPixmap = new ZPixmap(xdrawable.display, w, h,
+                                      xdrawable.display.default_pixmap_format);
+        int[] pixel = null;
+        int x1 = x + w;
+        int y1 = y + h;
+        for (int tx = x; tx < x1; tx++)
+          {
+            for (int ty = y; ty < y1; ty++)
+              {
+                pixel = raster.getPixel(tx, ty, pixel);
+                //System.err.println("tx: " + tx + ", ty: " + ty + ", pixel: " + pixel[0] + ", " + pixel[1] + ", " + pixel[2]);
+//              System.err.print("r: " + pixel[0]);
+//              System.err.print(", g: " + pixel[1]);
+//              System.err.println(", b: " + pixel[2]);
+                zPixmap.set_red(tx - x, ty - y, pixel[0]);
+                zPixmap.set_green(tx - x, ty - y, pixel[1]);
+                zPixmap.set_blue(tx - x, ty - y, pixel[2]);
+              }
+          }
+        xdrawable.put_image(xgc, zPixmap, x, y);
+      }
+  }
+
+
+  protected void init()
+  {
+    super.init();
+  }
+}
diff --git a/libjava/classpath/gnu/java/awt/peer/x/XGraphicsConfiguration.java b/libjava/classpath/gnu/java/awt/peer/x/XGraphicsConfiguration.java
new file mode 100644
index 00000000000..d6e66cbd202
--- /dev/null
+++ b/libjava/classpath/gnu/java/awt/peer/x/XGraphicsConfiguration.java
@@ -0,0 +1,118 @@
+/* XGraphicsConfiguration.java -- GraphicsConfiguration for X
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.java.awt.peer.x;
+
+import java.awt.GraphicsConfiguration;
+import java.awt.GraphicsDevice;
+import java.awt.Rectangle;
+import java.awt.geom.AffineTransform;
+import java.awt.image.BufferedImage;
+import java.awt.image.ColorModel;
+import java.awt.image.VolatileImage;
+
+public class XGraphicsConfiguration
+    extends GraphicsConfiguration
+{
+
+  XGraphicsDevice device;
+
+  XGraphicsConfiguration(XGraphicsDevice dev)
+  {
+    device = dev;
+  }
+
+  public GraphicsDevice getDevice()
+  {
+    return device;
+  }
+
+  public BufferedImage createCompatibleImage(int w, int h)
+  {
+    return new BufferedImage(w, h, BufferedImage.TYPE_INT_RGB);
+  }
+
+  public VolatileImage createCompatibleVolatileImage(int w, int h)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public VolatileImage createCompatibleVolatileImage(int width, int height,
+                                                     int transparency)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public BufferedImage createCompatibleImage(int w, int h, int transparency)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public ColorModel getColorModel()
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public ColorModel getColorModel(int transparency)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public AffineTransform getDefaultTransform()
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public AffineTransform getNormalizingTransform()
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public Rectangle getBounds()
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+}
diff --git a/libjava/classpath/gnu/java/awt/peer/x/XGraphicsDevice.java b/libjava/classpath/gnu/java/awt/peer/x/XGraphicsDevice.java
new file mode 100644
index 00000000000..6a020ec4e7a
--- /dev/null
+++ b/libjava/classpath/gnu/java/awt/peer/x/XGraphicsDevice.java
@@ -0,0 +1,166 @@
+/* XGraphicsDevice.java -- GraphicsDevice for X
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.java.awt.peer.x;
+
+import gnu.classpath.SystemProperties;
+import gnu.java.net.local.LocalSocket;
+import gnu.java.net.local.LocalSocketAddress;
+import gnu.x11.Connection;
+import gnu.x11.Display;
+
+import java.awt.AWTError;
+import java.awt.GraphicsConfiguration;
+import java.awt.GraphicsDevice;
+import java.net.SocketException;
+
+/**
+ * This class represents an X Display. The actual connection is established
+ * lazily when it is first needed.
+ *
+ * @author Roman Kennke (kennke@aicas.com)
+ */
+public class XGraphicsDevice
+  extends GraphicsDevice
+{
+
+  private XGraphicsConfiguration defaultConfiguration;
+
+  /**
+   * The X display associated with the XGraphicsDevice. This is established
+   * when {@link #getDisplay} is first called.
+   */
+  private Display display;
+
+  /**
+   * The display name from which the display will be initialized.
+   */
+  private Display.Name displayName;
+
+  /**
+   * The event pump for this X Display.
+   */
+  private XEventPump eventPump;
+
+  /**
+   * Creates a new XGraphicsDevice.
+   */
+  XGraphicsDevice(Display.Name dn)
+  {
+    displayName = dn;
+  }
+
+  public int getType()
+  {
+    return TYPE_RASTER_SCREEN;
+  }
+
+  public String getIDstring()
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public GraphicsConfiguration[] getConfigurations()
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public GraphicsConfiguration getDefaultConfiguration()
+  {
+    if (defaultConfiguration == null)
+      defaultConfiguration = new XGraphicsConfiguration(this);
+    return defaultConfiguration;
+  }
+
+  /**
+   * Returns the X Display associated with this XGraphicsDevice.
+   * This establishes the connection to the X server on the first invocation.
+   *
+   * @return the X Display associated with this XGraphicsDevice
+   */
+  Display getDisplay()
+  {
+    if (display == null)
+      {
+        if (displayName.hostname.equals(""))
+          displayName.hostname = "localhost";
+        if (XToolkit.DEBUG)
+          System.err.println("connecting to : " + displayName);
+        // Try to connect via unix domain sockets when host == localhost.
+        if ((displayName.hostname.equals("localhost")
+             || displayName.hostname.equals(""))
+          && SystemProperties.getProperty("gnu.xawt.no_local_sockets") == null)
+          {
+            // TODO: Is this 100% ok?
+            String sockPath = "/tmp/.X11-unix/X" + displayName.display_no;
+            LocalSocketAddress addr = new LocalSocketAddress(sockPath);
+            try
+              {
+                if (XToolkit.DEBUG)
+                  System.err.println("connecting to local socket: "
+                                     + sockPath);
+                LocalSocket socket = new LocalSocket(addr);
+                display = new Display(socket, "localhost",
+                                      displayName.display_no,
+                                      displayName.screen_no);
+                display.connection.send_mode = Connection.ASYNCHRONOUS;
+                if (XToolkit.DEBUG)
+                  System.err.println("connected to local socket");
+              }
+            catch (SocketException ex)
+              {
+                AWTError err = new AWTError("could not connect to X server");
+                err.initCause(ex);
+                throw err;
+              }
+          }
+        else
+          {
+            display = new Display(displayName);
+          }
+        eventPump = new XEventPump(display);
+      }
+    return display;
+  }
+
+  XEventPump getEventPump()
+  {
+    return eventPump;
+  }
+}
diff --git a/libjava/classpath/gnu/java/awt/peer/x/XGraphicsEnvironment.java b/libjava/classpath/gnu/java/awt/peer/x/XGraphicsEnvironment.java
new file mode 100644
index 00000000000..65383a6cb0f
--- /dev/null
+++ b/libjava/classpath/gnu/java/awt/peer/x/XGraphicsEnvironment.java
@@ -0,0 +1,202 @@
+/* XGraphicsEnvironment.java -- Represents the X environment
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.java.awt.peer.x;
+
+import gnu.java.awt.java2d.RasterGraphics;
+import gnu.x11.Display;
+
+import java.awt.Font;
+import java.awt.Graphics2D;
+import java.awt.GraphicsDevice;
+import java.awt.GraphicsEnvironment;
+import java.awt.image.BufferedImage;
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Locale;
+import java.util.Properties;
+
+/**
+ * Represents the X environment for AWT.
+ *
+ * @author Roman Kennke (kennke@aicas.com)
+ */
+public class XGraphicsEnvironment
+  extends GraphicsEnvironment
+{
+
+  /**
+   * The default graphics device. This is normally the local main X
+   * Display, but can be configured to be any X connection.
+   */
+  private XGraphicsDevice defaultDevice;
+
+  /**
+   * All configured devices.
+   */
+  private XGraphicsDevice[] devices;
+
+  /**
+   * Creates a new XGraphicsEnvironment. This loads the configuration if
+   * there is one present and initializes the XGraphicsDevices in the
+   * environment. If there is no configuration, then there is one
+   * default device initialized with the local main X device.
+   */
+  public XGraphicsEnvironment()
+  {
+    // Initiliaze the devices.
+    Properties props = new Properties();
+    File config = new File(System.getProperty("user.home"),
+                           ".xawt.properties");
+
+    try
+      {
+        FileInputStream configIn = new FileInputStream(config);
+        props.load(configIn);
+        int dev = 1;
+        ArrayList deviceList = new ArrayList();
+        while (true)
+          {
+            String propName = "display." + dev;
+            String propValue = props.getProperty(propName);
+            if (propValue != null)
+              {
+                Display.Name displayName = new Display.Name(propValue);
+                XGraphicsDevice device = new XGraphicsDevice(displayName);
+                if (dev == 1)
+                  defaultDevice = device;
+                deviceList.add(device);
+                dev++;
+              }
+            else
+              {
+                if (dev == 1)
+                  {
+                    defaultDevice = initDefaultDevice();
+                    deviceList.add(defaultDevice);
+                  }
+                break;
+              }
+          }
+        devices = (XGraphicsDevice[]) deviceList.toArray
+                                      (new XGraphicsDevice[deviceList.size()]);
+      }
+    catch (FileNotFoundException ex)
+      {
+        defaultDevice = initDefaultDevice();
+        devices = new XGraphicsDevice[]{ defaultDevice };
+      }
+    catch (IOException ex)
+      {
+        defaultDevice = initDefaultDevice();
+        devices = new XGraphicsDevice[]{ defaultDevice };
+      }
+    
+  }
+
+  /**
+   * Helper method that initializes the default device in the case when there
+   * is no configuration for the default.
+   */
+  private XGraphicsDevice initDefaultDevice()
+  {
+    String display = System.getenv("DISPLAY");
+    if (display == null)
+      display = ":0.0";
+    Display.Name displayName = new Display.Name(display);
+    return new XGraphicsDevice(displayName);
+  }
+
+  /**
+   * Returns all configured screen devices.
+   *
+   * @return all configured screen devices
+   */
+  public GraphicsDevice[] getScreenDevices()
+  {
+    // We return a copy so that nobody can fiddle with our devices.
+    XGraphicsDevice[] copy = new XGraphicsDevice[devices.length];
+    System.arraycopy(devices, 0, copy, 0, devices.length);
+    return copy;
+  }
+
+  /**
+   * Returns the default screen device.
+   *
+   * @return the default screen device
+   */
+  public GraphicsDevice getDefaultScreenDevice()
+  {
+    return defaultDevice;
+  }
+
+  /**
+   * Returns a Graphics instance suitable for drawing on top of the
+   * BufferedImage.
+   *
+   * @param image the buffered image to create a graphics for
+   *
+   * @return a Graphics2D instance for drawing on the BufferedImage
+   */
+  public Graphics2D createGraphics(BufferedImage image)
+  {
+    return new RasterGraphics(image.getRaster(), image.getColorModel());
+  }
+
+  public Font[] getAllFonts()
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public String[] getAvailableFontFamilyNames()
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public String[] getAvailableFontFamilyNames(Locale l)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+}
diff --git a/libjava/classpath/gnu/java/awt/peer/x/XImage.java b/libjava/classpath/gnu/java/awt/peer/x/XImage.java
new file mode 100644
index 00000000000..b9e993628f5
--- /dev/null
+++ b/libjava/classpath/gnu/java/awt/peer/x/XImage.java
@@ -0,0 +1,111 @@
+/* XImage.java -- Image impl for X Pixmaps
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.java.awt.peer.x;
+
+import gnu.x11.Pixmap;
+
+import java.awt.Graphics;
+import java.awt.GraphicsEnvironment;
+import java.awt.Image;
+import java.awt.image.ImageObserver;
+import java.awt.image.ImageProducer;
+import java.util.Hashtable;
+
+public class XImage
+  extends Image
+{
+
+  Pixmap pixmap;
+
+  private Hashtable properties;
+
+  XImage(int w, int h)
+  {
+    GraphicsEnvironment env =
+      GraphicsEnvironment.getLocalGraphicsEnvironment();
+    XGraphicsDevice dev = (XGraphicsDevice) env.getDefaultScreenDevice();
+    pixmap = new Pixmap(dev.getDisplay(), w, h);
+  }
+
+  public int getWidth(ImageObserver observer)
+  {
+    return pixmap.width;
+  }
+
+  public int getHeight(ImageObserver observer)
+  {
+    return pixmap.height;
+  }
+
+  public ImageProducer getSource()
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  /**
+   * Creates an XGraphics for drawing on this XImage.
+   *
+   * @return an XGraphics for drawing on this XImage
+   */
+  public Graphics getGraphics()
+  {
+    XGraphics g = new XGraphics(pixmap);
+    return g;
+  }
+
+  public Object getProperty(String name, ImageObserver observer)
+  {
+    Object val = null;
+    if (properties != null)
+      val = properties.get(val);
+    return val;
+  }
+
+  public void flush()
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  protected void finalize()
+  {
+    pixmap.free();
+  }
+}
diff --git a/libjava/classpath/gnu/java/awt/peer/x/XLightweightPeer.java b/libjava/classpath/gnu/java/awt/peer/x/XLightweightPeer.java
new file mode 100644
index 00000000000..2613d84d80c
--- /dev/null
+++ b/libjava/classpath/gnu/java/awt/peer/x/XLightweightPeer.java
@@ -0,0 +1,56 @@
+/* XLightweightPeer.java -- A lightweight peer for X
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.java.awt.peer.x;
+
+import java.awt.Component;
+import java.awt.peer.LightweightPeer;
+
+import gnu.java.awt.peer.swing.SwingContainerPeer;
+
+public class XLightweightPeer
+  extends SwingContainerPeer
+  implements LightweightPeer
+{
+
+  XLightweightPeer(Component c)
+  {
+    super(c);
+    init(c, null);
+  }
+}
diff --git a/libjava/classpath/gnu/java/awt/peer/x/XToolkit.java b/libjava/classpath/gnu/java/awt/peer/x/XToolkit.java
new file mode 100644
index 00000000000..a286fd6f006
--- /dev/null
+++ b/libjava/classpath/gnu/java/awt/peer/x/XToolkit.java
@@ -0,0 +1,608 @@
+/* XToolkit.java -- The central AWT Toolkit for the X peers
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.java.awt.peer.x;
+
+import java.awt.AWTException;
+import java.awt.Button;
+import java.awt.Canvas;
+import java.awt.Checkbox;
+import java.awt.CheckboxMenuItem;
+import java.awt.Choice;
+import java.awt.Component;
+import java.awt.Dialog;
+import java.awt.Dimension;
+import java.awt.EventQueue;
+import java.awt.FileDialog;
+import java.awt.Font;
+import java.awt.FontMetrics;
+import java.awt.Frame;
+import java.awt.GraphicsDevice;
+import java.awt.GraphicsEnvironment;
+import java.awt.Image;
+import java.awt.Label;
+import java.awt.List;
+import java.awt.Menu;
+import java.awt.MenuBar;
+import java.awt.MenuItem;
+import java.awt.Panel;
+import java.awt.PopupMenu;
+import java.awt.PrintJob;
+import java.awt.ScrollPane;
+import java.awt.Scrollbar;
+import java.awt.TextArea;
+import java.awt.TextField;
+import java.awt.Transparency;
+import java.awt.Window;
+import java.awt.datatransfer.Clipboard;
+import java.awt.dnd.DragGestureEvent;
+import java.awt.dnd.peer.DragSourceContextPeer;
+import java.awt.im.InputMethodHighlight;
+import java.awt.image.BufferedImage;
+import java.awt.image.ColorModel;
+import java.awt.image.DirectColorModel;
+import java.awt.image.ImageObserver;
+import java.awt.image.ImageProducer;
+import java.awt.peer.ButtonPeer;
+import java.awt.peer.CanvasPeer;
+import java.awt.peer.CheckboxMenuItemPeer;
+import java.awt.peer.CheckboxPeer;
+import java.awt.peer.ChoicePeer;
+import java.awt.peer.DialogPeer;
+import java.awt.peer.FileDialogPeer;
+import java.awt.peer.FontPeer;
+import java.awt.peer.FramePeer;
+import java.awt.peer.LabelPeer;
+import java.awt.peer.LightweightPeer;
+import java.awt.peer.ListPeer;
+import java.awt.peer.MenuBarPeer;
+import java.awt.peer.MenuItemPeer;
+import java.awt.peer.MenuPeer;
+import java.awt.peer.PanelPeer;
+import java.awt.peer.PopupMenuPeer;
+import java.awt.peer.RobotPeer;
+import java.awt.peer.ScrollPanePeer;
+import java.awt.peer.ScrollbarPeer;
+import java.awt.peer.TextAreaPeer;
+import java.awt.peer.TextFieldPeer;
+import java.awt.peer.WindowPeer;
+import java.io.ByteArrayInputStream;
+import java.io.File;
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Properties;
+import java.util.WeakHashMap;
+
+import javax.imageio.ImageIO;
+
+import gnu.classpath.SystemProperties;
+import gnu.java.awt.ClasspathToolkit;
+import gnu.java.awt.EmbeddedWindow;
+import gnu.java.awt.peer.ClasspathFontPeer;
+import gnu.java.awt.peer.EmbeddedWindowPeer;
+import gnu.java.awt.peer.swing.SwingCanvasPeer;
+import gnu.java.awt.peer.swing.SwingLabelPeer;
+import gnu.java.awt.peer.swing.SwingPanelPeer;
+
+public class XToolkit
+  extends ClasspathToolkit
+{
+
+  /**
+   * Set to true to enable debug output.
+   */
+  static boolean DEBUG = false;
+
+  /**
+   * Maps AWT colors to X colors.
+   */
+  HashMap colorMap = new HashMap();
+
+  /**
+   * The system event queue.
+   */
+  private EventQueue eventQueue;
+
+  /**
+   * The default color model of this toolkit.
+   */
+  private ColorModel colorModel;
+
+  /**
+   * Maps image URLs to Image instances.
+   */
+  private HashMap imageCache = new HashMap();
+
+  /**
+   * The cached fonts.
+   */
+  private WeakHashMap fontCache = new WeakHashMap();
+
+  public XToolkit()
+  {
+    SystemProperties.setProperty("gnu.javax.swing.noGraphics2D", "true");
+    SystemProperties.setProperty("java.awt.graphicsenv",
+                                 "gnu.java.awt.peer.x.XGraphicsEnvironment");
+  }
+
+  public GraphicsEnvironment getLocalGraphicsEnvironment()
+  {
+    return new XGraphicsEnvironment();
+  }
+
+  /**
+   * Returns the font peer for a font with the specified name and attributes.
+   *
+   * @param name the font name
+   * @param attrs the font attributes
+   *
+   * @return the font peer for a font with the specified name and attributes
+   */
+  public ClasspathFontPeer getClasspathFontPeer(String name, Map attrs)
+  {
+    String canonical = XFontPeer.encodeFont(name, attrs);
+    ClasspathFontPeer font;
+    if (!fontCache.containsKey(canonical))
+      {
+        String graphics2d =
+          SystemProperties.getProperty("gnu.xawt.graphics2d");
+        if (graphics2d != null && graphics2d.equals("gl"))
+          font = new XFontPeer2(name, attrs);
+        else
+          font = new XFontPeer(name, attrs);
+        fontCache.put(canonical, font);
+      }
+    else
+      {
+        font = (ClasspathFontPeer) fontCache.get(canonical);
+      }
+    return font;
+  }
+
+  public Font createFont(int format, InputStream stream)
+  {
+    return null;
+  }
+
+  public RobotPeer createRobot(GraphicsDevice screen) throws AWTException
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public EmbeddedWindowPeer createEmbeddedWindow(EmbeddedWindow w)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  protected ButtonPeer createButton(Button target)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  protected TextFieldPeer createTextField(TextField target)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  protected LabelPeer createLabel(Label target)
+  {
+    return new SwingLabelPeer(target);
+  }
+
+  protected ListPeer createList(List target)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  protected CheckboxPeer createCheckbox(Checkbox target)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  protected ScrollbarPeer createScrollbar(Scrollbar target)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  protected ScrollPanePeer createScrollPane(ScrollPane target)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  protected TextAreaPeer createTextArea(TextArea target)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  protected ChoicePeer createChoice(Choice target)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  protected FramePeer createFrame(Frame target)
+  {
+    XFramePeer frame = new XFramePeer(target);
+    return frame;
+  }
+
+  protected CanvasPeer createCanvas(Canvas target)
+  {
+    return new SwingCanvasPeer(target);
+  }
+
+  protected PanelPeer createPanel(Panel target)
+  {
+    return new SwingPanelPeer(target);
+  }
+
+  protected WindowPeer createWindow(Window target)
+  {
+    return new XWindowPeer(target);
+  }
+
+  protected DialogPeer createDialog(Dialog target)
+  {
+    return new XDialogPeer(target);
+  }
+
+  protected MenuBarPeer createMenuBar(MenuBar target)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  protected MenuPeer createMenu(Menu target)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  protected PopupMenuPeer createPopupMenu(PopupMenu target)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  protected MenuItemPeer createMenuItem(MenuItem target)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  protected FileDialogPeer createFileDialog(FileDialog target)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  protected CheckboxMenuItemPeer createCheckboxMenuItem(CheckboxMenuItem target)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  protected FontPeer getFontPeer(String name, int style)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public Dimension getScreenSize()
+  {
+    // FIXME: This is only a hack to get some apps working.
+    return new Dimension(1024, 768);
+  }
+
+  public int getScreenResolution()
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  /**
+   * Returns the color model used by this toolkit.
+   *
+   * @return the color model used by this toolkit
+   */
+  public ColorModel getColorModel()
+  {
+    // TODO: I assume 24 bit depth here, we can do this better.
+    if (colorModel == null)
+      colorModel = new DirectColorModel(24, 0xFF0000, 0xFF00, 0xFF);
+    return colorModel;
+  }
+
+  public String[] getFontList()
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public FontMetrics getFontMetrics(Font name)
+  {
+    ClasspathFontPeer peer = (ClasspathFontPeer) name.getPeer();
+    return peer.getFontMetrics(name);
+  }
+
+  public void sync()
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  /**
+   * Returns an image that has its pixel data loaded from a file with the
+   * specified name. If that file doesn't exist, an empty or error image
+   * is returned instead.
+   *
+   * @param name the filename of the file that contains the pixel data
+   *
+   * @return the image
+   */
+  public Image getImage(String name)
+  {
+    Image image;
+    try
+      {
+        File file = new File(name);
+        image = getImage(file.toURL());
+      }
+    catch (MalformedURLException ex)
+      {
+        // TODO: Replace by a more meaningful error image instead.
+        image = null;
+      }
+    return image;
+  }
+
+  /**
+   * Returns an image that has its pixel data loaded from the specified URL.
+   * If the image cannot be loaded for some reason, an empty or error image
+   * is returned instead.
+   *
+   * @param url the URL to the image data
+   *
+   * @return the image
+   */
+  public Image getImage(URL url)
+  {
+    Image image;
+    if (imageCache.containsKey(url))
+      {
+        image = (Image) imageCache.get(url);
+      }
+    else
+      {
+        image = createImage(url);
+        imageCache.put(url, image);
+      }
+    return image;
+  }
+
+  /**
+   * Returns an image that has its pixel data loaded from a file with the
+   * specified name. If that file doesn't exist, an empty or error image
+   * is returned instead.
+   *
+   * @param filename the filename of the file that contains the pixel data
+   *
+   * @return the image
+   */
+  public Image createImage(String filename)
+  {
+    Image im;
+    try
+      {
+        File file = new File(filename);
+        URL url = file.toURL();
+        im = createImage(url);
+      }
+    catch (MalformedURLException ex)
+      {
+        im = createErrorImage();
+      }
+    return im;
+  }
+
+  /**
+   * Returns an image that has its pixel data loaded from the specified URL.
+   * If the image cannot be loaded for some reason, an empty or error image
+   * is returned instead.
+   *
+   * @param url the URL to the image data
+   *
+   * @return the image
+   */
+  public Image createImage(URL url)
+  {
+    Image image;
+    try
+      {
+        image = createImage(url.openStream());
+      }
+    catch (IOException ex)
+      {
+        image = createErrorImage();
+      }
+    return image;
+  }
+
+  /**
+   * Creates an image that is returned when calls to createImage() yields an
+   * error.
+   * 
+   * @return an image that is returned when calls to createImage() yields an
+   *         error
+   */
+  private Image createErrorImage()
+  {
+    // TODO: Create better error image.
+    return new XImage(1, 1);
+  }
+
+  public boolean prepareImage(Image image, int width, int height, ImageObserver observer)
+  {
+    // Images are loaded synchronously, so we don't bother and return true.
+    return true;
+  }
+
+  public int checkImage(Image image, int width, int height, ImageObserver observer)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public Image createImage(ImageProducer producer)
+  {
+    ImageConverter conv = new ImageConverter();
+    producer.startProduction(conv);
+    Image image = conv.getXImage();
+    return image;
+  }
+
+  public Image createImage(byte[] data, int offset, int len)
+  {
+    Image image;
+    try
+      {
+        ByteArrayInputStream i = new ByteArrayInputStream(data, offset, len);
+        image = createImage(i);
+      }
+    catch (IOException ex)
+      {
+        image = createErrorImage();
+      }
+    return image;
+  }
+
+  private Image createImage(InputStream i)
+    throws IOException
+  {
+    Image image;
+    BufferedImage buffered = ImageIO.read(i);
+    // If the bufferedimage is opaque, then we can copy it over to an
+    // X Pixmap for faster drawing.
+    if (buffered != null && buffered.getTransparency() == Transparency.OPAQUE)
+      {
+        ImageProducer source = buffered.getSource();
+        image = createImage(source);
+      }
+    else if (buffered != null)
+      {
+        image = buffered;
+      }
+    else
+      {
+        image = createErrorImage();
+      }
+    return image;
+  }
+
+  public PrintJob getPrintJob(Frame frame, String title, Properties props)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public void beep()
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public Clipboard getSystemClipboard()
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  /**
+   * Returns the eventqueue used by the XLib peers.
+   *
+   * @return the eventqueue used by the XLib peers
+   */
+  protected EventQueue getSystemEventQueueImpl()
+  {
+    if (eventQueue == null)
+      eventQueue = new EventQueue();
+    return eventQueue;
+  }
+
+  public DragSourceContextPeer createDragSourceContextPeer(DragGestureEvent e)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  public Map mapInputMethodHighlight(InputMethodHighlight highlight)
+  {
+    // TODO: Implement this.
+    throw new UnsupportedOperationException("Not yet implemented.");
+  }
+
+  /**
+   * Helper method to quickly fetch the default device (X Display).
+   *
+   * @return the default XGraphicsDevice
+   */
+  static XGraphicsDevice getDefaultDevice()
+  {
+    XGraphicsEnvironment env = (XGraphicsEnvironment)
+      XGraphicsEnvironment.getLocalGraphicsEnvironment();
+    return (XGraphicsDevice) env.getDefaultScreenDevice();
+  }
+
+  protected LightweightPeer createComponent(Component c)
+  {
+    return new XLightweightPeer(c);
+  }
+}
diff --git a/libjava/classpath/gnu/java/awt/peer/x/XWindowPeer.java b/libjava/classpath/gnu/java/awt/peer/x/XWindowPeer.java
new file mode 100644
index 00000000000..28cc5a5edf5
--- /dev/null
+++ b/libjava/classpath/gnu/java/awt/peer/x/XWindowPeer.java
@@ -0,0 +1,255 @@
+/* XWindowPeer.java -- Window peer for X
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.java.awt.peer.x;
+
+import java.awt.Component;
+import java.awt.EventQueue;
+import java.awt.Font;
+import java.awt.FontMetrics;
+import java.awt.Graphics;
+import java.awt.Image;
+import java.awt.Insets;
+import java.awt.Point;
+import java.awt.Rectangle;
+import java.awt.event.PaintEvent;
+import java.awt.event.WindowEvent;
+
+import gnu.x11.Window;
+import gnu.x11.event.Event;
+
+import gnu.java.awt.peer.swing.SwingWindowPeer;
+
+public class XWindowPeer
+    extends SwingWindowPeer
+{
+
+  private static int standardSelect = Event.BUTTON_PRESS_MASK
+                                      | Event.BUTTON_RELEASE_MASK
+                                      | Event.POINTER_MOTION_MASK
+                                      //| Event.RESIZE_REDIRECT_MASK
+                                      | Event.EXPOSURE_MASK
+                                      //| Event.PROPERTY_CHANGE_MASK
+                                      | Event.STRUCTURE_NOTIFY_MASK
+                                      | Event.KEY_PRESS_MASK
+                                      | Event.KEY_RELEASE_MASK
+                                      ;
+
+  /**
+   * Indicates if we are in callback mode, that is when a property (like size)
+   * is changed in reponse to a request from the X server and doesn't need
+   * to be propagated back to the X server.
+   */
+  boolean callback = false;
+
+  /**
+   * The X window.
+   */
+  private Window xwindow;
+
+  XWindowPeer(java.awt.Window window)
+  {
+    super(window);
+    XGraphicsDevice dev = XToolkit.getDefaultDevice();
+
+    // TODO: Maybe initialize lazily in show().
+    // FIXME: Howto generate a Window without decorations?
+    int x = Math.max(window.getX(), 0);
+    int y = Math.max(window.getY(), 0);
+    int w = Math.max(window.getWidth(), 1);
+    int h = Math.max(window.getHeight(), 1);
+    xwindow = new Window(dev.getDisplay().default_root, x, y, w, h);
+    xwindow.create();
+    xwindow.select_input(standardSelect);
+    dev.getEventPump().registerWindow(xwindow, window);
+  }
+
+  public void toBack()
+  {
+    // TODO Auto-generated method stub
+
+  }
+
+  public void toFront()
+  {
+    // TODO Auto-generated method stub
+
+  }
+
+  public void updateAlwaysOnTop()
+  {
+    // TODO Auto-generated method stub
+
+  }
+
+  public boolean requestWindowFocus()
+  {
+    // TODO Auto-generated method stub
+    return false;
+  }
+
+  public Point getLocationOnScreen()
+  {
+    return new Point(xwindow.x, xwindow.y);
+  }
+
+  /**
+   * Returns a XGraphics suitable for drawing on this frame.
+   *
+   * @return a XGraphics suitable for drawing on this frame
+   */
+  public Graphics getGraphics()
+  {
+    return new XGraphics(xwindow);
+  }
+
+  public Image createImage(int w, int h)
+  {
+    return new XImage(w, h);
+  }
+
+  /**
+   * Makes the component visible. This is called by {@link Component#show()}.
+   *
+   * This is implemented to call setVisible(true) on the Swing component.
+   */
+  public void show()
+  {
+//    // Prevent ResizeRedirect events.
+//    //xwindow.select_input(noResizeRedirectSelect);
+//    Window.Attributes atts = new Window.Attributes();
+//    atts.set_override_redirect(true);
+//    xwindow.change_attributes(atts);
+
+    // Prevent ResizeRedirect events.
+    //xwindow.select_input(Event.NO_EVENT_MASK);
+    //xwindow.select_input(noResizeRedirectSelect);
+
+    xwindow.map();
+    EventQueue eq = XToolkit.getDefaultToolkit().getSystemEventQueue();
+    java.awt.Window w = (java.awt.Window) super.awtComponent;
+    eq.postEvent(new WindowEvent(w, WindowEvent.WINDOW_OPENED));
+    eq.postEvent(new PaintEvent(w, PaintEvent.PAINT,
+                                new Rectangle(0, 0, w.getWidth(),
+                                              w.getHeight())));
+
+//    // Reset input selection.
+//    atts.set_override_redirect(false);
+//    xwindow.change_attributes(atts);
+  }
+
+  /**
+   * Makes the component invisible. This is called from
+   * {@link Component#hide()}.
+   *
+   * This is implemented to call setVisible(false) on the Swing component.
+   */
+  public void hide()
+  {
+    xwindow.unmap();
+  }
+
+  /**
+   * Notifies the peer that the bounds of this component have changed. This
+   * is called by {@link Component#reshape(int, int, int, int)}.
+   *
+   * This is implemented to call setBounds() on the Swing component.
+   *
+   * @param x the X coordinate of the upper left corner of the component
+   * @param y the Y coordinate of the upper left corner of the component
+   * @param width the width of the component
+   * @param height the height of the component
+   */
+  public void reshape(int x, int y, int width, int height)
+  {
+    // Prevent ResizeRedirect events.
+//    //xwindow.select_input(noResizeRedirectSelect);
+//    Window.Attributes atts = new Window.Attributes();
+//    atts.set_override_redirect(true);
+//    xwindow.change_attributes(atts);
+
+    // Need to substract insets because AWT size is including insets,
+    // and X size is excuding insets.
+    Insets i = insets();
+    xwindow.move_resize(x - i.left, y - i.right, width - i.left - i.right,
+                        height - i.top - i.bottom);
+
+    // Reset input selection.
+//    atts = new Window.Attributes();
+//    atts.set_override_redirect(false);
+//    xwindow.change_attributes(atts);
+  }
+
+  public Insets insets()
+  {
+    Insets i = new Insets(0, 0, 0, 0);
+//    Window.GeometryReply g = xwindow.geometry();
+//    int b = g.border_width();
+//    Insets i = new Insets(b, b, b, b);
+//    Window.WMSizeHints wmSize = xwindow.wm_normal_hints();
+//    if (wmSize != null)
+//      {
+//        i.left = wmSize.x() - g.x();
+//        i.right = wmSize.width() - g.width() - i.left ;
+//        i.top = wmSize.y() - g.y();
+//        i.bottom = wmSize.height() - g.height() - i.top;
+//      }
+//    System.err.println("insets: " + i);
+    return i;
+  }
+
+  /**
+   * Returns the font metrics for the specified font.
+   *
+   * @return the font metrics for the specified font
+   */
+  public FontMetrics getFontMetrics(Font font)
+  {
+    XFontPeer fontPeer = (XFontPeer) font.getPeer();
+    return fontPeer.getFontMetrics(font);
+  }
+
+  /**
+   * Unregisters the window in the event pump when it is closed.
+   */
+  protected void finalize()
+  {
+    XGraphicsDevice dev = XToolkit.getDefaultDevice();
+    dev.getEventPump().unregisterWindow(xwindow);
+  }
+}
diff --git a/libjava/classpath/gnu/java/awt/print/PostScriptGraphics2D.java b/libjava/classpath/gnu/java/awt/print/PostScriptGraphics2D.java
index 2303f44b7de..e4cc8199a54 100644
--- a/libjava/classpath/gnu/java/awt/print/PostScriptGraphics2D.java
+++ b/libjava/classpath/gnu/java/awt/print/PostScriptGraphics2D.java
@@ -668,7 +668,7 @@ class PostScriptGraphics2D extends Graphics2D
     saveAndInvertAxis();
 
     // draw the shape s with an inverted Y axis.
-    PathIterator pi = s.getPathIterator(new AffineTransform());
+    PathIterator pi = s.getPathIterator(null);
     float[] coords = new float[6];
 
     while (! pi.isDone())
@@ -872,7 +872,7 @@ class PostScriptGraphics2D extends Graphics2D
   /** write a shape to the file */
   private void writeShape(Shape s)
   {
-    PathIterator pi = s.getPathIterator(new AffineTransform());
+    PathIterator pi = s.getPathIterator(null);
     float[] coords = new float[6];
 
     while (! pi.isDone())
diff --git a/libjava/classpath/gnu/java/io/PlatformHelper.java b/libjava/classpath/gnu/java/io/PlatformHelper.java
index 79ce6e8f470..e54c56da935 100644
--- a/libjava/classpath/gnu/java/io/PlatformHelper.java
+++ b/libjava/classpath/gnu/java/io/PlatformHelper.java
@@ -1,5 +1,5 @@
 /* PlatformHelper.java -- Isolate OS-specific IO helper methods and variables
-   Copyright (C) 1998, 2002 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2002, 2006 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -97,98 +97,6 @@ public class PlatformHelper
   }
 
   /**
-   * This routine canonicalizes input param "path" to formal path representation
-   *  for current platform, including interpreting ".." and "." .
-   */
-  public static final String toCanonicalForm(String path)
-  {
-    /*??
-    if(path.indexOf('.') < 0 && path.indexOf("..") < 0)
-        return path; 
-    */
-    String tmppath = path.replace('/', separatorChar);
-    StringBuffer canonpath;
-
-    int i;
-
-    if ((i = beginWithRootPathPrefix(tmppath)) == 0 )
-      return path;
-    
-    /* The original 
-           "canonpath = new StringBuffer(tmppath.substring(0, i))"
-       isn't very efficient because StringBuffer's 
-       ensureCapacity_unsynchronized will fail definitely each time 
-       and will enlarge buffer and copy contents.       .
-    */
-    canonpath = new StringBuffer(INITIAL_MAX_PATH);
-    canonpath.append(tmppath.substring(0, i));
-    tmppath = tmppath.substring(i);
-    // pathdepth==0 indicates there're only root path in the buffer
-    int pathdepth = 0;
-    
-    StringTokenizer st = new StringTokenizer(tmppath, separator);
-    
-    // Traverse each element of the path, handling "." and ".."
-    // Should handle "~" too?
-    if (st.hasMoreTokens())
-      do
-        {
-          String s = st.nextToken();
-        
-          // Handle "." or an empty element.  
-          if (s.equals(".") || s.equals(""))
-            continue;
-        
-          // Handle ".." by deleting the last element from the path
-          if (s.equals(".."))
-            {
-              if (pathdepth == 0)
-                continue;
-
-              // Strip of trailing separator
-              canonpath.setLength(canonpath.length() - 1/*separator.length()*/);
-              String tmpstr = canonpath.toString();
-              int idx = tmpstr.lastIndexOf(separator); 
-
-              if ((idx == -1) || ((idx + 1/*separator.length()*/) > tmpstr.length()))
-                //throw new IOException("Can't happen error"); 
-                return path; // Shouldn't happen 
-        
-              canonpath.setLength(idx + 1/*separator.length()*/);
-              pathdepth--;
-              continue;
-            }
-        
-          canonpath.append(s);
-          pathdepth++; //now it's more than root path
-
-          if (st.hasMoreTokens())
-            canonpath.append(separator);
-        }
-      while (st.hasMoreTokens());
-    
-    if (endWithSeparator(path))
-      canonpath.append(separator);
-        
-    String tmpstr = canonpath.toString();
-    //if (pathdepth > 0 && endWithSeparator(tmpstr) )
-    //    tmpstr = tmpstr.substring(0, tmpstr.length() - 1/*separator.length()*/);
-    
-    return tmpstr;
-  }
-
-  /**
-   * This routine canonicalizes input param "path" to formal path representation
-   *  for current platform, and normalize all separators to "sepchar".
-   */
-  public static final String toCanonicalForm(String path, char sepchar)
-  {
-    String tmpstr = toCanonicalForm(path);
-    tmpstr = tmpstr.replace(separatorChar, sepchar);
-    return tmpstr;
-  }
-
-  /**
    * This routine checks whether input param "path" ends with separator
    */
   public static final boolean endWithSeparator(String path)
diff --git a/libjava/classpath/gnu/java/lang/management/BeanImpl.java b/libjava/classpath/gnu/java/lang/management/BeanImpl.java
new file mode 100644
index 00000000000..24572a25d5d
--- /dev/null
+++ b/libjava/classpath/gnu/java/lang/management/BeanImpl.java
@@ -0,0 +1,84 @@
+/* BeanImpl.java - A common superclass for bean implementations.
+   Copyright (C) 2006 Free Software Foundation
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.java.lang.management;
+
+import java.lang.management.ManagementPermission;
+
+import javax.management.NotCompliantMBeanException;
+import javax.management.StandardMBean;
+
+/**
+ * A common superclass for bean implementations.
+ *
+ * @author Andrew John Hughes (gnu_andrew@member.fsf.org)
+ * @since 1.5
+ */
+public class BeanImpl
+  extends StandardMBean
+{
+ 
+  /**
+   * Constructs a new <code>BeanImpl</code>.
+   *
+   * @param iface the bean interface being implemented.
+   * @throws NotCompliantMBeanException if this class doesn't implement
+   *                                    the interface or a method appears
+   *                                    in the interface that doesn't comply
+   *                                    with the naming conventions.
+   */
+  protected BeanImpl(Class iface)
+    throws NotCompliantMBeanException
+  {
+    super(iface);
+  }
+
+  protected void checkMonitorPermissions()
+  {
+    SecurityManager sm = System.getSecurityManager();
+    if (sm != null)
+      sm.checkPermission(new ManagementPermission("monitor"));
+  }
+
+  protected void checkControlPermissions()
+  {
+    SecurityManager sm = System.getSecurityManager();
+    if (sm != null)
+      sm.checkPermission(new ManagementPermission("control"));
+  }
+
+}
diff --git a/libjava/classpath/gnu/java/lang/management/ClassLoadingMXBeanImpl.java b/libjava/classpath/gnu/java/lang/management/ClassLoadingMXBeanImpl.java
new file mode 100644
index 00000000000..92e68ae7678
--- /dev/null
+++ b/libjava/classpath/gnu/java/lang/management/ClassLoadingMXBeanImpl.java
@@ -0,0 +1,99 @@
+/* ClassLoadingMXBeanImpl.java - Implementation of a class loading bean
+   Copyright (C) 2006 Free Software Foundation
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.java.lang.management;
+
+import java.lang.management.ClassLoadingMXBean;
+
+import javax.management.NotCompliantMBeanException;
+
+/**
+ * Provides access to information about the class loading 
+ * behaviour of the current invocation of the virtual
+ * machine.  Instances of this bean are obtained by calling
+ * {@link ManagementFactory#getClassLoadingMXBean()}.
+ *
+ * @author Andrew John Hughes (gnu_andrew@member.fsf.org)
+ * @since 1.5
+ */
+public final class ClassLoadingMXBeanImpl
+  extends BeanImpl
+  implements ClassLoadingMXBean
+{
+
+  /**
+   * Constructs a new <code>ClassLoadingMXBeanImpl</code>.
+   *
+   * @throws NotCompliantMBeanException if this class doesn't implement
+   *                                    the interface or a method appears
+   *                                    in the interface that doesn't comply
+   *                                    with the naming conventions.
+   */
+  public ClassLoadingMXBeanImpl()
+    throws NotCompliantMBeanException
+  {
+    super(ClassLoadingMXBean.class);
+  }
+
+  public int getLoadedClassCount()
+  {
+    return VMClassLoadingMXBeanImpl.getLoadedClassCount();
+  }
+
+  public long getTotalLoadedClassCount()
+  {
+    return getLoadedClassCount() + getUnloadedClassCount();
+  }
+
+  public long getUnloadedClassCount()
+  {
+    return VMClassLoadingMXBeanImpl.getUnloadedClassCount();
+  }
+
+  public boolean isVerbose()
+  {
+    return VMClassLoadingMXBeanImpl.isVerbose();
+  }
+
+  public void setVerbose(boolean verbose)
+  {
+    checkControlPermissions();
+    VMClassLoadingMXBeanImpl.setVerbose(verbose);
+  }
+
+}
+
diff --git a/libjava/classpath/gnu/java/lang/management/CompilationMXBeanImpl.java b/libjava/classpath/gnu/java/lang/management/CompilationMXBeanImpl.java
new file mode 100644
index 00000000000..b3ad898b57c
--- /dev/null
+++ b/libjava/classpath/gnu/java/lang/management/CompilationMXBeanImpl.java
@@ -0,0 +1,105 @@
+/* CompilationMXBeanImpl.java - Implementation of a compilation bean
+   Copyright (C) 2006 Free Software Foundation
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.java.lang.management;
+
+import gnu.classpath.SystemProperties;
+
+import java.lang.management.CompilationMXBean;
+
+import javax.management.NotCompliantMBeanException;
+
+/**
+ * Provides access to information about the JIT 
+ * compiler of the virtual machine, if one exists.
+ * Instances of this bean are obtained by calling
+ * {@link ManagementFactory#getCompilationMXBean()},
+ * if this is the case.
+ *
+ * @author Andrew John Hughes (gnu_andrew@member.fsf.org)
+ * @since 1.5
+ */
+public final class CompilationMXBeanImpl
+  extends BeanImpl
+  implements CompilationMXBean
+{
+
+  /**
+   * Constant for compiler name.
+   */
+  private static final String COMPILER_NAME = "gnu.java.compiler.name";
+
+  /**
+   * Constant for compilation time support.
+   */
+  private static final String COMPILATION_TIME_SUPPORT = 
+    "gnu.java.lang.management.CompilationTimeSupport";
+
+  /**
+   * Constructs a new <code>CompilationMXBeanImpl</code>.
+   *
+   * @throws NotCompliantMBeanException if this class doesn't implement
+   *                                    the interface or a method appears
+   *                                    in the interface that doesn't comply
+   *                                    with the naming conventions.
+   */
+  public CompilationMXBeanImpl()
+    throws NotCompliantMBeanException
+  {
+    super(CompilationMXBean.class);
+  }
+
+  public String getName()
+  {
+    return SystemProperties.getProperty(COMPILER_NAME);
+  }
+  
+  public boolean isCompilationTimeMonitoringSupported()
+  {
+    return SystemProperties.getProperty(COMPILATION_TIME_SUPPORT) != null;
+  }
+
+  public long getTotalCompilationTime()
+  {
+    if (isCompilationTimeMonitoringSupported())
+      return VMCompilationMXBeanImpl.getTotalCompilationTime();
+    else
+      throw new UnsupportedOperationException("Compilation time monitoring "
+					      + "is not supported");
+  }
+
+}
diff --git a/libjava/classpath/gnu/java/lang/management/GarbageCollectorMXBeanImpl.java b/libjava/classpath/gnu/java/lang/management/GarbageCollectorMXBeanImpl.java
new file mode 100644
index 00000000000..b752e6b8672
--- /dev/null
+++ b/libjava/classpath/gnu/java/lang/management/GarbageCollectorMXBeanImpl.java
@@ -0,0 +1,84 @@
+/* GarbageCollectorMXBeanImpl.java - Implementation of a GC bean
+   Copyright (C) 2006 Free Software Foundation
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.java.lang.management;
+
+import java.lang.management.GarbageCollectorMXBean;
+
+import javax.management.NotCompliantMBeanException;
+
+/**
+ * Provides access to information about one of the garbage 
+ * collectors used by the current invocation of the
+ * virtual machine.  An instance of this bean for each garbage
+ * collector is obtained by calling
+ * {@link ManagementFactory#getGarbageCollectorMXBeans()}.
+ *
+ * @author Andrew John Hughes (gnu_andrew@member.fsf.org)
+ * @since 1.5
+ */
+public final class GarbageCollectorMXBeanImpl
+  extends MemoryManagerMXBeanImpl
+  implements GarbageCollectorMXBean
+{
+
+  /**
+   * Constructs a new <code>GarbageCollectorMXBeanImpl</code>.
+   *
+   * @param name the name of the garbage collector this bean represents.
+   * @throws NotCompliantMBeanException if this class doesn't implement
+   *                                    the interface or a method appears
+   *                                    in the interface that doesn't comply
+   *                                    with the naming conventions.
+   */
+  public GarbageCollectorMXBeanImpl(String name)
+    throws NotCompliantMBeanException
+  {
+    super(name, GarbageCollectorMXBean.class);
+  }
+
+  public long getCollectionCount()
+  {
+    return VMGarbageCollectorMXBeanImpl.getCollectionCount(name);
+  }
+
+  public long getCollectionTime()
+  {
+    return VMGarbageCollectorMXBeanImpl.getCollectionTime(name);
+  }
+
+}
diff --git a/libjava/classpath/gnu/java/lang/management/MemoryMXBeanImpl.java b/libjava/classpath/gnu/java/lang/management/MemoryMXBeanImpl.java
new file mode 100644
index 00000000000..064e19a1970
--- /dev/null
+++ b/libjava/classpath/gnu/java/lang/management/MemoryMXBeanImpl.java
@@ -0,0 +1,322 @@
+/* MemoryMXBeanImpl.java - Implementation of a memory bean
+   Copyright (C) 2006 Free Software Foundation
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.java.lang.management;
+
+import java.lang.management.MemoryMXBean;
+import java.lang.management.MemoryNotificationInfo;
+import java.lang.management.MemoryUsage;
+
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+
+import javax.management.ListenerNotFoundException;
+import javax.management.MBeanNotificationInfo;
+import javax.management.NotCompliantMBeanException;
+import javax.management.Notification;
+import javax.management.NotificationEmitter;
+import javax.management.NotificationFilter;
+import javax.management.NotificationListener;
+
+import javax.management.openmbean.CompositeData;
+import javax.management.openmbean.CompositeDataSupport;
+import javax.management.openmbean.CompositeType;
+import javax.management.openmbean.OpenDataException;
+import javax.management.openmbean.OpenType;
+import javax.management.openmbean.SimpleType;
+
+/**
+ * Provides access to information about the memory 
+ * management of the current invocation of the virtual
+ * machine.  Instances of this bean are obtained by calling
+ * {@link ManagementFactory#getMemoryMXBean()}.
+ *
+ * @author Andrew John Hughes (gnu_andrew@member.fsf.org)
+ * @since 1.5
+ */
+public final class MemoryMXBeanImpl
+  extends BeanImpl
+  implements MemoryMXBean, NotificationEmitter
+{
+
+  private List listeners;
+
+  private long notificationCount;
+
+  public static CompositeType notifType;
+
+  public static CompositeType usageType;
+
+  static
+  {
+    try
+      {
+	CompositeType usageType = 
+	  new CompositeType(MemoryUsage.class.getName(),
+			    "Describes the usage levels of a pool",
+			    new String[] { "init", "used",
+					   "committed", "max"
+			    },
+			    new String[] { "Initial level",
+					   "Used level",
+					   "Committed level",
+					   "Maximum level"
+			    },
+			    new OpenType[] {
+			      SimpleType.LONG, SimpleType.LONG,
+			      SimpleType.LONG, SimpleType.LONG
+			    });
+	CompositeType notifType =
+	  new CompositeType(MemoryNotificationInfo.class.getName(),
+			    "Provides the notification info on memory usage",
+			    new String[] { "poolName", "usage", "count" },
+			    new String[] { "Name of the memory pool",
+					   "Usage level of the memory pool",
+					   "Number of times the threshold " +
+					   "has been crossed"
+			    },
+			    new OpenType[] {
+			      SimpleType.STRING, usageType, SimpleType.LONG 
+			    });
+	  }
+	catch (OpenDataException e)
+	  {
+	    throw new IllegalStateException("Something went wrong in creating " +
+					    "the composite data types.", e);
+	  }
+  }
+
+  /**
+   * Constructs a new <code>MemoryMXBeanImpl</code>.
+   *
+   * @throws NotCompliantMBeanException if this class doesn't implement
+   *                                    the interface or a method appears
+   *                                    in the interface that doesn't comply
+   *                                    with the naming conventions.
+   */
+  public MemoryMXBeanImpl()
+    throws NotCompliantMBeanException
+  {
+    super(MemoryMXBean.class);
+    listeners = new ArrayList();
+    notificationCount = 0;
+  }
+
+  public void gc()
+  {
+    System.gc();
+  }
+
+  public MemoryUsage getHeapMemoryUsage()
+  {
+    return VMMemoryMXBeanImpl.getHeapMemoryUsage();
+  }
+
+  public MemoryUsage getNonHeapMemoryUsage()
+  {
+    return VMMemoryMXBeanImpl.getNonHeapMemoryUsage();
+  }
+
+  public int getObjectPendingFinalizationCount()
+  {
+    return VMMemoryMXBeanImpl.getObjectPendingFinalizationCount();
+  }
+
+  public boolean isVerbose()
+  {
+    return VMMemoryMXBeanImpl.isVerbose();
+  }
+
+  public void setVerbose(boolean verbose)
+  {
+    checkControlPermissions();
+    VMMemoryMXBeanImpl.setVerbose(verbose);
+  }
+
+  private class ListenerData
+  {
+    private NotificationListener listener;
+    private NotificationFilter filter;
+    private Object passback;
+
+    public ListenerData(NotificationListener listener,
+			NotificationFilter filter, Object passback)
+    {
+      this.listener = listener;
+      this.filter = filter;
+      this.passback = passback;
+    }
+    
+    public NotificationListener getListener()
+    {
+      return listener;
+    }
+
+    public NotificationFilter getFilter()
+    {
+      return filter;
+    }
+
+    public Object getPassback()
+    {
+      return passback;
+    }
+
+    public boolean equals(Object obj)
+    {
+      if (obj instanceof ListenerData)
+	{
+	  ListenerData data = (ListenerData) obj;
+	  return (data.getListener() == listener &&
+		  data.getFilter() == filter &&
+		  data.getPassback() == passback);
+	}
+      return false;
+    }
+
+  }
+
+  public void addNotificationListener(NotificationListener listener,
+				      NotificationFilter filter,
+				      Object passback)
+  {
+    if (listener == null)
+      throw new IllegalArgumentException("Null listener added to bean.");
+    listeners.add(new ListenerData(listener, filter, passback));
+  }
+
+  public MBeanNotificationInfo[] getNotificationInfo()
+  {
+    return new MBeanNotificationInfo[]
+      {
+	new MBeanNotificationInfo(new String[]
+	  {
+	    MemoryNotificationInfo.MEMORY_COLLECTION_THRESHOLD_EXCEEDED,
+	    MemoryNotificationInfo.MEMORY_THRESHOLD_EXCEEDED
+	  },
+				  Notification.class.getName(), 
+				  "Memory Usage Notifications")
+      };
+  }
+
+  public void removeNotificationListener(NotificationListener listener)
+    throws ListenerNotFoundException
+  {
+    Iterator it = listeners.iterator();
+    boolean foundOne = false;
+    while (it.hasNext())
+      {
+	ListenerData data = (ListenerData) it.next();
+	if (data.getListener() == listener)
+	  {
+	    it.remove();
+	    foundOne = true;
+	  }
+      }
+    if (!foundOne)
+      throw new ListenerNotFoundException("The specified listener, " + listener +
+					  "is not registered with this bean.");
+  }
+
+  public void removeNotificationListener(NotificationListener listener,
+					 NotificationFilter filter,
+					 Object passback)
+    throws ListenerNotFoundException
+  {
+    if (!(listeners.remove(new ListenerData(listener, filter, passback))))
+      {
+	throw new ListenerNotFoundException("The specified listener, " + listener +
+					    " with filter " + filter + 
+					    "and passback " + passback + 
+					    ", is not registered with this bean.");
+      }
+  }
+
+  void fireNotification(String type, String poolName, long init, long used,
+			long committed, long max, long count)
+  {
+    Notification notif = new Notification(type, this, notificationCount);
+    MemoryUsage usage = new MemoryUsage(init, used, committed, max);
+    CompositeData data;
+    try
+      {
+	data = new CompositeDataSupport(notifType, 
+					new String[] {
+					  "poolName", "usage", "count"
+					},
+					new Object[] {
+					  poolName, usage, Long.valueOf(count)
+					});
+      }
+    catch (OpenDataException e)
+      {
+	throw new IllegalStateException("Something went wrong in creating " +
+					"the composite data instance.", e);
+      }
+    notif.setUserData(data);
+    Iterator it = listeners.iterator();
+    while (it.hasNext())
+      {
+	ListenerData ldata = (ListenerData) it.next();
+	NotificationFilter filter = ldata.getFilter();
+	if (filter == null || filter.isNotificationEnabled(notif))
+	  ldata.getListener().handleNotification(notif, ldata.getPassback());
+      }
+    ++notificationCount;
+  }
+
+  void fireThresholdExceededNotification(String poolName, long init,
+					 long used, long committed,
+					 long max, long count)
+  {
+    fireNotification(MemoryNotificationInfo.MEMORY_THRESHOLD_EXCEEDED,
+		     poolName, init, used, committed, max, count);
+  }
+
+  void fireCollectionThresholdExceededNotification(String poolName,
+						   long init,
+						   long used,
+						   long committed,
+						   long max,
+						   long count)
+  {
+    fireNotification(MemoryNotificationInfo.MEMORY_COLLECTION_THRESHOLD_EXCEEDED,
+		     poolName, init, used, committed, max, count);
+  }
+
+}
diff --git a/libjava/classpath/gnu/java/lang/management/MemoryManagerMXBeanImpl.java b/libjava/classpath/gnu/java/lang/management/MemoryManagerMXBeanImpl.java
new file mode 100644
index 00000000000..5766af9cc64
--- /dev/null
+++ b/libjava/classpath/gnu/java/lang/management/MemoryManagerMXBeanImpl.java
@@ -0,0 +1,112 @@
+/* MemoryManagerMXBeanImpl.java - Implementation of a memory manager bean
+   Copyright (C) 2006 Free Software Foundation
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.java.lang.management;
+
+import java.lang.management.MemoryManagerMXBean;
+
+import javax.management.NotCompliantMBeanException;
+
+/**
+ * Provides access to information about one of the memory 
+ * managers used by the current invocation of the
+ * virtual machine.  An instance of this bean for each memory
+ * manager is obtained by calling
+ * {@link ManagementFactory#getMemoryPoolMXBeans()}.
+ *
+ * @author Andrew John Hughes (gnu_andrew@member.fsf.org)
+ * @since 1.5
+ */
+public class MemoryManagerMXBeanImpl
+  extends BeanImpl
+  implements MemoryManagerMXBean
+{
+
+  /**
+   * The name of the memory manager.
+   */
+  protected String name;
+
+  /**
+   * Constructs a new <code>MemoryManagerMXBeanImpl</code>.
+   *
+   * @param name the name of the manager this bean represents.
+   * @throws NotCompliantMBeanException if this class doesn't implement
+   *                                    the interface or a method appears
+   *                                    in the interface that doesn't comply
+   *                                    with the naming conventions.
+   */
+  public MemoryManagerMXBeanImpl(String name)
+    throws NotCompliantMBeanException
+  {
+    this(name, MemoryManagerMXBean.class);
+  }
+
+  /**
+   * Constructs a new <code>MemoryManagerMXBeanImpl</code>
+   * implementing the specified bean interface.
+   *
+   * @param name the name of the manager this bean represents.
+   * @param iface the bean interface being implemented.
+   * @throws NotCompliantMBeanException if this class doesn't implement
+   *                                    the interface or a method appears
+   *                                    in the interface that doesn't comply
+   *                                    with the naming conventions.
+   */
+  protected MemoryManagerMXBeanImpl(String name, Class iface)
+    throws NotCompliantMBeanException
+  {
+    super(iface);
+    this.name = name;
+  }
+
+  public String[] getMemoryPoolNames()
+  {
+    return VMMemoryManagerMXBeanImpl.getMemoryPoolNames(name);
+  }
+
+  public String getName()
+  {
+    return name;
+  }
+
+  public boolean isValid()
+  {
+    return VMMemoryManagerMXBeanImpl.isValid(name);
+  }
+
+}
diff --git a/libjava/classpath/gnu/java/lang/management/MemoryPoolMXBeanImpl.java b/libjava/classpath/gnu/java/lang/management/MemoryPoolMXBeanImpl.java
new file mode 100644
index 00000000000..ed4dccd769e
--- /dev/null
+++ b/libjava/classpath/gnu/java/lang/management/MemoryPoolMXBeanImpl.java
@@ -0,0 +1,225 @@
+/* MemoryPoolMXBeanImpl.java - Implementation of a memory pool bean
+   Copyright (C) 2006 Free Software Foundation
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.java.lang.management;
+
+import gnu.classpath.SystemProperties;
+
+import java.lang.management.MemoryPoolMXBean;
+import java.lang.management.MemoryUsage;
+
+import javax.management.NotCompliantMBeanException;
+
+/**
+ * Provides access to information about one of the memory 
+ * resources or pools used by the current invocation of the
+ * virtual machine.  An instance of this bean for each memory
+ * pool is obtained by calling
+ * {@link ManagementFactory#getMemoryPoolMXBeans()}.
+ *
+ * @author Andrew John Hughes (gnu_andrew@member.fsf.org)
+ * @since 1.5
+ */
+public final class MemoryPoolMXBeanImpl
+  extends BeanImpl
+  implements MemoryPoolMXBean
+{
+
+  /**
+   * The name of the pool.
+   */
+  private String name;
+
+  /**
+   * Constant for collection usage threshold.
+   */
+  private static final String COLLECTION_USAGE_THRESHOLD = 
+    "gnu.java.lang.management.CollectionUsageThresholdSupport";
+
+  /**
+   * Constant for thread time support.
+   */
+  private static final String USAGE_THRESHOLD = 
+    "gnu.java.lang.management.UsageThresholdSupport";
+
+  /**
+   * Constructs a new <code>MemoryPoolMXBeanImpl</code>.
+   *
+   * @param name the name of the pool this bean represents.
+   * @throws NotCompliantMBeanException if this class doesn't implement
+   *                                    the interface or a method appears
+   *                                    in the interface that doesn't comply
+   *                                    with the naming conventions.
+   */
+  public MemoryPoolMXBeanImpl(String name)
+    throws NotCompliantMBeanException
+  {
+    super(MemoryPoolMXBean.class);
+    this.name = name;
+  }
+
+  public MemoryUsage getCollectionUsage()
+  {
+    return VMMemoryPoolMXBeanImpl.getCollectionUsage(name);
+  }
+
+  public long getCollectionUsageThreshold()
+  {
+    if (isCollectionUsageThresholdSupported())
+      return VMMemoryPoolMXBeanImpl.getCollectionUsageThreshold(name);
+    else
+      throw new UnsupportedOperationException("A collection usage "+
+					      "threshold is not supported.");
+  }
+
+  public long getCollectionUsageThresholdCount()
+  {
+    if (isCollectionUsageThresholdSupported())
+      return VMMemoryPoolMXBeanImpl.getCollectionUsageThresholdCount(name);
+    else
+      throw new UnsupportedOperationException("A collection usage "+
+					      "threshold is not supported.");
+  }
+
+  public String[] getMemoryManagerNames()
+  {
+    return VMMemoryPoolMXBeanImpl.getMemoryManagerNames(name);
+  }
+
+  public String getName()
+  {
+    return name;
+  }
+
+  public MemoryUsage getPeakUsage()
+  {
+    if (isValid())
+      return VMMemoryPoolMXBeanImpl.getPeakUsage(name);
+    else
+      return null;
+  }
+
+  public String getType()
+  {
+    return VMMemoryPoolMXBeanImpl.getType(name);
+  }
+
+  public MemoryUsage getUsage()
+  {
+    if (isValid())
+      return VMMemoryPoolMXBeanImpl.getUsage(name);
+    else
+      return null;
+  }
+
+  public long getUsageThreshold()
+  {
+    if (isUsageThresholdSupported())
+      return VMMemoryPoolMXBeanImpl.getUsageThreshold(name);
+    else
+      throw new UnsupportedOperationException("A usage threshold " +
+					      "is not supported.");
+  }
+
+  public long getUsageThresholdCount()
+  {
+    if (isUsageThresholdSupported())
+      return VMMemoryPoolMXBeanImpl.getUsageThresholdCount(name);
+    else
+      throw new UnsupportedOperationException("A usage threshold " +
+					      "is not supported.");
+  }
+
+  public boolean isCollectionUsageThresholdExceeded()
+  {
+    return getCollectionUsage().getUsed() >= getCollectionUsageThreshold();
+  }
+
+  public boolean isCollectionUsageThresholdSupported()
+  {
+    return SystemProperties.getProperty(COLLECTION_USAGE_THRESHOLD) != null;
+  }
+
+  public boolean isUsageThresholdExceeded()
+  {
+    return getUsage().getUsed() >= getUsageThreshold();
+  }
+
+  public boolean isUsageThresholdSupported()
+  {
+    return SystemProperties.getProperty(USAGE_THRESHOLD) != null;
+  }
+
+  public boolean isValid()
+  {
+    return VMMemoryPoolMXBeanImpl.isValid(name);
+  }
+
+  public void resetPeakUsage()
+  {
+    checkControlPermissions();
+    VMMemoryPoolMXBeanImpl.resetPeakUsage(name);
+  }
+
+  public void setCollectionUsageThreshold(long threshold)
+  {
+    checkControlPermissions();
+    if (threshold < 0)
+      throw new IllegalArgumentException("Threshold of " + threshold +
+					 "is less than zero.");
+    if (isCollectionUsageThresholdSupported())
+      VMMemoryPoolMXBeanImpl.setCollectionUsageThreshold(name, threshold);
+    else
+      throw new UnsupportedOperationException("A collection usage "+
+					      "threshold is not supported.");
+  }
+
+  public void setUsageThreshold(long threshold)
+  {
+    checkControlPermissions();
+    if (threshold < 0)
+      throw new IllegalArgumentException("Threshold of " + threshold +
+					 "is less than zero.");
+    if (isUsageThresholdSupported())
+      VMMemoryPoolMXBeanImpl.setUsageThreshold(name, threshold);
+    else
+      throw new UnsupportedOperationException("A usage threshold " +
+					      "is not supported.");
+  }
+
+}
+
diff --git a/libjava/classpath/gnu/java/lang/management/OperatingSystemMXBeanImpl.java b/libjava/classpath/gnu/java/lang/management/OperatingSystemMXBeanImpl.java
new file mode 100644
index 00000000000..9eefc0d9db5
--- /dev/null
+++ b/libjava/classpath/gnu/java/lang/management/OperatingSystemMXBeanImpl.java
@@ -0,0 +1,90 @@
+/* OperatingSystemMXBeanImpl.java - Implementation of an operating system bean
+   Copyright (C) 2006 Free Software Foundation
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.java.lang.management;
+
+import java.lang.management.OperatingSystemMXBean;
+
+import javax.management.NotCompliantMBeanException;
+
+/**
+ * Provides access to information about the underlying operating
+ * system.  
+ *
+ * @author Andrew John Hughes (gnu_andrew@member.fsf.org)
+ * @since 1.5
+ */
+public final class OperatingSystemMXBeanImpl
+  extends BeanImpl
+  implements OperatingSystemMXBean
+{
+
+  /**
+   * Constructs a new <code>OperatingSystemMXBeanImpl</code>.
+   *
+   * @throws NotCompliantMBeanException if this class doesn't implement
+   *                                    the interface or a method appears
+   *                                    in the interface that doesn't comply
+   *                                    with the naming conventions.
+   */
+  public OperatingSystemMXBeanImpl()
+    throws NotCompliantMBeanException
+  {
+    super(OperatingSystemMXBean.class);
+  }
+
+  public String getArch()
+  {
+    return System.getProperty("os.arch");
+  }
+
+  public int getAvailableProcessors()
+  {
+    return Runtime.getRuntime().availableProcessors();
+  }
+
+  public String getName()
+  {
+    return System.getProperty("os.name");
+  }
+
+  public String getVersion()
+  {
+    return System.getProperty("os.version");
+  }
+  
+}
diff --git a/libjava/classpath/gnu/java/lang/management/RuntimeMXBeanImpl.java b/libjava/classpath/gnu/java/lang/management/RuntimeMXBeanImpl.java
new file mode 100644
index 00000000000..e3ebd162e17
--- /dev/null
+++ b/libjava/classpath/gnu/java/lang/management/RuntimeMXBeanImpl.java
@@ -0,0 +1,197 @@
+/* RuntimeMXBeanImpl.java - Implementation of an runtime bean
+   Copyright (C) 2006 Free Software Foundation
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.java.lang.management;
+
+import gnu.classpath.SystemProperties;
+
+import java.lang.management.RuntimeMXBean;
+
+import java.util.Arrays;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Properties;
+
+import javax.management.NotCompliantMBeanException;
+
+/**
+ * Provides access to information about the virtual machine.
+ *
+ * @author Andrew John Hughes (gnu_andrew@member.fsf.org)
+ * @since 1.5
+ */
+public final class RuntimeMXBeanImpl
+  extends BeanImpl
+  implements RuntimeMXBean
+{
+
+  private static final String SUN_BOOT_CLASS_PATH = "sun.boot.class.path";
+  private static final String JAVA_BOOT_CLASS_PATH = "java.boot.class.path";
+
+  private long startTime = -1;
+
+  private String bootClassPath = null;
+
+  private boolean bootClassPathSupported = true;
+
+  /**
+   * Constructs a new <code>RuntimeMXBeanImpl</code>.
+   *
+   * @throws NotCompliantMBeanException if this class doesn't implement
+   *                                    the interface or a method appears
+   *                                    in the interface that doesn't comply
+   *                                    with the naming conventions.
+   */
+  public RuntimeMXBeanImpl()
+    throws NotCompliantMBeanException
+  {
+    super(RuntimeMXBean.class);
+  }
+
+  public String getBootClassPath()
+  {
+    checkMonitorPermissions();
+    if (isBootClassPathSupported())
+      return bootClassPath;
+    else
+      throw
+	new UnsupportedOperationException("Retrieving the boot " +
+					  "classpath is not supported.");
+  }
+
+  public String getClassPath()
+  {
+    return System.getProperty("java.class.path");
+  }
+
+  public List getInputArguments()
+  {
+    checkMonitorPermissions();
+    return Arrays.asList(VMRuntimeMXBeanImpl.getInputArguments());
+  }
+
+  public String getLibraryPath()
+  {
+    return System.getProperty("java.library.path");
+  }
+
+  public String getManagementSpecVersion()
+  {
+    return "1.0";
+  }
+
+  public String getName()
+  {
+    return VMRuntimeMXBeanImpl.getName();
+  }
+
+  public String getSpecName()
+  {
+    return System.getProperty("java.vm.specification.name");
+  }
+
+  public String getSpecVendor()
+  {
+    return System.getProperty("java.vm.specification.vendor");
+  }
+
+  public String getSpecVersion()
+  {
+    return System.getProperty("java.vm.specification.version");
+  }
+
+  public long getStartTime()
+  {
+    if (startTime == -1)
+      startTime = VMRuntimeMXBeanImpl.getStartTime();
+    return startTime;
+  }
+
+  public Map getSystemProperties()
+  {
+    Map map = new HashMap();
+    Properties props = System.getProperties();
+    Iterator entries = props.entrySet().iterator();
+    while (entries.hasNext())
+      {
+	Map.Entry next = (Map.Entry) entries.next();
+	Object key = next.getKey();
+	Object value = next.getValue();
+	if (key instanceof String &&
+	    value instanceof String)
+	  map.put(key, value);
+      }
+    return map;
+  }
+  
+  public long getUptime()
+  {
+    return new Date().getTime() - getStartTime();
+  }
+
+  public String getVmName()
+  {
+    return System.getProperty("java.vm.name");
+  }
+
+  public String getVmVendor()
+  {
+    return System.getProperty("java.vm.vendor");
+  }
+
+  public String getVmVersion()
+  {
+    return System.getProperty("java.vm.version");
+  }
+
+  public boolean isBootClassPathSupported()
+  {
+    if (bootClassPath == null)
+      {
+	bootClassPath = SystemProperties.getProperty(JAVA_BOOT_CLASS_PATH);
+	if (bootClassPath == null)
+	  bootClassPath = SystemProperties.getProperty(SUN_BOOT_CLASS_PATH);
+	if (bootClassPath == null)
+	  bootClassPathSupported = false;
+      }
+    return bootClassPathSupported;
+  }
+
+}
diff --git a/libjava/classpath/gnu/java/lang/management/ThreadMXBeanImpl.java b/libjava/classpath/gnu/java/lang/management/ThreadMXBeanImpl.java
new file mode 100644
index 00000000000..609b58da737
--- /dev/null
+++ b/libjava/classpath/gnu/java/lang/management/ThreadMXBeanImpl.java
@@ -0,0 +1,291 @@
+/* ThreadMXBeanImpl.java - Implementation of a thread bean
+   Copyright (C) 2006 Free Software Foundation
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.java.lang.management;
+
+import gnu.classpath.SystemProperties;
+
+import java.lang.management.ThreadInfo;
+import java.lang.management.ThreadMXBean;
+
+import javax.management.NotCompliantMBeanException;
+
+/**
+ * Provides access to information about the threads 
+ * of the virtual machine.  An instance of this bean is
+ * obtained by calling
+ * {@link ManagementFactory#getThreadMXBean()}.
+ * See {@link java.lang.management.ThreadMXBean} for
+ * full documentation.
+ *
+ * @author Andrew John Hughes (gnu_andrew@member.fsf.org)
+ * @since 1.5
+ */
+public final class ThreadMXBeanImpl
+  extends BeanImpl
+  implements ThreadMXBean
+{
+
+  /**
+   * Constant for current thread time support.
+   */
+  private static final String CURRENT_THREAD_TIME_SUPPORT = 
+    "gnu.java.lang.management.CurrentThreadTimeSupport";
+
+  /**
+   * Constant for thread time support.
+   */
+  private static final String THREAD_TIME_SUPPORT = 
+    "gnu.java.lang.management.ThreadTimeSupport";
+
+  /**
+   * Constant for thread contention support.
+   */
+  private static final String CONTENTION_SUPPORT = 
+    "gnu.java.lang.management.ThreadContentionSupport";
+
+  /**
+   * Constant for initial value of thread time support.
+   */
+  private static final String TIME_ENABLED = 
+    "gnu.java.lang.management.ThreadTimeInitallyEnabled";
+  
+  /**
+   * Flag to indicate whether time monitoring is enabled or not.
+   */
+  private boolean timeEnabled;
+
+  /**
+   * Flag to indicate whether contention monitoring is enabled or not.
+   */
+  private boolean contentionEnabled;
+
+  /**
+   * Default constructor to set up flag states.  The
+   * VM has to specify whether time monitoring is initially
+   * enabled or not.
+   *
+   * @throws NotCompliantMBeanException if this class doesn't implement
+   *                                    the interface or a method appears
+   *                                    in the interface that doesn't comply
+   *                                    with the naming conventions.
+   */
+  public ThreadMXBeanImpl()
+    throws NotCompliantMBeanException
+  {
+    super(ThreadMXBean.class);
+    timeEnabled = Boolean.parseBoolean(SystemProperties.getProperty(TIME_ENABLED));
+    contentionEnabled = false;
+  }
+
+  public long[] findMonitorDeadlockedThreads()
+  {
+    checkMonitorPermissions();
+    return VMThreadMXBeanImpl.findMonitorDeadlockedThreads();
+  }
+
+  public long[] getAllThreadIds()
+  {
+    checkMonitorPermissions();
+    return VMThreadMXBeanImpl.getAllThreadIds();
+  }
+
+  public long getCurrentThreadCpuTime()
+  {
+    if (!isCurrentThreadCpuTimeSupported())
+      throw new UnsupportedOperationException("Current thread CPU " +
+					      "time not supported.");
+    if (!timeEnabled)
+      return -1;
+    return VMThreadMXBeanImpl.getCurrentThreadCpuTime();
+  }
+
+  public long getCurrentThreadUserTime()
+  {
+    if (!isCurrentThreadCpuTimeSupported())
+      throw new UnsupportedOperationException("Current thread user " +
+					      "time not supported.");
+    if (!timeEnabled)
+      return -1;
+    return VMThreadMXBeanImpl.getCurrentThreadUserTime();
+  }
+
+  public int getDaemonThreadCount()
+  {
+    return VMThreadMXBeanImpl.getDaemonThreadCount();
+  }
+
+  public int getPeakThreadCount()
+  {
+    return VMThreadMXBeanImpl.getPeakThreadCount();
+  }
+
+  public int getThreadCount()
+  {
+    return VMThreadMXBeanImpl.getThreadCount();
+  }
+
+  public long getThreadCpuTime(long id)
+  {
+    if (!isThreadCpuTimeSupported())
+      throw new UnsupportedOperationException("Thread CPU time not " +
+					      "supported.");
+    if (id <= 0)
+      throw new IllegalArgumentException("Invalid thread id: " + id);
+    if (!timeEnabled)
+      return -1;
+    return VMThreadMXBeanImpl.getThreadCpuTime(id);
+  }
+
+  public ThreadInfo getThreadInfo(long id)
+  {
+    return getThreadInfo(id, 0);
+  }
+
+  public ThreadInfo[] getThreadInfo(long[] ids)
+  {
+    return getThreadInfo(ids, 0);
+  }
+
+  public ThreadInfo getThreadInfo(long id, int maxDepth)
+  {
+    checkMonitorPermissions();
+    if (id <= 0)
+      throw new IllegalArgumentException("Invalid thread id: " + id);
+    if (maxDepth < 0)
+      throw new IllegalArgumentException("Invalid depth: " + maxDepth);
+    return VMThreadMXBeanImpl.getThreadInfoForId(id, maxDepth);
+  }
+
+  public ThreadInfo[] getThreadInfo(long[] ids, int maxDepth)
+  {
+    checkMonitorPermissions();
+    if (maxDepth < 0)
+      throw new IllegalArgumentException("Invalid depth: " + maxDepth);
+    ThreadInfo[] infos = new ThreadInfo[ids.length];
+    for (int a = 0; a < ids.length; ++a)
+      {
+	if (ids[a] <= 0)
+	  throw new IllegalArgumentException("Invalid thread id " + a +
+					     ": " + ids[a]);
+	infos[a] = VMThreadMXBeanImpl.getThreadInfoForId(ids[a], maxDepth);
+      }
+    return infos;
+  }
+
+  public long getThreadUserTime(long id)
+  {
+    if (!isThreadCpuTimeSupported())
+      throw new UnsupportedOperationException("Thread user time not " +
+					      "supported.");
+    if (id <= 0)
+      throw new IllegalArgumentException("Invalid thread id: " + id);
+    if (!timeEnabled)
+      return -1;
+    return VMThreadMXBeanImpl.getThreadUserTime(id);
+  }
+
+  public long getTotalStartedThreadCount()
+  {
+    return VMThreadMXBeanImpl.getTotalStartedThreadCount();
+  }
+
+  public boolean isCurrentThreadCpuTimeSupported()
+  {
+    if (isThreadCpuTimeSupported())
+      return true;
+    return SystemProperties.getProperty(CURRENT_THREAD_TIME_SUPPORT) != null;
+  }
+
+  public boolean isThreadContentionMonitoringEnabled()
+  {
+    if (isThreadContentionMonitoringSupported())
+      return contentionEnabled;
+    else
+      throw new UnsupportedOperationException("Contention monitoring " +
+					      "not supported.");
+  }
+
+  public boolean isThreadContentionMonitoringSupported()
+  {
+    return SystemProperties.getProperty(CONTENTION_SUPPORT) != null;
+  }
+
+  public boolean isThreadCpuTimeEnabled()
+  {
+    if (isThreadCpuTimeSupported() ||
+	isCurrentThreadCpuTimeSupported())
+      return timeEnabled;
+    else
+      throw new UnsupportedOperationException("Thread time not " +
+					      "supported.");
+  }
+  
+  public boolean isThreadCpuTimeSupported()
+  {
+    return SystemProperties.getProperty(THREAD_TIME_SUPPORT) != null;
+  }
+
+  public void resetPeakThreadCount()
+  {
+    checkControlPermissions();
+    VMThreadMXBeanImpl.resetPeakThreadCount();
+  }
+  
+  public void setThreadContentionMonitoringEnabled(boolean enable)
+  {
+    checkControlPermissions();
+    if (isThreadContentionMonitoringSupported())
+      contentionEnabled = enable;
+    else
+      throw new UnsupportedOperationException("Contention monitoring " +
+					      "not supported.");
+  }    
+  
+  public void setThreadCpuTimeEnabled(boolean enable)
+  {
+    checkControlPermissions();
+    if (isThreadCpuTimeSupported() ||
+	isCurrentThreadCpuTimeSupported())
+      timeEnabled = enable;
+    else
+      throw new UnsupportedOperationException("Thread time not " +
+					      "supported.");
+  }
+
+}
+
diff --git a/libjava/classpath/gnu/java/lang/management/package.html b/libjava/classpath/gnu/java/lang/management/package.html
new file mode 100644
index 00000000000..fc1bafc0cdf
--- /dev/null
+++ b/libjava/classpath/gnu/java/lang/management/package.html
@@ -0,0 +1,46 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
+<!-- package.html - describes classes in gnu.java.lang.management package.
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. -->
+
+<html>
+<head><title>GNU Classpath - gnu.java.lang.management</title></head>
+
+<body>
+<p>GNU implementations of the Java system management beans.</p>
+
+</body>
+</html>
diff --git a/libjava/classpath/gnu/java/net/IndexListParser.java b/libjava/classpath/gnu/java/net/IndexListParser.java
index 23d2aa660cb..1165929fc35 100644
--- a/libjava/classpath/gnu/java/net/IndexListParser.java
+++ b/libjava/classpath/gnu/java/net/IndexListParser.java
@@ -125,7 +125,11 @@ public class IndexListParser
 
         br.close();
       }
-    // else INDEX.LIST does not exist
+    else
+      {
+        // INDEX.LIST does not exist
+        clearAll();
+      }
     }
     catch (Exception ex)
     {
diff --git a/libjava/classpath/gnu/java/net/loader/FileResource.java b/libjava/classpath/gnu/java/net/loader/FileResource.java
new file mode 100644
index 00000000000..8071bbf91f8
--- /dev/null
+++ b/libjava/classpath/gnu/java/net/loader/FileResource.java
@@ -0,0 +1,82 @@
+/* FileResource.java -- a Resource for file URLs
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.java.net.loader;
+
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.MalformedURLException;
+import java.net.URL;
+
+public final class FileResource extends Resource
+{
+  final File file;
+
+  public FileResource(FileURLLoader loader, File file)
+  {
+    super(loader);
+    this.file = file;
+  }
+
+  public InputStream getInputStream() throws IOException
+  {
+    return new FileInputStream(file);
+  }
+
+  public int getLength()
+  {
+    return (int) file.length();
+  }
+
+  public URL getURL()
+  {
+    try
+      {
+        return file.toURL();
+      }
+    catch (MalformedURLException e)
+      {
+        InternalError ie = new InternalError();
+        ie.initCause(e);
+        throw ie;
+      }
+  }
+}
\ No newline at end of file
diff --git a/libjava/classpath/gnu/java/net/loader/FileURLLoader.java b/libjava/classpath/gnu/java/net/loader/FileURLLoader.java
new file mode 100644
index 00000000000..39d33a4e4be
--- /dev/null
+++ b/libjava/classpath/gnu/java/net/loader/FileURLLoader.java
@@ -0,0 +1,145 @@
+/* FileURLLoader.java -- a URLLoader for file URLs
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.java.net.loader;
+
+
+import java.io.File;
+import java.io.IOException;
+import java.net.URL;
+import java.net.URLClassLoader;
+import java.net.URLStreamHandlerFactory;
+import java.util.StringTokenizer;
+
+/**
+ * A <code>FileURLLoader</code> is a type of <code>URLLoader</code>
+ * only loading from file url.
+ */
+public final class FileURLLoader extends URLLoader
+{
+  File dir; //the file for this file url
+
+  public FileURLLoader(URLClassLoader classloader,
+                       URLStreamHandlerCache cache,
+                       URLStreamHandlerFactory factory,
+                       URL url, URL absoluteUrl)
+  {
+    super(classloader, cache, factory, url, absoluteUrl);
+    dir = new File(absoluteUrl.getFile());
+  }
+
+  /** get resource with the name "name" in the file url */
+  public Resource getResource(String name)
+  {
+    try 
+      {
+        // Make sure that all components in name are valid by walking through
+        // them
+        File file = walkPathComponents(name);
+
+        if (file == null)
+          return null;
+
+        return new FileResource(this, file);
+      }
+    catch (IOException e)
+      {
+        // Fall through...
+      }
+    return null;
+  }
+
+  /**
+   * Walk all path tokens and check them for validity. At no moment, we are
+   * allowed to reach a directory located "above" the root directory, stored
+   * in "dir" property. We are also not allowed to enter a non existing
+   * directory or a non directory component (plain file, symbolic link, ...).
+   * An empty or null path is valid. Pathnames components are separated by
+   * <code>File.separatorChar</code>
+   * 
+   * @param resourceFileName the name to be checked for validity.
+   * @return the canonical file pointed by the resourceFileName or null if the
+   *         walking failed
+   * @throws IOException in case of issue when creating the canonical
+   *           resulting file
+   * @see File#separatorChar
+   */
+  private File walkPathComponents(String resourceFileName) throws IOException
+  {
+    StringTokenizer stringTokenizer = new StringTokenizer(resourceFileName, File.separator);
+    File currentFile = dir;
+    int tokenCount = stringTokenizer.countTokens();
+
+    for (int i = 0; i < tokenCount - 1; i++)
+      {
+        String currentToken = stringTokenizer.nextToken();
+        
+        // If we are at the root directory and trying to go up, the walking is
+        // finished with an error
+        if ("..".equals(currentToken) && currentFile.equals(dir))
+          return null;
+        
+        currentFile = new File(currentFile, currentToken);
+
+        // If the current file doesn't exist or is not a directory, the walking is
+        // finished with an error
+        if (! (currentFile.exists() && currentFile.isDirectory()))
+          return null;
+        
+      }
+    
+    // Treat the last token differently, if it exists, because it does not need
+    // to be a directory
+    if (tokenCount > 0)
+      {
+        String currentToken = stringTokenizer.nextToken();
+        
+        if ("..".equals(currentToken) && currentFile.equals(dir))
+          return null;
+        
+        currentFile = new File(currentFile, currentToken);
+
+        // If the current file doesn't exist, the walking is
+        // finished with an error
+        if (! currentFile.exists())
+          return null;
+    }
+    
+    return currentFile.getCanonicalFile();
+  }
+}
\ No newline at end of file
diff --git a/libjava/classpath/gnu/java/net/loader/JarURLLoader.java b/libjava/classpath/gnu/java/net/loader/JarURLLoader.java
new file mode 100644
index 00000000000..9385760d547
--- /dev/null
+++ b/libjava/classpath/gnu/java/net/loader/JarURLLoader.java
@@ -0,0 +1,215 @@
+package gnu.java.net.loader;
+
+import gnu.java.net.IndexListParser;
+
+import java.io.IOException;
+import java.net.JarURLConnection;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.net.URLClassLoader;
+import java.net.URLStreamHandlerFactory;
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.LinkedHashMap;
+import java.util.Map;
+import java.util.Set;
+import java.util.StringTokenizer;
+import java.util.jar.Attributes;
+import java.util.jar.JarEntry;
+import java.util.jar.JarFile;
+import java.util.jar.Manifest;
+
+/**
+ * A <code>JarURLLoader</code> is a type of <code>URLLoader</code>
+ * only loading from jar url.
+ */
+public final class JarURLLoader extends URLLoader
+{
+  // True if we've initialized -- i.e., tried open the jar file.
+  boolean initialized;
+  // The jar file for this url.
+  JarFile jarfile;
+  // Base jar: url for all resources loaded from jar.
+  final URL baseJarURL;
+  // The "Class-Path" attribute of this Jar's manifest.
+  ArrayList classPath;
+  // If not null, a mapping from INDEX.LIST for this jar only.
+  // This is a set of all prefixes and top-level files that
+  // ought to be available in this jar.
+  Set indexSet;
+
+  // This constructor is used internally.  It purposely does not open
+  // the jar file -- it defers this until later.  This allows us to
+  // implement INDEX.LIST lazy-loading semantics.
+  private JarURLLoader(URLClassLoader classloader, URLStreamHandlerCache cache,
+                       URLStreamHandlerFactory factory,
+                       URL baseURL, URL absoluteUrl,
+                       Set indexSet)
+  {
+    super(classloader, cache, factory, baseURL, absoluteUrl);
+
+    URL newBaseURL = null;
+    try
+      {
+        // Cache url prefix for all resources in this jar url.
+        String base = baseURL.toExternalForm() + "!/";
+        newBaseURL = new URL("jar", "", -1, base, cache.get(factory, "jar"));
+      }
+    catch (MalformedURLException ignore)
+      {
+        // Ignore.
+      }
+    this.baseJarURL = newBaseURL;
+    this.classPath = null;
+    this.indexSet = indexSet;
+  }
+
+  // This constructor is used by URLClassLoader.  It will immediately
+  // try to read the jar file, in case we've found an index or a class-path
+  // setting.  FIXME: it would be nice to defer this as well, but URLClassLoader
+  // makes this hard.
+  public JarURLLoader(URLClassLoader classloader, URLStreamHandlerCache cache,
+                      URLStreamHandlerFactory factory,
+                      URL baseURL, URL absoluteUrl)
+  {
+    this(classloader, cache, factory, baseURL, absoluteUrl, null);
+    initialize();
+  }
+
+  private void initialize()
+  {
+    JarFile jarfile = null;
+    try
+      {
+        jarfile =
+          ((JarURLConnection) baseJarURL.openConnection()).getJarFile();
+        
+        Manifest manifest;
+        Attributes attributes;
+        String classPathString;
+
+        IndexListParser parser = new IndexListParser(jarfile, baseJarURL,
+                                                     baseURL);
+        LinkedHashMap indexMap = parser.getHeaders();
+        if (indexMap != null)
+          {
+            // Note that the index also computes
+            // the resulting Class-Path -- there are jars out there
+            // where the index lists some required jars which do
+            // not appear in the Class-Path attribute in the manifest.
+            this.classPath = new ArrayList();
+            Iterator it = indexMap.entrySet().iterator();
+            while (it.hasNext())
+              {
+                Map.Entry entry = (Map.Entry) it.next();
+                URL subURL = (URL) entry.getKey();
+                Set prefixes = (Set) entry.getValue();
+                if (subURL.equals(baseURL))
+                  this.indexSet = prefixes;
+                else
+                  {
+                    JarURLLoader subLoader = new JarURLLoader(classloader,
+                                                              cache,
+                                                              factory, subURL,
+                                                              subURL,
+                                                              prefixes);
+                    // Note that we don't care if the sub-loader itself has an
+                    // index or a class-path -- only the top-level jar
+                    // file gets this treatment; its index should cover
+                    // everything.
+                    this.classPath.add(subLoader);
+                  }
+              }
+          }
+        else if ((manifest = jarfile.getManifest()) != null
+                 && (attributes = manifest.getMainAttributes()) != null
+                 && ((classPathString
+                      = attributes.getValue(Attributes.Name.CLASS_PATH)) 
+                     != null))
+          {
+            this.classPath = new ArrayList();
+            StringTokenizer st = new StringTokenizer(classPathString, " ");
+            while (st.hasMoreElements ()) 
+              {
+                String e = st.nextToken ();
+                try
+                  {
+                    URL subURL = new URL(baseURL, e);
+                    // We've seen at least one jar file whose Class-Path
+                    // attribute includes the original jar.  If we process
+                    // that normally we end up with infinite recursion.
+                    if (subURL.equals(baseURL))
+                      continue;
+                    JarURLLoader subLoader = new JarURLLoader(classloader,
+                                                              cache, factory,
+                                                              subURL, subURL);
+                    this.classPath.add(subLoader);
+                    ArrayList extra = subLoader.getClassPath();
+                    if (extra != null)
+                      this.classPath.addAll(extra);
+                  }
+                catch (java.net.MalformedURLException xx)
+                  {
+                    // Give up
+                  }
+              }
+          }
+      }
+    catch (IOException ioe)
+      {
+        /* ignored */
+      }
+
+    this.jarfile = jarfile;
+    this.initialized = true;
+  }
+
+  /** get resource with the name "name" in the jar url */
+  public Resource getResource(String name)
+  {
+    if (name.startsWith("/"))
+      name = name.substring(1);
+    if (indexSet != null)
+      {
+        // Trust the index.
+        String basename = name;
+        int offset = basename.lastIndexOf('/');
+        if (offset != -1)
+          basename = basename.substring(0, offset);
+        if (! indexSet.contains(basename))
+          return null;
+        // FIXME: if the index claim to hold the resource, and jar file
+        // doesn't have it, we're supposed to throw an exception.  However,
+        // in our model this is tricky to implement, as another URLLoader from
+        // the same top-level jar may have an overlapping index entry.
+      }
+
+    if (! initialized)
+      initialize();
+    if (jarfile == null)
+      return null;
+
+    JarEntry je = jarfile.getJarEntry(name);
+    if (je != null)
+      return new JarURLResource(this, name, je);
+    else
+      return null;
+  }
+
+  public Manifest getManifest()
+  {
+    try
+      {
+        return (jarfile == null) ? null : jarfile.getManifest();
+      }
+    catch (IOException ioe)
+      {
+        return null;
+      }
+  }
+
+  public ArrayList getClassPath()
+  {
+    return classPath;
+  }
+}
diff --git a/libjava/classpath/gnu/java/net/loader/JarURLResource.java b/libjava/classpath/gnu/java/net/loader/JarURLResource.java
new file mode 100644
index 00000000000..a9db5ce0b1e
--- /dev/null
+++ b/libjava/classpath/gnu/java/net/loader/JarURLResource.java
@@ -0,0 +1,94 @@
+/* JarURLResource.java -- a Resource for jar URLs
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.java.net.loader;
+
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.security.cert.Certificate;
+import java.util.jar.JarEntry;
+
+public final class JarURLResource extends Resource
+{
+  private final JarEntry entry;
+  private final String name;
+
+  public JarURLResource(JarURLLoader loader, String name, JarEntry entry)
+  {
+    super(loader);
+    this.entry = entry;
+    this.name = name;
+  }
+
+  public InputStream getInputStream() throws IOException
+  {
+    return ((JarURLLoader) loader).jarfile.getInputStream(entry);
+  }
+
+  public int getLength()
+  {
+    return (int) entry.getSize();
+  }
+
+  public Certificate[] getCertificates()
+  {
+    // We have to get the entry from the jar file again, because the
+    // certificates will not be available until the entire entry has
+    // been read.
+    return ((JarEntry) ((JarURLLoader) loader).jarfile.getEntry(name))
+      .getCertificates();
+  }
+
+  public URL getURL()
+  {
+    try
+      {
+        return new URL(((JarURLLoader) loader).baseJarURL, name,
+                       loader.cache.get(loader.factory, "jar"));
+      }
+    catch (MalformedURLException e)
+      {
+        InternalError ie = new InternalError();
+        ie.initCause(e);
+        throw ie;
+      }
+  }
+}
\ No newline at end of file
diff --git a/libjava/classpath/gnu/java/net/loader/RemoteResource.java b/libjava/classpath/gnu/java/net/loader/RemoteResource.java
new file mode 100644
index 00000000000..f18031581ea
--- /dev/null
+++ b/libjava/classpath/gnu/java/net/loader/RemoteResource.java
@@ -0,0 +1,78 @@
+/* Resource.java -- a Resource for "remote" URLs
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.java.net.loader;
+
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URL;
+
+/**
+ * A resource from some remote location.
+ */
+public final class RemoteResource extends Resource
+{
+  private final URL url;
+  private final InputStream stream;
+  final int length;
+
+  public RemoteResource(RemoteURLLoader loader, String name, URL url,
+                        InputStream stream, int length)
+  {
+    super(loader);
+    this.url = url;
+    this.stream = stream;
+    this.length = length;
+  }
+
+  public InputStream getInputStream() throws IOException
+  {
+    return stream;
+  }
+
+  public int getLength()
+  {
+    return length;
+  }
+
+  public URL getURL()
+  {
+    return url;
+  }
+}
\ No newline at end of file
diff --git a/libjava/classpath/gnu/java/net/loader/RemoteURLLoader.java b/libjava/classpath/gnu/java/net/loader/RemoteURLLoader.java
new file mode 100644
index 00000000000..f044740faa5
--- /dev/null
+++ b/libjava/classpath/gnu/java/net/loader/RemoteURLLoader.java
@@ -0,0 +1,101 @@
+/* RemoteURLLoader.java -- a URLLoader for "remote" objects
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.java.net.loader;
+
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.HttpURLConnection;
+import java.net.URL;
+import java.net.URLClassLoader;
+import java.net.URLConnection;
+import java.net.URLStreamHandlerFactory;
+
+/**
+ * Loader for remote directories.
+ */
+public final class RemoteURLLoader extends URLLoader
+{
+  private final String protocol;
+
+  public RemoteURLLoader(URLClassLoader classloader,
+                         URLStreamHandlerCache cache,
+                         URLStreamHandlerFactory factory,
+                         URL url)
+  {
+    super(classloader, cache, factory, url);
+    protocol = url.getProtocol();
+  }
+
+  /**
+   * Get a remote resource.
+   * Returns null if no such resource exists.
+   */
+  public Resource getResource(String name)
+  {
+    try
+      {
+        URL url = new URL(baseURL, name, cache.get(factory, protocol));
+        URLConnection connection = url.openConnection();
+
+        // Open the connection and check the stream
+        // just to be sure it exists.
+        int length = connection.getContentLength();
+        InputStream stream = connection.getInputStream();
+
+        // We can do some extra checking if it is a http request
+        if (connection instanceof HttpURLConnection)
+          {
+            int response =
+              ((HttpURLConnection) connection).getResponseCode();
+            if (response / 100 != 2)
+              return null;
+          }
+
+        if (stream != null)
+          return new RemoteResource(this, name, url, stream, length);
+        else
+          return null;
+      }
+    catch (IOException ioe)
+      {
+        return null;
+      }
+  }
+}
\ No newline at end of file
diff --git a/libjava/classpath/gnu/java/net/loader/Resource.java b/libjava/classpath/gnu/java/net/loader/Resource.java
new file mode 100644
index 00000000000..e367a338802
--- /dev/null
+++ b/libjava/classpath/gnu/java/net/loader/Resource.java
@@ -0,0 +1,110 @@
+/* Resource.java -- a resource for URLLoader
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.java.net.loader;
+
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URL;
+import java.security.CodeSource;
+import java.security.cert.Certificate;
+
+/**
+ * A <code>Resource</code> represents a resource in some
+ * <code>URLLoader</code>. It also contains all information (e.g.,
+ * <code>URL</code>, <code>CodeSource</code>, <code>Manifest</code> and
+ * <code>InputStream</code>) that is necessary for loading resources
+ * and creating classes from a <code>URL</code>.
+ */
+public abstract class Resource
+{
+  final URLLoader loader;
+
+  public Resource(URLLoader loader)
+  {
+    this.loader = loader;
+  }
+
+  /**
+   * Returns the non-null <code>CodeSource</code> associated with
+   * this resource.
+   */
+  public CodeSource getCodeSource()
+  {
+    Certificate[] certs = getCertificates();
+    if (certs == null)
+      return loader.noCertCodeSource;
+    else
+      return new CodeSource(loader.baseURL, certs);
+  }
+
+  /**
+   * Returns <code>Certificates</code> associated with this
+   * resource, or null when there are none.
+   */
+  public Certificate[] getCertificates()
+  {
+    return null;
+  }
+
+  /**
+   * Return the URLLoader for this resource.
+   */
+  public final URLLoader getLoader()
+  {
+    return loader;
+  }
+
+  /**
+   * Return a <code>URL</code> that can be used to access this resource.
+   */
+  public abstract URL getURL();
+
+  /**
+   * Returns the size of this <code>Resource</code> in bytes or
+   * <code>-1</code> when unknown.
+   */
+  public abstract int getLength();
+
+  /**
+   * Returns the non-null <code>InputStream</code> through which
+   * this resource can be loaded.
+   */
+  public abstract InputStream getInputStream() throws IOException;
+}
\ No newline at end of file
diff --git a/libjava/classpath/gnu/java/net/loader/URLLoader.java b/libjava/classpath/gnu/java/net/loader/URLLoader.java
new file mode 100644
index 00000000000..d073c54296a
--- /dev/null
+++ b/libjava/classpath/gnu/java/net/loader/URLLoader.java
@@ -0,0 +1,147 @@
+/* URLLoader.java --  base helper class for URLClassLoader
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.java.net.loader;
+
+import java.net.URL;
+import java.net.URLClassLoader;
+import java.net.URLStreamHandlerFactory;
+import java.security.CodeSource;
+import java.util.ArrayList;
+import java.util.jar.Manifest;
+
+/**
+ * A <code>URLLoader</code> contains all logic to load resources from a
+ * given base <code>URL</code>.
+ */
+public abstract class URLLoader
+{
+  /**
+   * Our classloader to get info from if needed.
+   */
+  final URLClassLoader classloader;
+
+  /**
+   * The base URL from which all resources are loaded.
+   */
+  final URL baseURL;
+
+  /**
+   * The stream handler factory.
+   */
+  final URLStreamHandlerFactory factory;
+
+  /**
+   * The source for stream handlers.
+   */
+  final URLStreamHandlerCache cache;
+
+  /**
+   * A <code>CodeSource</code> without any associated certificates.
+   * It is common for classes to not have certificates associated
+   * with them.  If they come from the same <code>URLLoader</code>
+   * then it is safe to share the associated <code>CodeSource</code>
+   * between them since <code>CodeSource</code> is immutable.
+   */
+  final CodeSource noCertCodeSource;
+
+  public URLLoader(URLClassLoader classloader, URLStreamHandlerCache cache,
+                   URLStreamHandlerFactory factory,
+                   URL baseURL)
+  {
+    this(classloader, cache, factory, baseURL, baseURL);
+  }
+
+  public URLLoader(URLClassLoader classloader, URLStreamHandlerCache cache,
+                   URLStreamHandlerFactory factory,
+                   URL baseURL, URL overrideURL)
+  {
+    this.classloader = classloader;
+    this.baseURL = baseURL;
+    this.factory = factory;
+    this.cache = cache;
+    this.noCertCodeSource = new CodeSource(overrideURL, null);
+  }
+
+  /**
+   * Return the base URL of this loader.
+   */
+  public final URL getBaseURL()
+  {
+    return baseURL;
+  }
+
+  /**
+   * Returns a <code>Class</code> loaded by this
+   * <code>URLLoader</code>, or <code>null</code> when this loader
+   * either can't load the class or doesn't know how to load classes
+   * at all.  Most subclasses do not need to override this; it is only
+   * useful in situations where the subclass has a more direct way of
+   * making <code>Class</code> objects.
+   */
+  public Class getClass(String className)
+  {
+    return null;
+  }
+
+  /**
+   * Returns a <code>Resource</code> loaded by this
+   * <code>URLLoader</code>, or <code>null</code> when no
+   * <code>Resource</code> with the given name exists.
+   */
+  public abstract Resource getResource(String s);
+
+  /**
+   * Returns the <code>Manifest</code> associated with the
+   * <code>Resource</code>s loaded by this <code>URLLoader</code> or
+   * <code>null</code> there is no such <code>Manifest</code>.
+   */
+  public Manifest getManifest()
+  {
+    return null;
+  }
+
+  /**
+   * Return a list of new URLLoader objects representing any
+   * class path entries added by this container.
+   */
+  public ArrayList getClassPath()
+  {
+    return null;
+  }
+}
\ No newline at end of file
diff --git a/libjava/classpath/gnu/java/net/loader/URLStreamHandlerCache.java b/libjava/classpath/gnu/java/net/loader/URLStreamHandlerCache.java
new file mode 100644
index 00000000000..295a15d2b53
--- /dev/null
+++ b/libjava/classpath/gnu/java/net/loader/URLStreamHandlerCache.java
@@ -0,0 +1,84 @@
+/* URLStreamHandlerCache.java -- a cache for URLStreamHandlers
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.java.net.loader;
+
+import java.net.URLStreamHandler;
+import java.net.URLStreamHandlerFactory;
+import java.util.HashMap;
+
+/**
+ */
+public class URLStreamHandlerCache
+{
+  /**
+   * A cache to store mappings between handler factory and its
+   * private protocol handler cache (also a HashMap), so we can avoid
+   * creating handlers each time the same protocol comes.
+   */
+  private HashMap factoryCache = new HashMap(5);
+
+  public URLStreamHandlerCache()
+  {
+  }
+
+  public synchronized void add(URLStreamHandlerFactory factory)
+  {
+    // Since we only support three protocols so far, 5 is enough
+    // for cache initial size.
+    if (factory != null && factoryCache.get(factory) == null)
+      factoryCache.put(factory, new HashMap(5));
+  }
+
+  public synchronized URLStreamHandler get(URLStreamHandlerFactory factory,
+                                           String protocol)
+  {
+    if (factory == null)
+      return null;
+    // Check if there're handler for the same protocol in cache.
+    HashMap cache = (HashMap) factoryCache.get(factory);
+    URLStreamHandler handler = (URLStreamHandler) cache.get(protocol);
+    if (handler == null)
+      {
+        // Add it to cache.
+        handler = factory.createURLStreamHandler(protocol);
+        cache.put(protocol, handler);
+      }
+    return handler;
+  }
+}
diff --git a/libjava/classpath/gnu/java/net/local/LocalSocket.java b/libjava/classpath/gnu/java/net/local/LocalSocket.java
index b977d69c1bc..b262c794e3d 100644
--- a/libjava/classpath/gnu/java/net/local/LocalSocket.java
+++ b/libjava/classpath/gnu/java/net/local/LocalSocket.java
@@ -247,12 +247,13 @@ public final class LocalSocket extends Socket
 
   public void setSoTimeout (int i) throws SocketException
   {
-    throw new SocketException ("local sockets do not support this option");
+    // Ignore.
   }
 
   public int getSoTimeout () throws SocketException
   {
-    throw new SocketException ("local sockets do not support this option");
+    // We don't support timeout, so we return 0.
+    return 0;
   }
 
   public void setSendBufferSize (int i) throws SocketException
diff --git a/libjava/classpath/gnu/java/net/local/LocalSocketImpl.java b/libjava/classpath/gnu/java/net/local/LocalSocketImpl.java
index f907e5f469f..f43305a8027 100644
--- a/libjava/classpath/gnu/java/net/local/LocalSocketImpl.java
+++ b/libjava/classpath/gnu/java/net/local/LocalSocketImpl.java
@@ -57,7 +57,8 @@ final class LocalSocketImpl extends SocketImpl
   private boolean created;
   private InputStream in;
   private OutputStream out;
-  private int socket_fd;
+  // Package private to avoid synthetic accessor method.
+  int socket_fd;
   private LocalSocketAddress local;
   private LocalSocketAddress remote;
 
@@ -104,7 +105,7 @@ final class LocalSocketImpl extends SocketImpl
   protected native void create (boolean stream) throws IOException;
   protected native void listen (int timeout) throws IOException;
   protected native void accept (LocalSocketImpl socket) throws IOException;
-  protected native int available () throws IOException;
+  protected native int available (int fd) throws IOException;
   protected native void close () throws IOException;
   protected native void sendUrgentData (int data) throws IOException;
   protected native void shutdownInput () throws IOException;
@@ -113,8 +114,14 @@ final class LocalSocketImpl extends SocketImpl
   native void unlink () throws IOException;
   native void localBind (LocalSocketAddress addr) throws IOException;
   native void localConnect (LocalSocketAddress addr) throws IOException;
-  native int read (byte[] buf, int off, int len) throws IOException;
-  native void write (byte[] buf, int off, int len) throws IOException;
+  native int read (int fd, byte[] buf, int off, int len) throws IOException;
+  native void write (int fd, byte[] buf, int off, int len) throws IOException;
+
+  protected int available()
+    throws IOException
+  {
+    return available(socket_fd);
+  }
 
   void doCreate () throws IOException
   {
@@ -263,7 +270,7 @@ final class LocalSocketImpl extends SocketImpl
 
     public int read (byte[] buf, int off, int len) throws IOException
     {
-      int ret = impl.read (buf, off, len);
+      int ret = impl.read (socket_fd, buf, off, len);
 
       if (ret == 0)
         {
@@ -316,7 +323,7 @@ final class LocalSocketImpl extends SocketImpl
 
     public void write (byte[] buf, int off, int len) throws IOException
     {
-      impl.write (buf, off, len);
+      impl.write (socket_fd, buf, off, len);
     }
   }
 }
diff --git a/libjava/classpath/gnu/java/net/protocol/http/HTTPConnection.java b/libjava/classpath/gnu/java/net/protocol/http/HTTPConnection.java
index 33d9756aa0c..f5e831c6a01 100644
--- a/libjava/classpath/gnu/java/net/protocol/http/HTTPConnection.java
+++ b/libjava/classpath/gnu/java/net/protocol/http/HTTPConnection.java
@@ -466,7 +466,8 @@ public class HTTPConnection
      */
     synchronized HTTPConnection get(String host,
                                     int port,
-                                    boolean secure)
+                                    boolean secure, 
+				    int connectionTimeout, int timeout)
     {
       String ttl =
         SystemProperties.getProperty("classpath.net.http.keepAliveTTL");
@@ -494,7 +495,7 @@ public class HTTPConnection
         }
       if (c == null)
         {
-          c = new HTTPConnection(host, port, secure);
+          c = new HTTPConnection(host, port, secure, connectionTimeout, timeout);
           c.setPool(this);
         }
       return c;
diff --git a/libjava/classpath/gnu/java/net/protocol/http/HTTPURLConnection.java b/libjava/classpath/gnu/java/net/protocol/http/HTTPURLConnection.java
index 0dce7c75b0c..a46d1204b6d 100644
--- a/libjava/classpath/gnu/java/net/protocol/http/HTTPURLConnection.java
+++ b/libjava/classpath/gnu/java/net/protocol/http/HTTPURLConnection.java
@@ -65,7 +65,7 @@ import javax.net.ssl.SSLSocketFactory;
  * @author Chris Burdess (dog@gnu.org)
  */
 public class HTTPURLConnection
-  extends HttpsURLConnection
+ extends HttpsURLConnection
   implements HandshakeCompletedListener
 {
   /*
@@ -346,11 +346,11 @@ public class HTTPURLConnection
     HTTPConnection connection;
     if (keepAlive)
       {
-        connection = HTTPConnection.Pool.instance.get(host, port, secure);
+        connection = HTTPConnection.Pool.instance.get(host, port, secure, getConnectTimeout(), 0);
       }
     else
       {
-        connection = new HTTPConnection(host, port, secure);
+        connection = new HTTPConnection(host, port, secure, 0, getConnectTimeout());
       }
     return connection;
   }
@@ -653,5 +653,27 @@ public class HTTPURLConnection
     handshakeEvent = event;
   }
 
+  /**
+   * Set the connection timeout speed, in milliseconds, or zero if the timeout
+   * is to be considered infinite.
+   *
+   * Overloaded.
+   *
+   */
+  public void setConnectTimeout(int timeout)
+    throws IllegalArgumentException
+  {
+    super.setConnectTimeout( timeout );
+    if( connection == null )
+      return;
+    try 
+      {
+	connection.getSocket().setSoTimeout( timeout );
+      } 
+    catch(IOException se)
+      {
+	// Ignore socket exceptions.
+      }
+  }
 }
 
diff --git a/libjava/classpath/gnu/java/net/protocol/jar/Connection.java b/libjava/classpath/gnu/java/net/protocol/jar/Connection.java
index 41c5d6dcf69..f99806ae42d 100644
--- a/libjava/classpath/gnu/java/net/protocol/jar/Connection.java
+++ b/libjava/classpath/gnu/java/net/protocol/jar/Connection.java
@@ -188,7 +188,7 @@ public final class Connection extends JarURLConnection
 	else if (field.equals("last-modified"))
 	  {
 	    // Both creating and manipulating dateFormat need synchronization.
-	    synchronized (this.getClass())
+	    synchronized (Connection.class)
 	      {
 		if (dateFormat == null)
 		  dateFormat = new SimpleDateFormat
diff --git a/libjava/classpath/gnu/java/nio/PipeImpl.java b/libjava/classpath/gnu/java/nio/PipeImpl.java
index f7b01c8b740..cccaa39885f 100644
--- a/libjava/classpath/gnu/java/nio/PipeImpl.java
+++ b/libjava/classpath/gnu/java/nio/PipeImpl.java
@@ -37,6 +37,7 @@ exception statement from your version. */
 
 package gnu.java.nio;
 
+
 import java.io.IOException;
 import java.nio.ByteBuffer;
 import java.nio.channels.Pipe;
@@ -47,12 +48,14 @@ class PipeImpl extends Pipe
   public static final class SourceChannelImpl extends Pipe.SourceChannel
   {
     private int native_fd;
+    private VMChannel vmch;
     
     public SourceChannelImpl (SelectorProvider selectorProvider,
                               int native_fd)
     {
       super (selectorProvider);
       this.native_fd = native_fd;
+      vmch = VMChannel.getVMChannel(this);
     }
 
     protected final void implCloseSelectableChannel()
@@ -64,19 +67,19 @@ class PipeImpl extends Pipe
     protected void implConfigureBlocking (boolean blocking)
       throws IOException
     {
-      throw new Error ("Not implemented");
+      vmch.setBlocking(blocking);
     }
 
     public final int read (ByteBuffer src)
       throws IOException
     {
-      throw new Error ("Not implemented");
+      return vmch.read(src);
     }
 
     public final long read (ByteBuffer[] srcs)
       throws IOException
     {
-      return read (srcs, 0, srcs.length);
+      return vmch.readScattering(srcs, 0, srcs.length);
     }
 
     public final synchronized long read (ByteBuffer[] srcs, int offset,
@@ -89,13 +92,7 @@ class PipeImpl extends Pipe
 	  || len > srcs.length - offset)
 	throw new IndexOutOfBoundsException();
 
-      long bytesRead = 0;
-      
-      for (int index = 0; index < len; index++)
-	bytesRead += read (srcs [offset + index]);
-
-      return bytesRead;
-
+      return vmch.readScattering(srcs, offset, len);
     }
 
     public final int getNativeFD()
@@ -107,12 +104,14 @@ class PipeImpl extends Pipe
   public static final class SinkChannelImpl extends Pipe.SinkChannel
   {
     private int native_fd;
+    private VMChannel vmch;
     
     public SinkChannelImpl (SelectorProvider selectorProvider,
                             int native_fd)
     {
       super (selectorProvider);
       this.native_fd = native_fd;
+      vmch = VMChannel.getVMChannel(this);
     }
 
     protected final void implCloseSelectableChannel()
@@ -124,19 +123,19 @@ class PipeImpl extends Pipe
     protected final void implConfigureBlocking (boolean blocking)
       throws IOException
     {
-      throw new Error ("Not implemented");
+      vmch.setBlocking(blocking);
     }
 
     public final int write (ByteBuffer dst)
       throws IOException
     {
-      throw new Error ("Not implemented");
+      return vmch.write(dst);
     }
 
     public final long write (ByteBuffer[] srcs)
       throws IOException
     {
-      return write (srcs, 0, srcs.length);
+      return vmch.writeGathering(srcs, 0, srcs.length);
     }
 
     public final synchronized long write (ByteBuffer[] srcs, int offset, int len)
@@ -147,13 +146,8 @@ class PipeImpl extends Pipe
 	  || len < 0
 	  || len > srcs.length - offset)
 	throw new IndexOutOfBoundsException();
-
-      long bytesWritten = 0;
       
-      for (int index = 0; index < len; index++)
-	bytesWritten += write (srcs [offset + index]);
-
-      return bytesWritten;
+      return vmch.writeGathering(srcs, offset, len);
     }
 
     public final int getNativeFD()
diff --git a/libjava/classpath/gnu/java/nio/SelectionKeyImpl.java b/libjava/classpath/gnu/java/nio/SelectionKeyImpl.java
index a1f125e9f8b..8745377c58f 100644
--- a/libjava/classpath/gnu/java/nio/SelectionKeyImpl.java
+++ b/libjava/classpath/gnu/java/nio/SelectionKeyImpl.java
@@ -1,5 +1,5 @@
 /* SelectionKeyImpl.java -- 
-   Copyright (C) 2002, 2003 Free Software Foundation, Inc.
+   Copyright (C) 2002, 2003, 2006 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -47,8 +47,8 @@ public abstract class SelectionKeyImpl extends AbstractSelectionKey
 {
   private int readyOps;
   private int interestOps;
-  private SelectorImpl impl;
-  SelectableChannel ch;
+  private final SelectorImpl impl;
+  final SelectableChannel ch;
 
   public SelectionKeyImpl (SelectableChannel ch, SelectorImpl impl)
   {
@@ -61,7 +61,7 @@ public abstract class SelectionKeyImpl extends AbstractSelectionKey
     return ch;
   }
 
-  public int readyOps ()
+  public synchronized int readyOps ()
   {
     if (!isValid())
       throw new CancelledKeyException();
@@ -69,7 +69,7 @@ public abstract class SelectionKeyImpl extends AbstractSelectionKey
     return readyOps;
   }
 
-  public SelectionKey readyOps (int ops)
+  public synchronized SelectionKey readyOps (int ops)
   {
     if (!isValid())
       throw new CancelledKeyException();
@@ -83,15 +83,21 @@ public abstract class SelectionKeyImpl extends AbstractSelectionKey
     if (!isValid())
       throw new CancelledKeyException();
     
-    return interestOps;    
+    synchronized (impl.selectedKeys())
+      {
+	return interestOps;
+      }
   }
 
   public SelectionKey interestOps (int ops)
   {
     if (!isValid())
       throw new CancelledKeyException();
-    
-    interestOps = ops;
+
+    synchronized (impl.selectedKeys())
+      {
+	interestOps = ops;
+      }
     return this;
   }
     
diff --git a/libjava/classpath/gnu/java/nio/SelectorImpl.java b/libjava/classpath/gnu/java/nio/SelectorImpl.java
index e10f7157443..d0ec4871367 100644
--- a/libjava/classpath/gnu/java/nio/SelectorImpl.java
+++ b/libjava/classpath/gnu/java/nio/SelectorImpl.java
@@ -1,5 +1,5 @@
 /* SelectorImpl.java -- 
-   Copyright (C) 2002, 2003, 2004  Free Software Foundation, Inc.
+   Copyright (C) 2002, 2003, 2004, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -379,16 +379,19 @@ public class SelectorImpl extends AbstractSelector
       result = new DatagramChannelSelectionKey (ch, this);
     else if (ch instanceof ServerSocketChannelImpl)
       result = new ServerSocketChannelSelectionKey (ch, this);
+    else if (ch instanceof gnu.java.nio.SocketChannelImpl)
+      result = new gnu.java.nio.SocketChannelSelectionKeyImpl((gnu.java.nio.SocketChannelImpl)ch, this);
     else
       throw new InternalError ("No known channel type");
 
     synchronized (keys)
       {
         keys.add (result);
+
+	result.interestOps (ops);
+	result.attach (att);
       }
 
-    result.interestOps (ops);
-    result.attach (att);
     return result;
   }
 }
diff --git a/libjava/classpath/gnu/java/nio/SocketChannelSelectionKeyImpl.java b/libjava/classpath/gnu/java/nio/SocketChannelSelectionKeyImpl.java
new file mode 100644
index 00000000000..30fb2dfba44
--- /dev/null
+++ b/libjava/classpath/gnu/java/nio/SocketChannelSelectionKeyImpl.java
@@ -0,0 +1,69 @@
+/* SocketChannelSelectionKey.java -- Selection key for Socket Channel
+   Copyright (C) 2005 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.java.nio;
+
+
+/**
+ * @author Michael Barker <mike@middlesoft.co.uk>
+ *
+ */
+public class SocketChannelSelectionKeyImpl extends SelectionKeyImpl
+{
+
+  SocketChannelImpl ch;
+  
+  /**
+   * @param ch
+   * @param impl
+   */
+  public SocketChannelSelectionKeyImpl(SocketChannelImpl ch, SelectorImpl impl)
+  {
+    super(ch, impl);
+    this.ch = (SocketChannelImpl) ch;
+  }
+
+  /**
+   * Returns the native file/socket descriptor as an int.
+   */
+  public int getNativeFD()
+  {
+    return ch.getPlainSocketImpl().getNativeFD();
+  }
+
+}
diff --git a/libjava/classpath/gnu/java/nio/channels/FileChannelImpl.java b/libjava/classpath/gnu/java/nio/channels/FileChannelImpl.java
index 671ae5bb15f..ed439e141ef 100644
--- a/libjava/classpath/gnu/java/nio/channels/FileChannelImpl.java
+++ b/libjava/classpath/gnu/java/nio/channels/FileChannelImpl.java
@@ -40,6 +40,7 @@ package gnu.java.nio.channels;
 
 import gnu.classpath.Configuration;
 import gnu.java.nio.FileLockImpl;
+import gnu.java.nio.VMChannel;
 
 import java.io.File;
 import java.io.FileNotFoundException;
@@ -102,6 +103,7 @@ public final class FileChannelImpl extends FileChannel
   // we want to make sure this has the value -1.  This is the most
   // efficient way to accomplish that.
   private int fd = -1;
+  private VMChannel ch;
 
   private int mode;
 
@@ -123,6 +125,7 @@ public final class FileChannelImpl extends FileChannel
     description = path;
     fd = open (path, mode);
     this.mode = mode;
+    this.ch = VMChannel.getVMChannel(this);
 
     // First open the file and then check if it is a a directory
     // to avoid race condition.
@@ -155,6 +158,7 @@ public final class FileChannelImpl extends FileChannel
     this.fd = fd;
     this.mode = mode;
     this.description = "descriptor(" + fd + ")";
+    this.ch = VMChannel.getVMChannel(this);
   }
 
   private native int open (String path, int mode) throws FileNotFoundException;
@@ -181,6 +185,7 @@ public final class FileChannelImpl extends FileChannel
 
   public int read (ByteBuffer dst) throws IOException
   {
+    /*
     int result;
     byte[] buffer = new byte [dst.remaining ()];
     
@@ -190,6 +195,8 @@ public final class FileChannelImpl extends FileChannel
       dst.put (buffer, 0, result);
 
     return result;
+    */
+    return ch.read(dst);
   }
 
   public int read (ByteBuffer dst, long position)
@@ -214,33 +221,12 @@ public final class FileChannelImpl extends FileChannel
   public long read (ByteBuffer[] dsts, int offset, int length)
     throws IOException
   {
-    long result = 0;
-
-    for (int i = offset; i < offset + length; i++)
-      {
-        result += read (dsts [i]);
-      }
-
-    return result;
+    return ch.readScattering(dsts, offset, length);
   }
 
   public int write (ByteBuffer src) throws IOException
   {
-    int len = src.remaining ();
-    if (src.hasArray())
-      {
-	byte[] buffer = src.array();
-	write(buffer, src.arrayOffset() + src.position(), len);
-	src.position(src.position() + len);
-      }
-    else
-      {
-	// Use a more efficient native method! FIXME!
-	byte[] buffer = new byte [len];
-    	src.get (buffer, 0, len);
-	write (buffer, 0, len);
-      }
-    return len;
+    return ch.write(src);
   }
     
   public int write (ByteBuffer src, long position)
@@ -274,14 +260,7 @@ public final class FileChannelImpl extends FileChannel
   public long write(ByteBuffer[] srcs, int offset, int length)
     throws IOException
   {
-    long result = 0;
-
-    for (int i = offset;i < offset + length;i++)
-      {
-        result += write (srcs[i]);
-      }
-    
-    return result;
+    return ch.writeGathering(srcs, offset, length);
   }
 				   
   public native MappedByteBuffer mapImpl (char mode, long position, int size)
@@ -563,4 +542,12 @@ public final class FileChannelImpl extends FileChannel
 	    + ",mode=" + mode + ","
 	    + description + "]");
   }
+
+  /**
+   * @return The native file descriptor.
+   */
+  public int getNativeFD()
+  {
+    return fd;
+  }
 }
diff --git a/libjava/classpath/gnu/java/nio/charset/Provider.java b/libjava/classpath/gnu/java/nio/charset/Provider.java
index ad3b1da8471..b56e5a90e72 100644
--- a/libjava/classpath/gnu/java/nio/charset/Provider.java
+++ b/libjava/classpath/gnu/java/nio/charset/Provider.java
@@ -155,9 +155,9 @@ public final class Provider extends CharsetProvider
  /**
   * Load non-mandatory charsets.
   */
-  private void loadExtended ()
+  private synchronized void loadExtended ()
   {
-    if(extendedLoaded)
+    if (extendedLoaded)
       return;
 
     addCharset (new ISO_8859_3 ());    // ISO-8859-3 aka ISO-LATIN-3
@@ -165,6 +165,12 @@ public final class Provider extends CharsetProvider
     addCharset (new ISO_8859_8 ());    // ISO-8859-8 (Hebrew)
 
     // Some more codepages
+    addCharset (new Cp424());
+    addCharset (new Cp437());
+    addCharset (new Cp737());
+    addCharset (new Cp775());
+    addCharset (new Cp850());
+    addCharset (new Cp852());
     addCharset (new Cp855()); // IBM Cyrillic
     addCharset (new Cp857()); // IBM Turkish
     addCharset (new Cp860()); // MSDOS Portugese
@@ -176,6 +182,24 @@ public final class Provider extends CharsetProvider
     addCharset (new Cp866()); // MSDOS Russian
     addCharset (new Cp869()); // IBM modern Greek
     addCharset (new Cp874()); // IBM Thai
+
+    addCharset (new MacCentralEurope());
+    addCharset (new MacCroatian());
+    addCharset (new MacCyrillic());
+    addCharset (new MacDingbat());
+    addCharset (new MacGreek());
+    addCharset (new MacIceland());
+    addCharset (new MacRoman());
+    addCharset (new MacRomania());
+    addCharset (new MacSymbol());
+    addCharset (new MacThai());
+    addCharset (new MacTurkish());
+    addCharset (new MS874());
+
+    addCharset (new Windows1255());
+    addCharset (new Windows1256());
+    addCharset (new Windows1258());
+
     extendedLoaded = true;
   }
 
@@ -199,7 +223,7 @@ public final class Provider extends CharsetProvider
   public Charset charsetForName (String charsetName)
   {
     Charset cs = (Charset) charsets.get(canonicalNames.get(charsetName.toLowerCase()));
-    if(cs == null && !extendedLoaded)
+    if (cs == null)
      {
        loadExtended();
        cs = (Charset) charsets.get(canonicalNames.get(charsetName.toLowerCase()));
diff --git a/libjava/classpath/gnu/java/rmi/server/ActivatableServerRef.java b/libjava/classpath/gnu/java/rmi/server/ActivatableServerRef.java
index 09595ec5fe5..5b7dadfd217 100644
--- a/libjava/classpath/gnu/java/rmi/server/ActivatableServerRef.java
+++ b/libjava/classpath/gnu/java/rmi/server/ActivatableServerRef.java
@@ -178,7 +178,7 @@ public class ActivatableServerRef extends UnicastServerRef
             Class cls = aClass;
 
             // where ist the _Stub? (check superclasses also)
-            Class expCls = expCls = findStubSkelClass(cls);
+            Class expCls = findStubSkelClass(cls);
 
             if (expCls != null)
               {
diff --git a/libjava/classpath/gnu/java/rmi/server/UnicastServerRef.java b/libjava/classpath/gnu/java/rmi/server/UnicastServerRef.java
index cd891a1aaea..2f7cb9a2d94 100644
--- a/libjava/classpath/gnu/java/rmi/server/UnicastServerRef.java
+++ b/libjava/classpath/gnu/java/rmi/server/UnicastServerRef.java
@@ -150,7 +150,7 @@ public class UnicastServerRef
             Class cls = obj.getClass();
 
             // where ist the _Stub? (check superclasses also)
-            Class expCls = expCls = findStubSkelClass(cls);
+            Class expCls = findStubSkelClass(cls);
 
             if (expCls != null)
               {
diff --git a/libjava/classpath/gnu/java/security/Configuration.java.in b/libjava/classpath/gnu/java/security/Configuration.java.in
new file mode 100644
index 00000000000..1deb543d4b3
--- /dev/null
+++ b/libjava/classpath/gnu/java/security/Configuration.java.in
@@ -0,0 +1,56 @@
+/* Configuration.java --
+   Copyright (C) 2006  Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+ 
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.java.security;
+
+/**
+ * This file defines compile-time constants that can be accessed by
+ * our crypto code. All crypto code should use and define such
+ * constants here instead of using the gnu.classpath.Configuration class.
+ */
+public interface Configuration
+{
+
+  /**
+   * The value of DEBUG is substituted according to whether the
+   * "--enable-debug" argument was passed to configure. Code
+   * which is made conditional based on the value of this flag - typically 
+   * code that generates debugging output - will be removed by the optimizer 
+   * in a non-debug build.
+   */
+  boolean DEBUG = @LIBDEBUG@;
+}
diff --git a/libjava/classpath/gnu/java/security/Engine.java b/libjava/classpath/gnu/java/security/Engine.java
index 4b6bd10d9dd..c6271e3f219 100644
--- a/libjava/classpath/gnu/java/security/Engine.java
+++ b/libjava/classpath/gnu/java/security/Engine.java
@@ -42,6 +42,7 @@ import java.lang.reflect.InvocationTargetException;
 
 import java.security.NoSuchAlgorithmException;
 import java.security.Provider;
+import java.util.Enumeration;
 
 /**
  * Generic implementation of the getInstance methods in the various
@@ -141,26 +142,49 @@ public final class Engine
         || provider == null || initArgs == null)
       throw new IllegalArgumentException();
 
-    // If there is no property "service.algorithm"
-    if (provider.getProperty(service + "." + algorithm) == null)
+    
+    Enumeration enumer = provider.propertyNames();
+    String key;
+    String alias;
+    int count = 0;
+    boolean algorithmFound = false;
+
+    while (enumer.hasMoreElements())
       {
-        // Iterate through aliases, until we find the class name or resolve
-        // too many aliases.
-        String alias = null;
-        int count = 0;
-        while ((alias = provider.getProperty(
-                ALG_ALIAS + service + "." + algorithm)) != null)
+        key = (String) enumer.nextElement();
+
+        if (key.equalsIgnoreCase(service + "." + algorithm))
           {
-            if (algorithm.equals(alias))  // Refers to itself!
-              break;
-            algorithm = alias;
-            if (count++ > MAX_ALIASES)
-              throw new NoSuchAlgorithmException("too many aliases");
+            // remove the service portion from the key
+            algorithm = key.substring(service.length() + 1); 
+            
+            algorithmFound = true;
+            break;
+
           }
-        if (provider.getProperty(service + "." + algorithm) == null)
-          throw new NoSuchAlgorithmException(algorithm);
-      }
+        else if (key.equalsIgnoreCase(ALG_ALIAS + service + "." + algorithm))
+          {
 
+            alias = (String) provider.getProperty(key);
+            
+            if (! algorithm.equalsIgnoreCase(alias)) // does not refer to itself
+              {
+                algorithm = alias;
+                if (count++ > MAX_ALIASES)
+                  throw new NoSuchAlgorithmException("too many aliases");
+                
+                // need to reset enumeration to now look for the alias
+                enumer = provider.propertyNames();
+              }
+          }
+      }
+    
+    if (! algorithmFound)
+      {
+        throw new NoSuchAlgorithmException(algorithm);
+      }
+    
+    
     // Find and instantiate the implementation.
     Class clazz = null;
     ClassLoader loader = provider.getClass().getClassLoader();
diff --git a/libjava/classpath/gnu/java/security/OID.java b/libjava/classpath/gnu/java/security/OID.java
index 473b6ba5a29..f61cf0fc37c 100644
--- a/libjava/classpath/gnu/java/security/OID.java
+++ b/libjava/classpath/gnu/java/security/OID.java
@@ -1,5 +1,5 @@
 /* OID.java -- numeric representation of an object identifier
-   Copyright (C) 2003, 2004, 2005  Free Software Foundation, Inc.
+   Copyright (C) 2003, 2004, 2005, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -71,6 +71,9 @@ public class OID implements Cloneable, Comparable, java.io.Serializable
   // Fields.
   // ------------------------------------------------------------------------
 
+  /* Serial version id for serialization. */
+  static final long serialVersionUID = 5722492029044597779L;
+  
   /**
    * The numeric ID structure.
    */
@@ -211,7 +214,6 @@ public class OID implements Cloneable, Comparable, java.io.Serializable
   /**
    * Construct a new OID from the given DER bytes.
    *
-   * @param root The root OID.
    * @param encoded The encoded relative OID.
    * @param relative The relative flag.
    */
@@ -230,13 +232,6 @@ public class OID implements Cloneable, Comparable, java.io.Serializable
       }
   }
 
-  /**
-   * Our private constructor.
-   */
-  private OID()
-  {
-  }
-
   // Instance methods.
   // ------------------------------------------------------------------------
 
@@ -326,10 +321,16 @@ public class OID implements Cloneable, Comparable, java.io.Serializable
    */
   public Object clone()
   {
-    OID oid = new OID();
-    oid.components = this.components;
-    oid.strRep = this.strRep;
-    return oid;
+    try
+      {
+        return super.clone();
+      }
+    catch (CloneNotSupportedException cnse)
+      {
+        InternalError ie = new InternalError();
+        ie.initCause(cnse);
+        throw ie;
+      }
   }
 
   /* Nice idea, but possibly too expensive for whatever benefit it
diff --git a/libjava/classpath/gnu/java/security/PolicyFile.java b/libjava/classpath/gnu/java/security/PolicyFile.java
index 3064f041b9d..8da3a7d72fe 100644
--- a/libjava/classpath/gnu/java/security/PolicyFile.java
+++ b/libjava/classpath/gnu/java/security/PolicyFile.java
@@ -1,5 +1,5 @@
 /* PolicyFile.java -- policy file reader
-   Copyright (C) 2004, 2005  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2005, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -37,9 +37,9 @@ exception statement from your version. */
 
 package gnu.java.security;
 
-import gnu.classpath.SystemProperties;
 import gnu.classpath.debug.Component;
 import gnu.classpath.debug.SystemLogger;
+import gnu.java.security.action.GetPropertyAction;
 
 import java.io.File;
 import java.io.IOException;
@@ -148,16 +148,17 @@ public final class PolicyFile extends Policy
   // Constants and fields.
   // -------------------------------------------------------------------------
 
-  private static final Logger logger = SystemLogger.SYSTEM;
-
+  protected static final Logger logger = SystemLogger.SYSTEM;
+  // Added to cut redundant AccessController.doPrivileged calls
+  private static GetPropertyAction prop = new GetPropertyAction("file.seperator");
+  private static final String fs = (String) AccessController.doPrivileged(prop);
+  
   private static final String DEFAULT_POLICY =
-    SystemProperties.getProperty("java.home")
-    + SystemProperties.getProperty("file.separator") + "lib"
-    + SystemProperties.getProperty("file.separator") + "security"
-    + SystemProperties.getProperty("file.separator") + "java.policy";
+    (String) AccessController.doPrivileged(prop.setParameters("java.home"))
+    + fs + "lib" + fs + "security" + fs + "java.policy";
   private static final String DEFAULT_USER_POLICY =
-    SystemProperties.getProperty ("user.home") +
-    SystemProperties.getProperty ("file.separator") + ".java.policy";
+    (String) AccessController.doPrivileged(prop.setParameters("user.home")) +
+    fs + ".java.policy";
 
   private final Map cs2pc;
 
@@ -216,7 +217,7 @@ public final class PolicyFile extends Policy
               String allow = Security.getProperty ("policy.allowSystemProperty");
               if (allow == null || Boolean.getBoolean (allow))
                 {
-                  String s = SystemProperties.getProperty ("java.security.policy");
+                  String s = System.getProperty ("java.security.policy");
                   logger.log (Component.POLICY, "java.security.policy={0}", s);
                   if (s != null)
                     {
diff --git a/libjava/classpath/gnu/java/security/Properties.java b/libjava/classpath/gnu/java/security/Properties.java
index 860b7d928ff..a515a54280a 100644
--- a/libjava/classpath/gnu/java/security/Properties.java
+++ b/libjava/classpath/gnu/java/security/Properties.java
@@ -38,38 +38,23 @@ exception statement from your version.  */
 
 package gnu.java.security;
 
+import gnu.java.security.Configuration;
+
 import java.io.FileInputStream;
 import java.io.IOException;
-import java.io.PrintWriter;
 import java.security.AccessController;
 import java.security.PrivilegedAction;
 import java.util.HashMap;
 import java.util.PropertyPermission;
+import java.util.logging.Logger;
 
 /**
- * <p>A global object containing build-specific properties that affect the
- * behaviour of the generated binaries from this library.</p>
+ * A global object containing build-specific properties that affect the
+ * behaviour of the generated binaries from this library.
  */
 public final class Properties
 {
-
-  // Debugging methods and variables
-  // -------------------------------------------------------------------------
-
-  private static final String NAME = "Properties";
-
-  private static final boolean DEBUG = false;
-
-  //   private static final int debuglevel = 9;
-  private static final PrintWriter err = new PrintWriter(System.out, true);
-
-  private static void debug(final String s)
-  {
-    err.println(">>> " + NAME + ": " + s);
-  }
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
+  private static final Logger log = Logger.getLogger(Properties.class.getName());
 
   public static final String VERSION = "gnu.crypto.version";
 
@@ -95,9 +80,6 @@ public final class Properties
 
   private boolean doRSABlinding = true;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial constructor to enforce Singleton pattern. */
   private Properties()
   {
@@ -105,18 +87,15 @@ public final class Properties
     init();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns the string representation of the library global configuration
-   * property with the designated <code>key</code>.</p>
-   *
+   * Returns the string representation of the library global configuration
+   * property with the designated <code>key</code>.
+   * 
    * @param key the case-insensitive, non-null and non-empty name of a
-   * configuration property.
+   *          configuration property.
    * @return the string representation of the designated property, or
-   * <code>null</code> if such property is not yet set, or <code>key</code> is
-   * empty.
+   *         <code>null</code> if such property is not yet set, or
+   *         <code>key</code> is empty.
    */
   public static final synchronized String getProperty(String key)
   {
@@ -132,13 +111,13 @@ public final class Properties
   }
 
   /**
-   * <p>Sets the value of a designated library global configuration property,
-   * to a string representation of what should be a legal value.</p>
-   *
+   * Sets the value of a designated library global configuration property, to a
+   * string representation of what should be a legal value.
+   * 
    * @param key the case-insensitive, non-null and non-empty name of a
-   * configuration property.
-   * @param value the non-null, non-empty string representation of a legal
-   * value of the configuration property named by <code>key</code>.
+   *          configuration property.
+   * @param value the non-null, non-empty string representation of a legal value
+   *          of the configuration property named by <code>key</code>.
    */
   public static final synchronized void setProperty(String key, String value)
   {
@@ -169,13 +148,14 @@ public final class Properties
   }
 
   /**
-   * <p>A convenience method that returns, as a boolean, the library global
+   * A convenience method that returns, as a boolean, the library global
    * configuration property indicating if the default Pseudo Random Number
-   * Generator produces, or not, the same bit stream when instantiated.</p>
-   *
-   * @return <code>true</code> if the default PRNG produces the same bit stream
-   * with every VM instance. Returns <code>false</code> if the default PRNG is
-   * seeded with the time of day of its first invocation.
+   * Generator produces, or not, the same bit stream when instantiated.
+   * 
+   * @return <code>true</code> if the default PRNG produces the same bit
+   *         stream with every VM instance. Returns <code>false</code> if the
+   *         default PRNG is seeded with the time of day of its first
+   *         invocation.
    */
   public static final synchronized boolean isReproducible()
   {
@@ -186,15 +166,15 @@ public final class Properties
   }
 
   /**
-   * <p>A convenience method that returns, as a boolean, the library global
-   * configuration property indicating if the implementations of symmetric
-   * key block ciphers check, or not, for possible/potential weak and semi-weak
-   * keys that may be produced in the course of generating round encryption
-   * and/or decryption keys.</p>
-   *
-   * @return <code>true</code> if the cipher implementations check for weak and
-   * semi-weak keys. Returns <code>false</code> if the cipher implementations
-   * do not check for weak or semi-weak keys.
+   * A convenience method that returns, as a boolean, the library global
+   * configuration property indicating if the implementations of symmetric key
+   * block ciphers check, or not, for possible/potential weak and semi-weak keys
+   * that may be produced in the course of generating round encryption and/or
+   * decryption keys.
+   * 
+   * @return <code>true</code> if the cipher implementations check for weak
+   *         and semi-weak keys. Returns <code>false</code> if the cipher
+   *         implementations do not check for weak or semi-weak keys.
    */
   public static final synchronized boolean checkForWeakKeys()
   {
@@ -205,13 +185,14 @@ public final class Properties
   }
 
   /**
-   * <p>A convenience method that returns, as a boolean, the library global
+   * A convenience method that returns, as a boolean, the library global
    * configuration property indicating if RSA decryption (RSADP primitive),
-   * does, or not, blinding against timing attacks.</p>
-   *
+   * does, or not, blinding against timing attacks.
+   * 
    * @return <code>true</code> if the RSA decryption primitive includes a
-   * blinding operation. Returns <code>false</code> if the RSA decryption
-   * primitive does not include the additional blinding operation.
+   *         blinding operation. Returns <code>false</code> if the RSA
+   *         decryption primitive does not include the additional blinding
+   *         operation.
    */
   public static final synchronized boolean doRSABlinding()
   {
@@ -222,11 +203,11 @@ public final class Properties
   }
 
   /**
-   * <p>A convenience method to set the global property for reproducibility of
-   * the default PRNG bit stream output.</p>
-   *
+   * A convenience method to set the global property for reproducibility of the
+   * default PRNG bit stream output.
+   * 
    * @param value if <code>true</code> then the default PRNG bit stream output
-   * is the same with every invocation of the VM.
+   *          is the same with every invocation of the VM.
    */
   public static final synchronized void setReproducible(final boolean value)
   {
@@ -238,12 +219,12 @@ public final class Properties
   }
 
   /**
-   * <p>A convenience method to set the global property for checking for weak
-   * and semi-weak cipher keys.</p>
-   *
+   * A convenience method to set the global property for checking for weak and
+   * semi-weak cipher keys.
+   * 
    * @param value if <code>true</code> then the cipher implementations will
-   * invoke additional checks for weak and semi-weak key values that may get
-   * generated.
+   *          invoke additional checks for weak and semi-weak key values that
+   *          may get generated.
    */
   public static final synchronized void setCheckForWeakKeys(final boolean value)
   {
@@ -255,11 +236,11 @@ public final class Properties
   }
 
   /**
-   * <p>A convenience method to set the global property fo adding a blinding
-   * operation when executing the RSA decryption primitive.</p>
-   *
+   * A convenience method to set the global property fo adding a blinding
+   * operation when executing the RSA decryption primitive.
+   * 
    * @param value if <code>true</code> then the code for performing the RSA
-   * decryption primitive will include a blinding operation.
+   *          decryption primitive will include a blinding operation.
    */
   public static final synchronized void setDoRSABlinding(final boolean value)
   {
@@ -277,15 +258,12 @@ public final class Properties
     return singleton;
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
   private void init()
   {
     // default values
     props.put(REPRODUCIBLE_PRNG, (reproducible ? "true" : "false"));
     props.put(CHECK_WEAK_KEYS, (checkForWeakKeys ? "true" : "false"));
     props.put(DO_RSA_BLINDING, (doRSABlinding ? "true" : "false"));
-
     // 1. allow site-wide override by reading a properties file
     String propFile = null;
     try
@@ -300,9 +278,8 @@ public final class Properties
       }
     catch (SecurityException se)
       {
-        if (DEBUG)
-          debug("Reading property " + PROPERTIES_FILE
-                + " not allowed. Ignored.");
+        if (Configuration.DEBUG)
+          log.fine("Reading property " + PROPERTIES_FILE + " not allowed. Ignored.");
       }
     if (propFile != null)
       {
@@ -316,27 +293,24 @@ public final class Properties
           }
         catch (IOException ioe)
           {
-            if (DEBUG)
-              debug("IO error reading " + propFile + ": " + ioe.getMessage());
+            if (Configuration.DEBUG)
+              log.fine("IO error reading " + propFile + ": " + ioe.getMessage());
           }
         catch (SecurityException se)
           {
-            if (DEBUG)
-              debug("Security error reading " + propFile + ": "
-                    + se.getMessage());
+            if (Configuration.DEBUG)
+              log.fine("Security error reading " + propFile + ": "
+                       + se.getMessage());
           }
       }
-
     // 2. allow vm-specific override by allowing -D options in launcher
     handleBooleanProperty(REPRODUCIBLE_PRNG);
     handleBooleanProperty(CHECK_WEAK_KEYS);
     handleBooleanProperty(DO_RSA_BLINDING);
-
     // re-sync the 'known' properties
     reproducible = Boolean.valueOf((String) props.get(REPRODUCIBLE_PRNG)).booleanValue();
     checkForWeakKeys = Boolean.valueOf((String) props.get(CHECK_WEAK_KEYS)).booleanValue();
     doRSABlinding = Boolean.valueOf((String) props.get(DO_RSA_BLINDING)).booleanValue();
-
     // This does not change.
     props.put(VERSION, Registry.VERSION_STRING);
   }
@@ -350,24 +324,24 @@ public final class Properties
       }
     catch (SecurityException x)
       {
-        if (DEBUG)
-          debug("SecurityManager forbids reading system properties. Ignored");
+        if (Configuration.DEBUG)
+          log.fine("SecurityManager forbids reading system properties. Ignored");
       }
     if (s != null)
       {
         s = s.trim().toLowerCase();
-        // we have to test for explicit "true" or "false".  anything else may
+        // we have to test for explicit "true" or "false". anything else may
         // hide valid value set previously
         if (s.equals(TRUE) || s.equals(FALSE))
           {
-            if (DEBUG)
-              debug("Setting " + name + " to '" + s + "'");
+            if (Configuration.DEBUG)
+              log.fine("Setting " + name + " to '" + s + "'");
             props.put(name, s);
           }
         else
           {
-            if (DEBUG)
-              debug("Invalid value for -D" + name + ": " + s + ". Ignored");
+            if (Configuration.DEBUG)
+              log.fine("Invalid value for -D" + name + ": " + s + ". Ignored");
           }
       }
   }
diff --git a/libjava/classpath/gnu/java/security/Registry.java b/libjava/classpath/gnu/java/security/Registry.java
index 0cb92513502..053d7177833 100644
--- a/libjava/classpath/gnu/java/security/Registry.java
+++ b/libjava/classpath/gnu/java/security/Registry.java
@@ -44,10 +44,6 @@ package gnu.java.security;
  */
 public interface Registry
 {
-
-  // Constants
-  // -------------------------------------------------------------------------
-
   /** The name of our Providers. */
   String GNU_SECURITY = "GNU";
   String GNU_CRYPTO = "GNU-CRYPTO";
@@ -93,6 +89,18 @@ public interface Registry
 
   String CAST_128_CIPHER = "cast-128";
 
+  // Key Wrapping Algorithm names and synonyms ...............................
+
+  String KWA_PREFIX = "kw-";
+  String AES_KWA = KWA_PREFIX + AES_CIPHER;
+  String AES128_KWA = AES_KWA + "128";
+  String AES192_KWA = AES_KWA + "192";
+  String AES256_KWA = AES_KWA + "256";
+  String RIJNDAEL_KWA = KWA_PREFIX + RIJNDAEL_CIPHER;
+
+  String TRIPLEDES_KWA = KWA_PREFIX + TRIPLEDES_CIPHER;
+  String DESEDE_KWA = KWA_PREFIX + DESEDE_CIPHER;
+
   // Message digest algorithms and synonyms...................................
 
   String WHIRLPOOL_HASH = "whirlpool";
@@ -177,6 +185,9 @@ public interface Registry
   /** TLSv1 padding scheme. */
   String TLS1_PAD = "tls1";
 
+  /** ISO 10126-2 padding scheme. */
+  String ISO10126_PAD = "iso10126";
+
   // Pseudo-random number generators..........................................
 
   /** (Apparently) RC4 keystream PRNG. */
@@ -300,38 +311,38 @@ public interface Registry
   // D (0x44) for DSS, R (0x52) for RSA, H (0x48) for Diffie-Hellman, or S
   // (0x53) for SRP-6, and finally P (0x50) for Public, p (0x70) for private,
   // or S (0x53) for signature.
-  byte[] MAGIC_RAW_DSS_PUBLIC_KEY = new byte[] { 0x47, RAW_ENCODING_ID, 0x44,
-                                                0x50 };
+  byte[] MAGIC_RAW_DSS_PUBLIC_KEY = new byte[] {
+      0x47, RAW_ENCODING_ID, 0x44, 0x50 };
 
-  byte[] MAGIC_RAW_DSS_PRIVATE_KEY = new byte[] { 0x47, RAW_ENCODING_ID, 0x44,
-                                                 0x70 };
+  byte[] MAGIC_RAW_DSS_PRIVATE_KEY = new byte[] {
+      0x47, RAW_ENCODING_ID, 0x44, 0x70 };
 
-  byte[] MAGIC_RAW_DSS_SIGNATURE = new byte[] { 0x47, RAW_ENCODING_ID, 0x44,
-                                               0x53 };
+  byte[] MAGIC_RAW_DSS_SIGNATURE = new byte[] {
+      0x47, RAW_ENCODING_ID, 0x44, 0x53 };
 
-  byte[] MAGIC_RAW_RSA_PUBLIC_KEY = new byte[] { 0x47, RAW_ENCODING_ID, 0x52,
-                                                0x50 };
+  byte[] MAGIC_RAW_RSA_PUBLIC_KEY = new byte[] {
+      0x47, RAW_ENCODING_ID, 0x52, 0x50 };
 
-  byte[] MAGIC_RAW_RSA_PRIVATE_KEY = new byte[] { 0x47, RAW_ENCODING_ID, 0x52,
-                                                 0x70 };
+  byte[] MAGIC_RAW_RSA_PRIVATE_KEY = new byte[] {
+      0x47, RAW_ENCODING_ID, 0x52, 0x70 };
 
-  byte[] MAGIC_RAW_RSA_PSS_SIGNATURE = new byte[] { 0x47, RAW_ENCODING_ID,
-                                                   0x52, 0x53 };
+  byte[] MAGIC_RAW_RSA_PSS_SIGNATURE = new byte[] {
+      0x47, RAW_ENCODING_ID, 0x52, 0x53 };
 
-  byte[] MAGIC_RAW_RSA_PKCS1V1_5_SIGNATURE = new byte[] { 0x47, RAW_ENCODING_ID,
-                                                          0x52, 0x54 };
+  byte[] MAGIC_RAW_RSA_PKCS1V1_5_SIGNATURE = new byte[] {
+      0x47, RAW_ENCODING_ID, 0x52, 0x54 };
 
-  byte[] MAGIC_RAW_DH_PUBLIC_KEY = new byte[] { 0x47, RAW_ENCODING_ID, 0x48,
-                                               0x50 };
+  byte[] MAGIC_RAW_DH_PUBLIC_KEY = new byte[] {
+      0x47, RAW_ENCODING_ID, 0x48, 0x50 };
 
-  byte[] MAGIC_RAW_DH_PRIVATE_KEY = new byte[] { 0x47, RAW_ENCODING_ID, 0x48,
-                                                0x70 };
+  byte[] MAGIC_RAW_DH_PRIVATE_KEY = new byte[] {
+      0x47, RAW_ENCODING_ID, 0x48, 0x70 };
 
-  byte[] MAGIC_RAW_SRP_PUBLIC_KEY = new byte[] { 0x47, RAW_ENCODING_ID, 0x53,
-                                                0x50 };
+  byte[] MAGIC_RAW_SRP_PUBLIC_KEY = new byte[] {
+      0x47, RAW_ENCODING_ID, 0x53, 0x50 };
 
-  byte[] MAGIC_RAW_SRP_PRIVATE_KEY = new byte[] { 0x47, RAW_ENCODING_ID, 0x53,
-                                                 0x70 };
+  byte[] MAGIC_RAW_SRP_PRIVATE_KEY = new byte[] {
+      0x47, RAW_ENCODING_ID, 0x53, 0x70 };
 
   // SASL Property names .....................................................
 
@@ -344,8 +355,7 @@ public interface Registry
   String SASL_PASSWORD = SASL_PREFIX + ".password";
 
   /** Name of authentication information provider packages. */
-  String SASL_AUTH_INFO_PROVIDER_PKGS = SASL_PREFIX
-                                        + ".auth.info.provider.pkgs";
+  String SASL_AUTH_INFO_PROVIDER_PKGS = SASL_PREFIX + ".auth.info.provider.pkgs";
 
   /** SASL authorization ID. */
   String SASL_AUTHORISATION_ID = SASL_PREFIX + ".authorisation.ID";
@@ -452,7 +462,4 @@ public interface Registry
   int GKR_CIPHER_AES_128_OFB = 0;
 
   int GKR_CIPHER_AES_128_CBC = 1;
-
-  // Methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/java/security/hash/BaseHash.java b/libjava/classpath/gnu/java/security/hash/BaseHash.java
index 720b835392a..ff1750aeae0 100644
--- a/libjava/classpath/gnu/java/security/hash/BaseHash.java
+++ b/libjava/classpath/gnu/java/security/hash/BaseHash.java
@@ -39,14 +39,11 @@ exception statement from your version.  */
 package gnu.java.security.hash;
 
 /**
- * <p>A base abstract class to facilitate hash implementations.</p>
+ * A base abstract class to facilitate hash implementations.
  */
-public abstract class BaseHash implements IMessageDigest
+public abstract class BaseHash
+    implements IMessageDigest
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** The canonical name prefix of the hash. */
   protected String name;
 
@@ -62,12 +59,9 @@ public abstract class BaseHash implements IMessageDigest
   /** Temporary input buffer. */
   protected byte[] buffer;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Trivial constructor for use by concrete subclasses.</p>
-   *
+   * Trivial constructor for use by concrete subclasses.
+   * 
    * @param name the canonical name prefix of this instance.
    * @param hashSize the block size of the output in bytes.
    * @param blockSize the block size of the internal transform.
@@ -84,14 +78,6 @@ public abstract class BaseHash implements IMessageDigest
     resetContext();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // IMessageDigest interface implementation ---------------------------------
-
   public String name()
   {
     return name;
@@ -114,9 +100,7 @@ public abstract class BaseHash implements IMessageDigest
     count++;
     buffer[i] = b;
     if (i == (blockSize - 1))
-      {
-        transform(buffer, 0);
-      }
+      transform(buffer, 0);
   }
 
   public void update(byte[] b)
@@ -136,16 +120,13 @@ public abstract class BaseHash implements IMessageDigest
         System.arraycopy(b, offset, buffer, n, partLen);
         transform(buffer, 0);
         for (i = partLen; i + blockSize - 1 < len; i += blockSize)
-          {
-            transform(b, offset + i);
-          }
+          transform(b, offset + i);
+
         n = 0;
       }
 
     if (i < len)
-      {
-        System.arraycopy(b, offset + i, buffer, n, len - i);
-      }
+      System.arraycopy(b, offset + i, buffer, n, len - i);
   }
 
   public byte[] digest()
@@ -163,31 +144,27 @@ public abstract class BaseHash implements IMessageDigest
   { // reset this instance for future re-use
     count = 0L;
     for (int i = 0; i < blockSize;)
-      {
-        buffer[i++] = 0;
-      }
+      buffer[i++] = 0;
 
     resetContext();
   }
 
-  // methods to be implemented by concrete subclasses ------------------------
-
   public abstract Object clone();
 
   public abstract boolean selfTest();
 
   /**
-   * <p>Returns the byte array to use as padding before completing a hash
-   * operation.</p>
-   *
+   * Returns the byte array to use as padding before completing a hash
+   * operation.
+   * 
    * @return the bytes to pad the remaining bytes in the buffer before
-   * completing a hash operation.
+   *         completing a hash operation.
    */
   protected abstract byte[] padBuffer();
 
   /**
-   * <p>Constructs the result from the contents of the current context.</p>
-   *
+   * Constructs the result from the contents of the current context.
+   * 
    * @return the output of the completed hash operation.
    */
   protected abstract byte[] getResult();
@@ -196,11 +173,11 @@ public abstract class BaseHash implements IMessageDigest
   protected abstract void resetContext();
 
   /**
-   * <p>The block digest transformation per se.</p>
-   *
+   * The block digest transformation per se.
+   * 
    * @param in the <i>blockSize</i> long block, as an array of bytes to digest.
    * @param offset the index where the data to digest is located within the
-   * input buffer.
+   *          input buffer.
    */
   protected abstract void transform(byte[] in, int offset);
 }
diff --git a/libjava/classpath/gnu/java/security/hash/HashFactory.java b/libjava/classpath/gnu/java/security/hash/HashFactory.java
index e5209212365..2a4e487858c 100644
--- a/libjava/classpath/gnu/java/security/hash/HashFactory.java
+++ b/libjava/classpath/gnu/java/security/hash/HashFactory.java
@@ -45,113 +45,73 @@ import java.util.HashSet;
 import java.util.Set;
 
 /**
- * <p>A <i>Factory</i> to instantiate message digest algorithm instances.</p>
+ * A <i>Factory</i> to instantiate message digest algorithm instances.
  */
 public class HashFactory
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial constructor to enforce <i>Singleton</i> pattern. */
   private HashFactory()
   {
     super();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Return an instance of a hash algorithm given its name.</p>
-   *
+   * Return an instance of a hash algorithm given its name.
+   * 
    * @param name the name of the hash algorithm.
    * @return an instance of the hash algorithm, or null if none found.
    * @exception InternalError if the implementation does not pass its self-
-   * test.
+   *              test.
    */
   public static IMessageDigest getInstance(String name)
   {
     if (name == null)
-      {
-        return null;
-      }
+      return null;
 
     name = name.trim();
     IMessageDigest result = null;
     if (name.equalsIgnoreCase(Registry.WHIRLPOOL_HASH))
-      {
-        result = new Whirlpool();
-      }
+      result = new Whirlpool();
     else if (name.equalsIgnoreCase(Registry.RIPEMD128_HASH)
              || name.equalsIgnoreCase(Registry.RIPEMD_128_HASH))
-      {
-        result = new RipeMD128();
-      }
+      result = new RipeMD128();
     else if (name.equalsIgnoreCase(Registry.RIPEMD160_HASH)
              || name.equalsIgnoreCase(Registry.RIPEMD_160_HASH))
-      {
-        result = new RipeMD160();
-      }
+      result = new RipeMD160();
     else if (name.equalsIgnoreCase(Registry.SHA160_HASH)
              || name.equalsIgnoreCase(Registry.SHA_1_HASH)
              || name.equalsIgnoreCase(Registry.SHA1_HASH)
              || name.equalsIgnoreCase(Registry.SHA_HASH))
-      {
-        result = new Sha160();
-      }
+      result = new Sha160();
     else if (name.equalsIgnoreCase(Registry.SHA256_HASH))
-      {
-        result = new Sha256();
-      }
+      result = new Sha256();
     else if (name.equalsIgnoreCase(Registry.SHA384_HASH))
-      {
-        result = new Sha384();
-      }
+      result = new Sha384();
     else if (name.equalsIgnoreCase(Registry.SHA512_HASH))
-      {
-        result = new Sha512();
-      }
+      result = new Sha512();
     else if (name.equalsIgnoreCase(Registry.TIGER_HASH))
-      {
-        result = new Tiger();
-      }
+      result = new Tiger();
     else if (name.equalsIgnoreCase(Registry.HAVAL_HASH))
-      {
-        result = new Haval();
-      }
+      result = new Haval();
     else if (name.equalsIgnoreCase(Registry.MD5_HASH))
-      {
-        result = new MD5();
-      }
+      result = new MD5();
     else if (name.equalsIgnoreCase(Registry.MD4_HASH))
-      {
-        result = new MD4();
-      }
+      result = new MD4();
     else if (name.equalsIgnoreCase(Registry.MD2_HASH))
-      {
-        result = new MD2();
-      }
+      result = new MD2();
     else if (name.equalsIgnoreCase(Registry.HAVAL_HASH))
-      {
-        result = new Haval();
-      }
+      result = new Haval();
 
-    if (result != null && !result.selfTest())
-      {
-        throw new InternalError(result.name());
-      }
+    if (result != null && ! result.selfTest())
+      throw new InternalError(result.name());
 
     return result;
   }
 
   /**
-   * <p>Returns a {@link Set} of names of hash algorithms supported by this
-   * <i>Factory</i>.</p>
-   *
+   * Returns a {@link Set} of names of hash algorithms supported by this
+   * <i>Factory</i>.
+   * 
    * @return a {@link Set} of hash names (Strings).
    */
   public static final Set getNames()
@@ -172,7 +132,4 @@ public class HashFactory
 
     return Collections.unmodifiableSet(hs);
   }
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/java/security/hash/Haval.java b/libjava/classpath/gnu/java/security/hash/Haval.java
index 1bf75652de7..662934f34ea 100644
--- a/libjava/classpath/gnu/java/security/hash/Haval.java
+++ b/libjava/classpath/gnu/java/security/hash/Haval.java
@@ -42,25 +42,21 @@ import gnu.java.security.Registry;
 import gnu.java.security.util.Util;
 
 /**
- * <p>The <i>HAVAL</i> message-digest algorithm is a variable output length,
- * with variable number of rounds. By default, this implementation allows
- * <i>HAVAL</i> to be used as a drop-in replacement for <i>MD5</i>.</p>
- *
- * <p>References:</p>
- *
+ * The <i>HAVAL</i> message-digest algorithm is a variable output length, with
+ * variable number of rounds. By default, this implementation allows <i>HAVAL</i>
+ * to be used as a drop-in replacement for <i>MD5</i>.
+ * <p>
+ * References:
  * <ol>
- *    <li>HAVAL - A One-Way Hashing Algorithm with Variable Length of Output<br>
- *    Advances in Cryptology - AUSCRYPT'92, Lecture Notes in Computer Science,<br>
- *    Springer-Verlag, 1993; <br>
- *    Y. Zheng, J. Pieprzyk and J. Seberry.</li>
+ * <li>HAVAL - A One-Way Hashing Algorithm with Variable Length of Output<br>
+ * Advances in Cryptology - AUSCRYPT'92, Lecture Notes in Computer Science,<br>
+ * Springer-Verlag, 1993; <br>
+ * Y. Zheng, J. Pieprzyk and J. Seberry.</li>
  * </ol>
  */
-public class Haval extends BaseHash
+public class Haval
+    extends BaseHash
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   public static final int HAVAL_VERSION = 1;
 
   public static final int HAVAL_128_BIT = 16;
@@ -88,20 +84,18 @@ public class Haval extends BaseHash
 
   /**
    * Number of HAVAL rounds. Allowed values are integers in the range <code>3
-   * .. 5</code>. The default is <code>3</code>.
+   * .. 5</code>.
+   * The default is <code>3</code>.
    */
   private int rounds = HAVAL_3_ROUND;
 
   /** 128-bit interim result. */
   private int h0, h1, h2, h3, h4, h5, h6, h7;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Calls the constructor with two argument using {@link #HAVAL_128_BIT} as
-   * the value for the output size (i.e. <code>128</code> bits, and
-   * {@link #HAVAL_3_ROUND} for the value of number of rounds.</p>
+   * Calls the constructor with two argument using {@link #HAVAL_128_BIT} as the
+   * value for the output size (i.e. <code>128</code> bits, and
+   * {@link #HAVAL_3_ROUND} for the value of number of rounds.
    */
   public Haval()
   {
@@ -109,9 +103,9 @@ public class Haval extends BaseHash
   }
 
   /**
-   * <p>Calls the constructor with two arguments using the designated output
-   * size, and {@link #HAVAL_3_ROUND} for the value of number of rounds.</p>
-   *
+   * Calls the constructor with two arguments using the designated output size,
+   * and {@link #HAVAL_3_ROUND} for the value of number of rounds.
+   * 
    * @param size the output size in bytes of this instance.
    * @throws IllegalArgumentException if the designated output size is invalid.
    * @see #HAVAL_128_BIT
@@ -126,16 +120,16 @@ public class Haval extends BaseHash
   }
 
   /**
-   * <p>Constructs a <code>Haval</code> instance with the designated output
-   * size (in bytes).  Valid output <code>size</code> values are <code>16</code>,
-   * <code>20</code>, <code>24</code>, <code>28</code> and <code>32</code>.
-   * Valid values for <code>rounds</code> are in the range <code>3..5</code>
-   * inclusive.</p>
-   *
+   * Constructs a <code>Haval</code> instance with the designated output size
+   * (in bytes). Valid output <code>size</code> values are <code>16</code>,
+   * <code>20</code>, <code>24</code>, <code>28</code> and
+   * <code>32</code>. Valid values for <code>rounds</code> are in the range
+   * <code>3..5</code> inclusive.
+   * 
    * @param size the output size in bytes of this instance.
    * @param rounds the number of rounds to apply when transforming data.
    * @throws IllegalArgumentException if the designated output size is invalid,
-   * or if the number of rounds is invalid.
+   *           or if the number of rounds is invalid.
    * @see #HAVAL_128_BIT
    * @see #HAVAL_160_BIT
    * @see #HAVAL_192_BIT
@@ -149,24 +143,24 @@ public class Haval extends BaseHash
   {
     super(Registry.HAVAL_HASH, size, BLOCK_SIZE);
 
-    if (size != HAVAL_128_BIT && size != HAVAL_160_BIT && size != HAVAL_192_BIT
-        && size != HAVAL_224_BIT && size != HAVAL_256_BIT)
-      {
-        throw new IllegalArgumentException("Invalid HAVAL output size");
-      }
+    if (size != HAVAL_128_BIT
+        && size != HAVAL_160_BIT
+        && size != HAVAL_192_BIT
+        && size != HAVAL_224_BIT
+        && size != HAVAL_256_BIT)
+      throw new IllegalArgumentException("Invalid HAVAL output size");
 
-    if (rounds != HAVAL_3_ROUND && rounds != HAVAL_4_ROUND
+    if (rounds != HAVAL_3_ROUND
+        && rounds != HAVAL_4_ROUND
         && rounds != HAVAL_5_ROUND)
-      {
-        throw new IllegalArgumentException("Invalid HAVAL number of rounds");
-      }
+      throw new IllegalArgumentException("Invalid HAVAL number of rounds");
 
     this.rounds = rounds;
   }
 
   /**
-   * <p>Private constructor for cloning purposes.</p>
-   *
+   * Private constructor for cloning purposes.
+   * 
    * @param md the instance to clone.
    */
   private Haval(Haval md)
@@ -185,93 +179,142 @@ public class Haval extends BaseHash
     this.buffer = (byte[]) md.buffer.clone();
   }
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.lang.Cloneable interface implementation ----------------------------
-
   public Object clone()
   {
     return new Haval(this);
   }
 
-  // Implementation of concrete methods in BaseHash --------------------------
-
   protected synchronized void transform(byte[] in, int i)
   {
-    int X0 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-             | (in[i++] & 0xFF) << 24;
-    int X1 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-             | (in[i++] & 0xFF) << 24;
-    int X2 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-             | (in[i++] & 0xFF) << 24;
-    int X3 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-             | (in[i++] & 0xFF) << 24;
-    int X4 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-             | (in[i++] & 0xFF) << 24;
-    int X5 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-             | (in[i++] & 0xFF) << 24;
-    int X6 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-             | (in[i++] & 0xFF) << 24;
-    int X7 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-             | (in[i++] & 0xFF) << 24;
-    int X8 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-             | (in[i++] & 0xFF) << 24;
-    int X9 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-             | (in[i++] & 0xFF) << 24;
-    int X10 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | (in[i++] & 0xFF) << 24;
-    int X11 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | (in[i++] & 0xFF) << 24;
-    int X12 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | (in[i++] & 0xFF) << 24;
-    int X13 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | (in[i++] & 0xFF) << 24;
-    int X14 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | (in[i++] & 0xFF) << 24;
-    int X15 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | (in[i++] & 0xFF) << 24;
-    int X16 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | (in[i++] & 0xFF) << 24;
-    int X17 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | (in[i++] & 0xFF) << 24;
-    int X18 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | (in[i++] & 0xFF) << 24;
-    int X19 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | (in[i++] & 0xFF) << 24;
-    int X20 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | (in[i++] & 0xFF) << 24;
-    int X21 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | (in[i++] & 0xFF) << 24;
-    int X22 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | (in[i++] & 0xFF) << 24;
-    int X23 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | (in[i++] & 0xFF) << 24;
-    int X24 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | (in[i++] & 0xFF) << 24;
-    int X25 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | (in[i++] & 0xFF) << 24;
-    int X26 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | (in[i++] & 0xFF) << 24;
-    int X27 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | (in[i++] & 0xFF) << 24;
-    int X28 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | (in[i++] & 0xFF) << 24;
-    int X29 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | (in[i++] & 0xFF) << 24;
-    int X30 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | (in[i++] & 0xFF) << 24;
-    int X31 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | (in[i++] & 0xFF) << 24;
-
+    int X0 = (in[i++] & 0xFF)
+           | (in[i++] & 0xFF) << 8
+           | (in[i++] & 0xFF) << 16
+           | (in[i++] & 0xFF) << 24;
+    int X1 = (in[i++] & 0xFF)
+           | (in[i++] & 0xFF) << 8
+           | (in[i++] & 0xFF) << 16
+           | (in[i++] & 0xFF) << 24;
+    int X2 = (in[i++] & 0xFF)
+           | (in[i++] & 0xFF) << 8
+           | (in[i++] & 0xFF) << 16
+           | (in[i++] & 0xFF) << 24;
+    int X3 = (in[i++] & 0xFF)
+           | (in[i++] & 0xFF) << 8
+           | (in[i++] & 0xFF) << 16
+           | (in[i++] & 0xFF) << 24;
+    int X4 = (in[i++] & 0xFF)
+           | (in[i++] & 0xFF) << 8
+           | (in[i++] & 0xFF) << 16
+           | (in[i++] & 0xFF) << 24;
+    int X5 = (in[i++] & 0xFF)
+           | (in[i++] & 0xFF) << 8
+           | (in[i++] & 0xFF) << 16
+           | (in[i++] & 0xFF) << 24;
+    int X6 = (in[i++] & 0xFF)
+           | (in[i++] & 0xFF) << 8
+           | (in[i++] & 0xFF) << 16
+           | (in[i++] & 0xFF) << 24;
+    int X7 = (in[i++] & 0xFF)
+           | (in[i++] & 0xFF) << 8
+           | (in[i++] & 0xFF) << 16
+           | (in[i++] & 0xFF) << 24;
+    int X8 = (in[i++] & 0xFF)
+           | (in[i++] & 0xFF) << 8
+           | (in[i++] & 0xFF) << 16
+           | (in[i++] & 0xFF) << 24;
+    int X9 = (in[i++] & 0xFF)
+           | (in[i++] & 0xFF) << 8
+           | (in[i++] & 0xFF) << 16
+           | (in[i++] & 0xFF) << 24;
+    int X10 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            | (in[i++] & 0xFF) << 24;
+    int X11 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            | (in[i++] & 0xFF) << 24;
+    int X12 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            | (in[i++] & 0xFF) << 24;
+    int X13 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            | (in[i++] & 0xFF) << 24;
+    int X14 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            | (in[i++] & 0xFF) << 24;
+    int X15 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            | (in[i++] & 0xFF) << 24;
+    int X16 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            | (in[i++] & 0xFF) << 24;
+    int X17 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            | (in[i++] & 0xFF) << 24;
+    int X18 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            | (in[i++] & 0xFF) << 24;
+    int X19 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            | (in[i++] & 0xFF) << 24;
+    int X20 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            | (in[i++] & 0xFF) << 24;
+    int X21 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            | (in[i++] & 0xFF) << 24;
+    int X22 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            | (in[i++] & 0xFF) << 24;
+    int X23 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            | (in[i++] & 0xFF) << 24;
+    int X24 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            | (in[i++] & 0xFF) << 24;
+    int X25 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            | (in[i++] & 0xFF) << 24;
+    int X26 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            | (in[i++] & 0xFF) << 24;
+    int X27 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            | (in[i++] & 0xFF) << 24;
+    int X28 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            | (in[i++] & 0xFF) << 24;
+    int X29 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            | (in[i++] & 0xFF) << 24;
+    int X30 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            | (in[i++] & 0xFF) << 24;
+    int X31 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            | (in[i++] & 0xFF) << 24;
     int t0 = h0, t1 = h1, t2 = h2, t3 = h3, t4 = h4, t5 = h5, t6 = h6, t7 = h7;
-
     // Pass 1
     t7 = FF1(t7, t6, t5, t4, t3, t2, t1, t0, X0);
     t6 = FF1(t6, t5, t4, t3, t2, t1, t0, t7, X1);
@@ -458,7 +501,6 @@ public class Haval extends BaseHash
             t0 = FF5(t0, t7, t6, t5, t4, t3, t2, t1, X15, 0x409F60C4);
           }
       }
-
     h7 += t7;
     h6 += t6;
     h5 += t5;
@@ -471,30 +513,30 @@ public class Haval extends BaseHash
 
   protected byte[] padBuffer()
   {
-    // pad out to 118 mod 128.  other 10 bytes have special use.
-    int n = (int) (count % BLOCK_SIZE);
+    // pad out to 118 mod 128. other 10 bytes have special use.
+    int n = (int)(count % BLOCK_SIZE);
     int padding = (n < 118) ? (118 - n) : (246 - n);
     byte[] result = new byte[padding + 10];
     result[0] = (byte) 0x01;
-
     // save the version number (LSB 3), the number of rounds (3 bits in the
     // middle), the fingerprint length (MSB 2 bits and next byte) and the
     // number of bits in the unpadded message.
     int bl = hashSize * 8;
-    result[padding++] = (byte) (((bl & 0x03) << 6) | ((rounds & 0x07) << 3) | (HAVAL_VERSION & 0x07));
-    result[padding++] = (byte) (bl >>> 2);
-
+    int sigByte = (bl & 0x03) << 6;
+    sigByte |= (rounds & 0x07) << 3;
+    sigByte |= HAVAL_VERSION & 0x07;
+    result[padding++] = (byte) sigByte;
+    result[padding++] = (byte)(bl >>> 2);
     // save number of bits, casting the long to an array of 8 bytes
     long bits = count << 3;
     result[padding++] = (byte) bits;
-    result[padding++] = (byte) (bits >>> 8);
-    result[padding++] = (byte) (bits >>> 16);
-    result[padding++] = (byte) (bits >>> 24);
-    result[padding++] = (byte) (bits >>> 32);
-    result[padding++] = (byte) (bits >>> 40);
-    result[padding++] = (byte) (bits >>> 48);
-    result[padding] = (byte) (bits >>> 56);
-
+    result[padding++] = (byte)(bits >>> 8);
+    result[padding++] = (byte)(bits >>> 16);
+    result[padding++] = (byte)(bits >>> 24);
+    result[padding++] = (byte)(bits >>> 32);
+    result[padding++] = (byte)(bits >>> 40);
+    result[padding++] = (byte)(bits >>> 48);
+    result[padding  ] = (byte)(bits >>> 56);
     return result;
   }
 
@@ -505,49 +547,48 @@ public class Haval extends BaseHash
     byte[] result = new byte[hashSize];
     if (hashSize >= HAVAL_256_BIT)
       {
-        result[31] = (byte) (h7 >>> 24);
-        result[30] = (byte) (h7 >>> 16);
-        result[29] = (byte) (h7 >>> 8);
+        result[31] = (byte)(h7 >>> 24);
+        result[30] = (byte)(h7 >>> 16);
+        result[29] = (byte)(h7 >>> 8);
         result[28] = (byte) h7;
       }
     if (hashSize >= HAVAL_224_BIT)
       {
-        result[27] = (byte) (h6 >>> 24);
-        result[26] = (byte) (h6 >>> 16);
-        result[25] = (byte) (h6 >>> 8);
+        result[27] = (byte)(h6 >>> 24);
+        result[26] = (byte)(h6 >>> 16);
+        result[25] = (byte)(h6 >>> 8);
         result[24] = (byte) h6;
       }
     if (hashSize >= HAVAL_192_BIT)
       {
-        result[23] = (byte) (h5 >>> 24);
-        result[22] = (byte) (h5 >>> 16);
-        result[21] = (byte) (h5 >>> 8);
+        result[23] = (byte)(h5 >>> 24);
+        result[22] = (byte)(h5 >>> 16);
+        result[21] = (byte)(h5 >>> 8);
         result[20] = (byte) h5;
       }
     if (hashSize >= HAVAL_160_BIT)
       {
-        result[19] = (byte) (h4 >>> 24);
-        result[18] = (byte) (h4 >>> 16);
-        result[17] = (byte) (h4 >>> 8);
+        result[19] = (byte)(h4 >>> 24);
+        result[18] = (byte)(h4 >>> 16);
+        result[17] = (byte)(h4 >>> 8);
         result[16] = (byte) h4;
       }
-    result[15] = (byte) (h3 >>> 24);
-    result[14] = (byte) (h3 >>> 16);
-    result[13] = (byte) (h3 >>> 8);
+    result[15] = (byte)(h3 >>> 24);
+    result[14] = (byte)(h3 >>> 16);
+    result[13] = (byte)(h3 >>> 8);
     result[12] = (byte) h3;
-    result[11] = (byte) (h2 >>> 24);
-    result[10] = (byte) (h2 >>> 16);
-    result[9] = (byte) (h2 >>> 8);
-    result[8] = (byte) h2;
-    result[7] = (byte) (h1 >>> 24);
-    result[6] = (byte) (h1 >>> 16);
-    result[5] = (byte) (h1 >>> 8);
-    result[4] = (byte) h1;
-    result[3] = (byte) (h0 >>> 24);
-    result[2] = (byte) (h0 >>> 16);
-    result[1] = (byte) (h0 >>> 8);
-    result[0] = (byte) h0;
-
+    result[11] = (byte)(h2 >>> 24);
+    result[10] = (byte)(h2 >>> 16);
+    result[ 9] = (byte)(h2 >>> 8);
+    result[ 8] = (byte) h2;
+    result[ 7] = (byte)(h1 >>> 24);
+    result[ 6] = (byte)(h1 >>> 16);
+    result[ 5] = (byte)(h1 >>> 8);
+    result[ 4] = (byte) h1;
+    result[ 3] = (byte)(h0 >>> 24);
+    result[ 2] = (byte)(h0 >>> 16);
+    result[ 1] = (byte)(h0 >>> 8);
+    result[ 0] = (byte) h0;
     return result;
   }
 
@@ -567,13 +608,12 @@ public class Haval extends BaseHash
   {
     if (valid == null)
       {
-        valid = Boolean.valueOf(DIGEST0.equals(Util.toString(new Haval().digest())));
+        String d = Util.toString(new Haval().digest());
+        valid = Boolean.valueOf(DIGEST0.equals(d));
       }
     return valid.booleanValue();
   }
 
-  // helper methods ----------------------------------------------------------
-
   /** Tailors the last output. */
   private void tailorDigestBits()
   {
@@ -581,17 +621,25 @@ public class Haval extends BaseHash
     switch (hashSize)
       {
       case HAVAL_128_BIT:
-        t = (h7 & 0x000000FF) | (h6 & 0xFF000000) | (h5 & 0x00FF0000)
-            | (h4 & 0x0000FF00);
+        t = (h7 & 0x000000FF)
+          | (h6 & 0xFF000000)
+          | (h5 & 0x00FF0000)
+          | (h4 & 0x0000FF00);
         h0 += t >>> 8 | t << 24;
-        t = (h7 & 0x0000FF00) | (h6 & 0x000000FF) | (h5 & 0xFF000000)
-            | (h4 & 0x00FF0000);
+        t = (h7 & 0x0000FF00)
+          | (h6 & 0x000000FF)
+          | (h5 & 0xFF000000)
+          | (h4 & 0x00FF0000);
         h1 += t >>> 16 | t << 16;
-        t = (h7 & 0x00FF0000) | (h6 & 0x0000FF00) | (h5 & 0x000000FF)
-            | (h4 & 0xFF000000);
+        t = (h7 & 0x00FF0000)
+          | (h6 & 0x0000FF00)
+          | (h5 & 0x000000FF)
+          | (h4 & 0xFF000000);
         h2 += t >>> 24 | t << 8;
-        t = (h7 & 0xFF000000) | (h6 & 0x00FF0000) | (h5 & 0x0000FF00)
-            | (h4 & 0x000000FF);
+        t = (h7 & 0xFF000000)
+          | (h6 & 0x00FF0000)
+          | (h5 & 0x0000FF00)
+          | (h4 & 0x000000FF);
         h3 += t;
         break;
       case HAVAL_160_BIT:
@@ -625,9 +673,9 @@ public class Haval extends BaseHash
         h1 += ((h7 >>> 22) & 0x1F);
         h2 += ((h7 >>> 18) & 0x0F);
         h3 += ((h7 >>> 13) & 0x1F);
-        h4 += ((h7 >>> 9) & 0x0F);
-        h5 += ((h7 >>> 4) & 0x1F);
-        h6 += (h7 & 0x0F);
+        h4 += ((h7 >>>  9) & 0x0F);
+        h5 += ((h7 >>>  4) & 0x1F);
+        h6 +=  (h7         & 0x0F);
       }
   }
 
@@ -748,8 +796,8 @@ public class Haval extends BaseHash
 
   private int f4(int x6, int x5, int x4, int x3, int x2, int x1, int x0)
   {
-    return x4 & (x5 & ~x2 ^ x3 & ~x6 ^ x1 ^ x6 ^ x0) ^ x3 & (x1 & x2 ^ x5 ^ x6)
-           ^ x2 & x6 ^ x0;
+    return x4 & (x5 & ~x2 ^ x3 & ~x6 ^ x1 ^ x6 ^ x0) ^ x3
+           & (x1 & x2 ^ x5 ^ x6) ^ x2 & x6 ^ x0;
   }
 
   private int f5(int x6, int x5, int x4, int x3, int x2, int x1, int x0)
diff --git a/libjava/classpath/gnu/java/security/hash/IMessageDigest.java b/libjava/classpath/gnu/java/security/hash/IMessageDigest.java
index b3d7f69ca2e..2c5bdd41a57 100644
--- a/libjava/classpath/gnu/java/security/hash/IMessageDigest.java
+++ b/libjava/classpath/gnu/java/security/hash/IMessageDigest.java
@@ -39,64 +39,56 @@ exception statement from your version.  */
 package gnu.java.security.hash;
 
 /**
- * <p>The basic visible methods of any hash algorithm.</p>
- *
- * <p>A hash (or message digest) algorithm produces its output by iterating a
- * basic compression function on blocks of data.</p>
+ * The basic visible methods of any hash algorithm.
+ * <p>
+ * A hash (or message digest) algorithm produces its output by iterating a basic
+ * compression function on blocks of data.
  */
-public interface IMessageDigest extends Cloneable
+public interface IMessageDigest
+    extends Cloneable
 {
-
-  // Constants
-  // -------------------------------------------------------------------------
-
-  // Methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns the canonical name of this algorithm.</p>
-   *
+   * Returns the canonical name of this algorithm.
+   * 
    * @return the canonical name of this instance.
    */
   String name();
 
   /**
-   * <p>Returns the output length in bytes of this message digest algorithm.</p>
-   *
+   * Returns the output length in bytes of this message digest algorithm.
+   * 
    * @return the output length in bytes of this message digest algorithm.
    */
   int hashSize();
 
   /**
-   * <p>Returns the algorithm's (inner) block size in bytes.</p>
-   *
+   * Returns the algorithm's (inner) block size in bytes.
+   * 
    * @return the algorithm's inner block size in bytes.
    */
   int blockSize();
 
   /**
-   * <p>Continues a message digest operation using the input byte.</p>
-   *
+   * Continues a message digest operation using the input byte.
+   * 
    * @param b the input byte to digest.
    */
   void update(byte b);
 
   /**
-   * <p>Continues a message digest operation, by filling the buffer, processing
+   * Continues a message digest operation, by filling the buffer, processing
    * data in the algorithm's HASH_SIZE-bit block(s), updating the context and
-   * count, and buffering the remaining bytes in buffer for the next
-   * operation.</p>
-   *
+   * count, and buffering the remaining bytes in buffer for the next operation.
+   * 
    * @param in the input block.
    */
   void update(byte[] in);
 
   /**
-   * <p>Continues a message digest operation, by filling the buffer, processing
+   * Continues a message digest operation, by filling the buffer, processing
    * data in the algorithm's HASH_SIZE-bit block(s), updating the context and
-   * count, and buffering the remaining bytes in buffer for the next
-   * operation.</p>
-   *
+   * count, and buffering the remaining bytes in buffer for the next operation.
+   * 
    * @param in the input block.
    * @param offset start of meaningful bytes in input block.
    * @param length number of bytes, in input block, to consider.
@@ -104,31 +96,31 @@ public interface IMessageDigest extends Cloneable
   void update(byte[] in, int offset, int length);
 
   /**
-   * <p>Completes the message digest by performing final operations such as
-   * padding and resetting the instance.</p>
-   *
+   * Completes the message digest by performing final operations such as padding
+   * and resetting the instance.
+   * 
    * @return the array of bytes representing the hash value.
    */
   byte[] digest();
 
   /**
-   * <p>Resets the current context of this instance clearing any eventually cached
-   * intermediary values.</p>
+   * Resets the current context of this instance clearing any eventually cached
+   * intermediary values.
    */
   void reset();
 
   /**
-   * <p>A basic test. Ensures that the digest of a pre-determined message is equal
-   * to a known pre-computed value.</p>
-   *
-   * @return <tt>true</tt> if the implementation passes a basic self-test.
-   * Returns <tt>false</tt> otherwise.
+   * A basic test. Ensures that the digest of a pre-determined message is equal
+   * to a known pre-computed value.
+   * 
+   * @return <code>true</code> if the implementation passes a basic self-test.
+   *         Returns <code>false</code> otherwise.
    */
   boolean selfTest();
 
   /**
-   * <p>Returns a clone copy of this instance.</p>
-   *
+   * Returns a clone copy of this instance.
+   * 
    * @return a clone copy of this instance.
    */
   Object clone();
diff --git a/libjava/classpath/gnu/java/security/hash/MD2.java b/libjava/classpath/gnu/java/security/hash/MD2.java
index 2a93c42c44a..8f6b265b037 100644
--- a/libjava/classpath/gnu/java/security/hash/MD2.java
+++ b/libjava/classpath/gnu/java/security/hash/MD2.java
@@ -42,13 +42,12 @@ import gnu.java.security.Registry;
 import gnu.java.security.util.Util;
 
 /**
- * <p>An implementation of the MD2 message digest algorithm.</p>
- *
- * <p>MD2 is not widely used. Unless it is needed for compatibility with
- * existing systems, it is not recommended for use in new applications.</p>
- *
- * <p>References:</p>
- *
+ * An implementation of the MD2 message digest algorithm.
+ * <p>
+ * MD2 is not widely used. Unless it is needed for compatibility with
+ * existing systems, it is not recommended for use in new applications.
+ * <p>
+ * References:
  * <ol>
  *    <li>The <a href="http://www.ietf.org/rfc/rfc1319.txt">MD2</a>
  *    Message-Digest Algorithm.<br>
@@ -57,12 +56,9 @@ import gnu.java.security.util.Util;
  *    under section RFC 1319.</li>
  * </ol>
  */
-public class MD2 extends BaseHash
+public class MD2
+    extends BaseHash
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** An MD2 message digest is always 128-bits long, or 16 bytes. */
   private static final int DIGEST_LENGTH = 16;
 
@@ -70,34 +66,39 @@ public class MD2 extends BaseHash
   private static final int BLOCK_LENGTH = 16;
 
   /** 256 byte "random" permutation of the digits of pi. */
-  private static final byte[] PI = { 41, 46, 67, -55, -94, -40, 124, 1, 61, 54,
-                                    84, -95, -20, -16, 6, 19, 98, -89, 5, -13,
-                                    -64, -57, 115, -116, -104, -109, 43, -39,
-                                    -68, 76, -126, -54, 30, -101, 87, 60, -3,
-                                    -44, -32, 22, 103, 66, 111, 24, -118, 23,
-                                    -27, 18, -66, 78, -60, -42, -38, -98, -34,
-                                    73, -96, -5, -11, -114, -69, 47, -18, 122,
-                                    -87, 104, 121, -111, 21, -78, 7, 63, -108,
-                                    -62, 16, -119, 11, 34, 95, 33, -128, 127,
-                                    93, -102, 90, -112, 50, 39, 53, 62, -52,
-                                    -25, -65, -9, -105, 3, -1, 25, 48, -77, 72,
-                                    -91, -75, -47, -41, 94, -110, 42, -84, 86,
-                                    -86, -58, 79, -72, 56, -46, -106, -92, 125,
-                                    -74, 118, -4, 107, -30, -100, 116, 4, -15,
-                                    69, -99, 112, 89, 100, 113, -121, 32, -122,
-                                    91, -49, 101, -26, 45, -88, 2, 27, 96, 37,
-                                    -83, -82, -80, -71, -10, 28, 70, 97, 105,
-                                    52, 64, 126, 15, 85, 71, -93, 35, -35, 81,
-                                    -81, 58, -61, 92, -7, -50, -70, -59, -22,
-                                    38, 44, 83, 13, 110, -123, 40, -124, 9,
-                                    -45, -33, -51, -12, 65, -127, 77, 82, 106,
-                                    -36, 55, -56, 108, -63, -85, -6, 36, -31,
-                                    123, 8, 12, -67, -79, 74, 120, -120, -107,
-                                    -117, -29, 99, -24, 109, -23, -53, -43, -2,
-                                    59, 0, 29, 57, -14, -17, -73, 14, 102, 88,
-                                    -48, -28, -90, 119, 114, -8, -21, 117, 75,
-                                    10, 49, 68, 80, -76, -113, -19, 31, 26,
-                                    -37, -103, -115, 51, -97, 17, -125, 20 };
+  private static final byte[] PI = {
+        41,   46,   67,  -55,  -94,  -40,  124,   1,
+        61,   54,   84,  -95,  -20,  -16,    6,  19,
+        98,  -89,    5,  -13,  -64,  -57,  115, -116,
+      -104, -109,   43,  -39,  -68,   76, -126,  -54,
+        30, -101,   87,   60,   -3,  -44,  -32,   22,
+       103,   66,  111,   24, -118,   23,  -27,   18,
+       -66,   78,  -60,  -42,  -38,  -98,  -34,   73,
+       -96,   -5,  -11, -114,  -69,   47,  -18,  122,
+       -87,  104,  121, -111,   21,  -78,    7,   63,
+      -108,  -62,   16, -119,   11,   34,   95,   33,
+      -128,  127,   93, -102,   90, -112,   50,   39,
+        53,   62,  -52,  -25,  -65,   -9, -105,    3,
+        -1,   25,   48,  -77,   72,  -91,  -75,  -47,
+       -41,   94, -110,   42,  -84,   86,  -86,  -58,
+        79,  -72,   56,  -46, -106,  -92,  125,  -74,
+       118,   -4,  107,  -30, -100,  116,    4,  -15,
+        69,  -99,  112,   89,  100,  113, -121,   32,
+      -122,   91,  -49,  101,  -26,   45,  -88,    2,
+        27,   96,   37,  -83,  -82,  -80,  -71,  -10,
+        28,   70,   97,  105,   52,   64,  126,   15,
+        85,   71,  -93,   35,  -35,   81,  -81,   58,
+       -61,   92,   -7,  -50,  -70,  -59,  -22,   38,
+        44,   83,   13,  110, -123,   40, -124,    9,
+       -45,  -33,  -51,  -12,   65, -127,   77,   82,
+       106,  -36,   55,  -56,  108,  -63,  -85,   -6,
+        36,  -31,  123,    8,   12,  -67,  -79,   74,
+       120, -120, -107, -117,  -29,   99,  -24,  109,
+       -23,  -53,  -43,   -2,   59,    0,   29,   57,
+       -14,  -17,  -73,   14,  102,   88,  -48,  -28,
+       -90,  119,  114,   -8,  -21,  117,   75,   10,
+        49,   68,   80,  -76, -113,  -19,   31,   26,
+       -37, -103, -115,   51, - 97,   17, -125,   20 };
 
   /** The output of this message digest when no data has been input. */
   private static final String DIGEST0 = "8350E5A3E24C153DF2275C9F80692773";
@@ -114,9 +115,6 @@ public class MD2 extends BaseHash
    */
   private byte[] work;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Creates a new MD2 digest ready for use. */
   public MD2()
   {
@@ -124,7 +122,7 @@ public class MD2 extends BaseHash
   }
 
   /**
-   * <p>Private constructor used for cloning.</p>
+   * Private constructor used for cloning.
    *
    * @param md2 the instance to clone.
    */
@@ -135,38 +133,23 @@ public class MD2 extends BaseHash
     // superclass field
     this.count = md2.count;
     this.buffer = (byte[]) md2.buffer.clone();
-
     // private field
     this.checksum = (byte[]) md2.checksum.clone();
     this.work = (byte[]) md2.work.clone();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.lang.Cloneable interface implementation ----------------------------
-
   public Object clone()
   {
     return new MD2(this);
   }
 
-  // Implementation of abstract methods in BaseHash --------------------------
-
   protected byte[] getResult()
   {
     byte[] result = new byte[DIGEST_LENGTH];
-
     // Encrypt checksum as last block.
     encryptBlock(checksum, 0);
-
     for (int i = 0; i < BLOCK_LENGTH; i++)
-      {
-        result[i] = work[i];
-      }
+      result[i] = work[i];
 
     return result;
   }
@@ -181,17 +164,18 @@ public class MD2 extends BaseHash
   {
     if (valid == null)
       {
-        valid = Boolean.valueOf(DIGEST0.equals(Util.toString(new MD2().digest())));
+        String d = Util.toString(new MD2().digest());
+        valid = Boolean.valueOf(DIGEST0.equals(d));
       }
     return valid.booleanValue();
   }
 
   /**
-   * <p>Generates an array of padding bytes. The padding is defined as
+   * Generates an array of padding bytes. The padding is defined as
    * <code>i</code> bytes of value <code>i</code>, where <code>i</code> is the
    * number of bytes to fill the last block of the message to
    * <code>BLOCK_LENGTH</code> bytes (or <code>BLOCK_LENGTH</code> bytes when
-   * the last block was completely full).</p>
+   * the last block was completely full).
    *
    * @return the bytes to pad the remaining bytes in the buffer before
    * completing a hash operation.
@@ -200,47 +184,26 @@ public class MD2 extends BaseHash
   {
     int length = BLOCK_LENGTH - (int) (count % BLOCK_LENGTH);
     if (length == 0)
-      {
-        length = BLOCK_LENGTH;
-      }
+      length = BLOCK_LENGTH;
+
     byte[] pad = new byte[length];
     for (int i = 0; i < length; i++)
-      {
-        pad[i] = (byte) length;
-      }
+      pad[i] = (byte) length;
+
     return pad;
   }
 
   /**
-   * <p>Adds <code>BLOCK_LENGTH</code> bytes to the running digest.</p>
+   * Adds <code>BLOCK_LENGTH</code> bytes to the running digest.
    *
    * @param in the byte array to take the <code>BLOCK_LENGTH</code> bytes from.
    * @param off the offset to start from in the given byte array.
    */
   protected void transform(byte[] in, int off)
   {
-    // encryptBlock(in, off);
-    // updateCheckSum(in, off);
     updateCheckSumAndEncryptBlock(in, off);
   }
 
-  // Private instance methods ------------------------------------------------
-
-  /**
-   * Updates the checksum with the <code>BLOCK_LENGTH</code> bytes from the
-   * given array starting at <code>off</code>.
-   */
-  /*
-   private void updateCheckSum(byte[] in, int off) {
-   byte l = checksum[BLOCK_LENGTH-1];
-   for (int i = 0; i < BLOCK_LENGTH; i++) {
-   byte b = in[off+i];
-   //         l = (byte)((checksum[i] & 0xFF) ^ (PI[((b & 0xFF) ^ (l & 0xFF))] & 0xFF));
-   l = (byte)(checksum[i] ^ PI[(b ^ l) & 0xFF]);
-   checksum[i] = l;
-   }
-   }
-   */
   /**
    * Adds a new block (<code>BLOCK_LENGTH</code> bytes) to the running digest
    * from the given byte array starting from the given offset.
@@ -251,20 +214,17 @@ public class MD2 extends BaseHash
       {
         byte b = in[off + i];
         work[BLOCK_LENGTH + i] = b;
-        work[BLOCK_LENGTH * 2 + i] = (byte) (work[i] ^ b);
+        work[BLOCK_LENGTH * 2 + i] = (byte)(work[i] ^ b);
       }
-
     byte t = 0;
     for (int i = 0; i < 18; i++)
       {
         for (int j = 0; j < 3 * BLOCK_LENGTH; j++)
           {
-            //            t = (byte)((work[j] & 0xFF) ^ (PI[t & 0xFF] & 0xFF));
-            t = (byte) (work[j] ^ PI[t & 0xFF]);
+            t = (byte)(work[j] ^ PI[t & 0xFF]);
             work[j] = t;
           }
-        //         t = (byte)((t + i) & 0xFF);
-        t = (byte) (t + i);
+        t = (byte)(t + i);
       }
   }
 
@@ -278,24 +238,19 @@ public class MD2 extends BaseHash
       {
         byte b = in[off + i];
         work[BLOCK_LENGTH + i] = b;
-        //         work[BLOCK_LENGTH*2+i] = (byte)((work[i] & 0xFF) ^ (b & 0xFF));
-        work[BLOCK_LENGTH * 2 + i] = (byte) (work[i] ^ b);
-        //         l = (byte)((checksum[i] & 0xFF) ^ (PI[((b & 0xFF) ^ (l & 0xFF))] & 0xFF));
-        l = (byte) (checksum[i] ^ PI[(b ^ l) & 0xFF]);
+        work[BLOCK_LENGTH * 2 + i] = (byte)(work[i] ^ b);
+        l = (byte)(checksum[i] ^ PI[(b ^ l) & 0xFF]);
         checksum[i] = l;
       }
-
     byte t = 0;
     for (int i = 0; i < 18; i++)
       {
         for (int j = 0; j < 3 * BLOCK_LENGTH; j++)
           {
-            //            t = (byte)((work[j] & 0xFF) ^ (PI[t & 0xFF] & 0xFF));
-            t = (byte) (work[j] ^ PI[t & 0xFF]);
+            t = (byte)(work[j] ^ PI[t & 0xFF]);
             work[j] = t;
           }
-        //         t = (byte)((t + i) & 0xFF);
-        t = (byte) (t + i);
+        t = (byte)(t + i);
       }
   }
 }
diff --git a/libjava/classpath/gnu/java/security/hash/MD4.java b/libjava/classpath/gnu/java/security/hash/MD4.java
index a09eb170554..dfc1c6bd69f 100644
--- a/libjava/classpath/gnu/java/security/hash/MD4.java
+++ b/libjava/classpath/gnu/java/security/hash/MD4.java
@@ -42,14 +42,13 @@ import gnu.java.security.Registry;
 import gnu.java.security.util.Util;
 
 /**
- * <p>An implementation of Ron Rivest's MD4 message digest algorithm.</p>
- *
- * <p>MD4 was the precursor to the stronger {@link gnu.crypto.hash.MD5}
+ * An implementation of Ron Rivest's MD4 message digest algorithm.
+ * <p>
+ * MD4 was the precursor to the stronger {@link gnu.java.security.hash.MD5}
  * algorithm, and while not considered cryptograpically secure itself, MD4 is
- * in use in various applications. It is slightly faster than MD5.</p>
- *
- * <p>References:</p>
- *
+ * in use in various applications. It is slightly faster than MD5.
+ * <p>
+ * References:
  * <ol>
  *    <li>The <a href="http://www.ietf.org/rfc/rfc1320.txt">MD4</a>
  *    Message-Digest Algorithm.<br>
@@ -58,12 +57,9 @@ import gnu.java.security.util.Util;
  *
  * @author Casey Marshall (rsdio@metastatic.org)
  */
-public class MD4 extends BaseHash
+public class MD4
+    extends BaseHash
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** An MD4 message digest is always 128-bits long, or 16 bytes. */
   private static final int DIGEST_LENGTH = 16;
 
@@ -86,13 +82,9 @@ public class MD4 extends BaseHash
 
   private int a, b, c, d;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Public constructor. Initializes the chaining variables, sets the byte
+   * Public constructor. Initializes the chaining variables, sets the byte
    * count to <code>0</code>, and creates a new block of <code>512</code> bits.
-   * </p>
    */
   public MD4()
   {
@@ -100,7 +92,7 @@ public class MD4 extends BaseHash
   }
 
   /**
-   * <p>Trivial private constructor for cloning purposes.</p>
+   * Trivial private constructor for cloning purposes.
    *
    * @param that the instance to clone.
    */
@@ -116,30 +108,18 @@ public class MD4 extends BaseHash
     this.buffer = (byte[]) that.buffer.clone();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.lang.Cloneable interface implementation ----------------------------
-
   public Object clone()
   {
     return new MD4(this);
   }
 
-  // Implementation of abstract methods in BashHash --------------------------
-
   protected byte[] getResult()
   {
-    byte[] digest = { (byte) a, (byte) (a >>> 8), (byte) (a >>> 16),
-                     (byte) (a >>> 24), (byte) b, (byte) (b >>> 8),
-                     (byte) (b >>> 16), (byte) (b >>> 24), (byte) c,
-                     (byte) (c >>> 8), (byte) (c >>> 16), (byte) (c >>> 24),
-                     (byte) d, (byte) (d >>> 8), (byte) (d >>> 16),
-                     (byte) (d >>> 24) };
-    return digest;
+    return new byte[] {
+        (byte) a, (byte)(a >>> 8), (byte)(a >>> 16), (byte)(a >>> 24),
+        (byte) b, (byte)(b >>> 8), (byte)(b >>> 16), (byte)(b >>> 24),
+        (byte) c, (byte)(c >>> 8), (byte)(c >>> 16), (byte)(c >>> 24),
+        (byte) d, (byte)(d >>> 8), (byte)(d >>> 16), (byte)(d >>> 24) };
   }
 
   protected void resetContext()
@@ -154,68 +134,97 @@ public class MD4 extends BaseHash
   {
     if (valid == null)
       {
-        valid = Boolean.valueOf(DIGEST0.equals(Util.toString(new MD4().digest())));
+        String d = Util.toString(new MD4().digest());
+        valid = Boolean.valueOf(DIGEST0.equals(d));
       }
     return valid.booleanValue();
   }
 
   protected byte[] padBuffer()
   {
-    int n = (int) (count % BLOCK_LENGTH);
+    int n = (int)(count % BLOCK_LENGTH);
     int padding = (n < 56) ? (56 - n) : (120 - n);
     byte[] pad = new byte[padding + 8];
-
     pad[0] = (byte) 0x80;
     long bits = count << 3;
     pad[padding++] = (byte) bits;
-    pad[padding++] = (byte) (bits >>> 8);
-    pad[padding++] = (byte) (bits >>> 16);
-    pad[padding++] = (byte) (bits >>> 24);
-    pad[padding++] = (byte) (bits >>> 32);
-    pad[padding++] = (byte) (bits >>> 40);
-    pad[padding++] = (byte) (bits >>> 48);
-    pad[padding] = (byte) (bits >>> 56);
-
+    pad[padding++] = (byte)(bits >>> 8);
+    pad[padding++] = (byte)(bits >>> 16);
+    pad[padding++] = (byte)(bits >>> 24);
+    pad[padding++] = (byte)(bits >>> 32);
+    pad[padding++] = (byte)(bits >>> 40);
+    pad[padding++] = (byte)(bits >>> 48);
+    pad[padding  ] = (byte)(bits >>> 56);
     return pad;
   }
 
   protected void transform(byte[] in, int i)
   {
-    int X0 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-             | in[i++] << 24;
-    int X1 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-             | in[i++] << 24;
-    int X2 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-             | in[i++] << 24;
-    int X3 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-             | in[i++] << 24;
-    int X4 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-             | in[i++] << 24;
-    int X5 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-             | in[i++] << 24;
-    int X6 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-             | in[i++] << 24;
-    int X7 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-             | in[i++] << 24;
-    int X8 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-             | in[i++] << 24;
-    int X9 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-             | in[i++] << 24;
-    int X10 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | in[i++] << 24;
-    int X11 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | in[i++] << 24;
-    int X12 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | in[i++] << 24;
-    int X13 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | in[i++] << 24;
-    int X14 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | in[i++] << 24;
-    int X15 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | in[i] << 24;
-
+    int X0 = (in[i++] & 0xFF)
+           | (in[i++] & 0xFF) << 8
+           | (in[i++] & 0xFF) << 16
+           | in[i++] << 24;
+    int X1 = (in[i++] & 0xFF)
+           | (in[i++] & 0xFF) << 8
+           | (in[i++] & 0xFF) << 16
+           | in[i++] << 24;
+    int X2 = (in[i++] & 0xFF)
+           | (in[i++] & 0xFF) << 8
+           | (in[i++] & 0xFF) << 16
+           | in[i++] << 24;
+    int X3 = (in[i++] & 0xFF)
+           | (in[i++] & 0xFF) << 8
+           | (in[i++] & 0xFF) << 16
+           | in[i++] << 24;
+    int X4 = (in[i++] & 0xFF)
+           | (in[i++] & 0xFF) << 8
+           | (in[i++] & 0xFF) << 16
+           | in[i++] << 24;
+    int X5 = (in[i++] & 0xFF)
+           | (in[i++] & 0xFF) << 8
+           | (in[i++] & 0xFF) << 16
+           | in[i++] << 24;
+    int X6 = (in[i++] & 0xFF)
+           | (in[i++] & 0xFF) << 8
+           | (in[i++] & 0xFF) << 16
+           | in[i++] << 24;
+    int X7 = (in[i++] & 0xFF)
+           | (in[i++] & 0xFF) << 8
+           | (in[i++] & 0xFF) << 16
+           | in[i++] << 24;
+    int X8 = (in[i++] & 0xFF)
+           | (in[i++] & 0xFF) << 8
+           | (in[i++] & 0xFF) << 16
+           | in[i++] << 24;
+    int X9 = (in[i++] & 0xFF)
+           | (in[i++] & 0xFF) << 8
+           | (in[i++] & 0xFF) << 16
+           | in[i++] << 24;
+    int X10 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            | in[i++] << 24;
+    int X11 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            | in[i++] << 24;
+    int X12 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            | in[i++] << 24;
+    int X13 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            | in[i++] << 24;
+    int X14 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            | in[i++] << 24;
+    int X15 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            | in[i] << 24;
     int aa, bb, cc, dd;
-
     aa = a;
     bb = b;
     cc = c;
diff --git a/libjava/classpath/gnu/java/security/hash/MD5.java b/libjava/classpath/gnu/java/security/hash/MD5.java
index 165392394fc..653078512d5 100644
--- a/libjava/classpath/gnu/java/security/hash/MD5.java
+++ b/libjava/classpath/gnu/java/security/hash/MD5.java
@@ -42,26 +42,22 @@ import gnu.java.security.Registry;
 import gnu.java.security.util.Util;
 
 /**
- * <p>The MD5 message-digest algorithm takes as input a message of arbitrary
+ * The MD5 message-digest algorithm takes as input a message of arbitrary
  * length and produces as output a 128-bit "fingerprint" or "message digest" of
  * the input. It is conjectured that it is computationally infeasible to
  * produce two messages having the same message digest, or to produce any
- * message having a given prespecified target message digest.</p>
- *
- * <p>References:</p>
- *
+ * message having a given prespecified target message digest.
+ * <p>
+ * References:
  * <ol>
  *    <li>The <a href="http://www.ietf.org/rfc/rfc1321.txt">MD5</a> Message-
  *    Digest Algorithm.<br>
  *    R. Rivest.</li>
  * </ol>
  */
-public class MD5 extends BaseHash
+public class MD5
+    extends BaseHash
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   private static final int BLOCK_SIZE = 64; // inner block size in bytes
 
   private static final String DIGEST0 = "D41D8CD98F00B204E9800998ECF8427E";
@@ -72,9 +68,6 @@ public class MD5 extends BaseHash
   /** 128-bit interim result. */
   private int h0, h1, h2, h3;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial 0-arguments constructor. */
   public MD5()
   {
@@ -82,7 +75,7 @@ public class MD5 extends BaseHash
   }
 
   /**
-   * <p>Private constructor for cloning purposes.</p>
+   * Private constructor for cloning purposes.
    *
    * @param md the instance to clone.
    */
@@ -98,61 +91,81 @@ public class MD5 extends BaseHash
     this.buffer = (byte[]) md.buffer.clone();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.lang.Cloneable interface implementation ----------------------------
-
   public Object clone()
   {
     return new MD5(this);
   }
 
-  // Implementation of concrete methods in BaseHash --------------------------
-
   protected synchronized void transform(byte[] in, int i)
   {
-    int X0 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-             | in[i++] << 24;
-    int X1 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-             | in[i++] << 24;
-    int X2 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-             | in[i++] << 24;
-    int X3 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-             | in[i++] << 24;
-    int X4 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-             | in[i++] << 24;
-    int X5 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-             | in[i++] << 24;
-    int X6 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-             | in[i++] << 24;
-    int X7 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-             | in[i++] << 24;
-    int X8 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-             | in[i++] << 24;
-    int X9 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-             | in[i++] << 24;
-    int X10 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | in[i++] << 24;
-    int X11 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | in[i++] << 24;
-    int X12 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | in[i++] << 24;
-    int X13 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | in[i++] << 24;
-    int X14 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | in[i++] << 24;
-    int X15 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16
-              | in[i] << 24;
-
+    int X0 = (in[i++] & 0xFF)
+           | (in[i++] & 0xFF) << 8
+           | (in[i++] & 0xFF) << 16
+           |  in[i++]         << 24;
+    int X1 = (in[i++] & 0xFF)
+           | (in[i++] & 0xFF) << 8
+           | (in[i++] & 0xFF) << 16
+           |  in[i++]         << 24;
+    int X2 = (in[i++] & 0xFF)
+           | (in[i++] & 0xFF) << 8
+           | (in[i++] & 0xFF) << 16
+           |  in[i++]         << 24;
+    int X3 = (in[i++] & 0xFF)
+           | (in[i++] & 0xFF) << 8
+           | (in[i++] & 0xFF) << 16
+           |  in[i++]         << 24;
+    int X4 = (in[i++] & 0xFF)
+           | (in[i++] & 0xFF) << 8
+           | (in[i++] & 0xFF) << 16
+           |  in[i++]         << 24;
+    int X5 = (in[i++] & 0xFF)
+           | (in[i++] & 0xFF) << 8
+           | (in[i++] & 0xFF) << 16
+           |  in[i++]         << 24;
+    int X6 = (in[i++] & 0xFF)
+           | (in[i++] & 0xFF) << 8
+           | (in[i++] & 0xFF) << 16
+           |  in[i++]         << 24;
+    int X7 = (in[i++] & 0xFF)
+           | (in[i++] & 0xFF) << 8
+           | (in[i++] & 0xFF) << 16
+           |  in[i++]         << 24;
+    int X8 = (in[i++] & 0xFF)
+           | (in[i++] & 0xFF) << 8
+           | (in[i++] & 0xFF) << 16
+           |  in[i++]         << 24;
+    int X9 = (in[i++] & 0xFF)
+           | (in[i++] & 0xFF) << 8
+           | (in[i++] & 0xFF) << 16
+           |  in[i++]         << 24;
+    int X10 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            |  in[i++]         << 24;
+    int X11 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            |  in[i++]         << 24;
+    int X12 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            |  in[i++]         << 24;
+    int X13 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            |  in[i++]         << 24;
+    int X14 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            |  in[i++]         << 24;
+    int X15 = (in[i++] & 0xFF)
+            | (in[i++] & 0xFF) << 8
+            | (in[i++] & 0xFF) << 16
+            |  in[i]           << 24;
     int A = h0;
     int B = h1;
     int C = h2;
     int D = h3;
-
     // hex constants are from md5.c in FSF Gnu Privacy Guard 0.9.2
     // round 1
     A += ((B & C) | (~B & D)) + X0 + 0xD76AA478;
@@ -310,39 +323,31 @@ public class MD5 extends BaseHash
 
   protected byte[] padBuffer()
   {
-    int n = (int) (count % BLOCK_SIZE);
+    int n = (int)(count % BLOCK_SIZE);
     int padding = (n < 56) ? (56 - n) : (120 - n);
     byte[] result = new byte[padding + 8];
-
     // padding is always binary 1 followed by binary 0s
     result[0] = (byte) 0x80;
-
     // save number of bits, casting the long to an array of 8 bytes
     long bits = count << 3;
     result[padding++] = (byte) bits;
-    result[padding++] = (byte) (bits >>> 8);
-    result[padding++] = (byte) (bits >>> 16);
-    result[padding++] = (byte) (bits >>> 24);
-    result[padding++] = (byte) (bits >>> 32);
-    result[padding++] = (byte) (bits >>> 40);
-    result[padding++] = (byte) (bits >>> 48);
-    result[padding] = (byte) (bits >>> 56);
-
+    result[padding++] = (byte)(bits >>> 8);
+    result[padding++] = (byte)(bits >>> 16);
+    result[padding++] = (byte)(bits >>> 24);
+    result[padding++] = (byte)(bits >>> 32);
+    result[padding++] = (byte)(bits >>> 40);
+    result[padding++] = (byte)(bits >>> 48);
+    result[padding  ] = (byte)(bits >>> 56);
     return result;
   }
 
   protected byte[] getResult()
   {
-    byte[] result = new byte[] { (byte) h0, (byte) (h0 >>> 8),
-                                (byte) (h0 >>> 16), (byte) (h0 >>> 24),
-                                (byte) h1, (byte) (h1 >>> 8),
-                                (byte) (h1 >>> 16), (byte) (h1 >>> 24),
-                                (byte) h2, (byte) (h2 >>> 8),
-                                (byte) (h2 >>> 16), (byte) (h2 >>> 24),
-                                (byte) h3, (byte) (h3 >>> 8),
-                                (byte) (h3 >>> 16), (byte) (h3 >>> 24) };
-
-    return result;
+    return new byte[] {
+        (byte) h0, (byte)(h0 >>> 8), (byte)(h0 >>> 16), (byte)(h0 >>> 24),
+        (byte) h1, (byte)(h1 >>> 8), (byte)(h1 >>> 16), (byte)(h1 >>> 24),
+        (byte) h2, (byte)(h2 >>> 8), (byte)(h2 >>> 16), (byte)(h2 >>> 24),
+        (byte) h3, (byte)(h3 >>> 8), (byte)(h3 >>> 16), (byte)(h3 >>> 24) };
   }
 
   protected void resetContext()
@@ -358,7 +363,8 @@ public class MD5 extends BaseHash
   {
     if (valid == null)
       {
-        valid = Boolean.valueOf(DIGEST0.equals(Util.toString(new MD5().digest())));
+        String d = Util.toString(new MD5().digest());
+        valid = Boolean.valueOf(DIGEST0.equals(d));
       }
     return valid.booleanValue();
   }
diff --git a/libjava/classpath/gnu/java/security/hash/RipeMD128.java b/libjava/classpath/gnu/java/security/hash/RipeMD128.java
index 31874a0c29a..62f5a05e5bf 100644
--- a/libjava/classpath/gnu/java/security/hash/RipeMD128.java
+++ b/libjava/classpath/gnu/java/security/hash/RipeMD128.java
@@ -42,54 +42,48 @@ import gnu.java.security.Registry;
 import gnu.java.security.util.Util;
 
 /**
- * <p>RIPEMD-128 is a 128-bit message digest.</p>
- *
- * <p>References:</p>
- *
+ * RIPEMD-128 is a 128-bit message digest.
+ * <p>
+ * References:
  * <ol>
  *    <li><a href="http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html">
  *    RIPEMD160</a>: A Strengthened Version of RIPEMD.<br>
  *    Hans Dobbertin, Antoon Bosselaers and Bart Preneel.</li>
  * </ol>
  */
-public class RipeMD128 extends BaseHash
+public class RipeMD128
+    extends BaseHash
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   private static final int BLOCK_SIZE = 64; // inner block size in bytes
 
   private static final String DIGEST0 = "CDF26213A150DC3ECB610F18F6B38B46";
 
   /** Constants for the transform method. */
   // selection of message word
-  private static final int[] R = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12,
-                                  13, 14, 15, 7, 4, 13, 1, 10, 6, 15, 3, 12, 0,
-                                  9, 5, 2, 14, 11, 8, 3, 10, 14, 4, 9, 15, 8,
-                                  1, 2, 7, 0, 6, 13, 11, 5, 12, 1, 9, 11, 10,
-                                  0, 8, 12, 4, 13, 3, 7, 15, 14, 5, 6, 2 };
-
-  private static final int[] Rp = { 5, 14, 7, 0, 9, 2, 11, 4, 13, 6, 15, 8, 1,
-                                   10, 3, 12, 6, 11, 3, 7, 0, 13, 5, 10, 14,
-                                   15, 8, 12, 4, 9, 1, 2, 15, 5, 1, 3, 7, 14,
-                                   6, 9, 11, 8, 12, 2, 10, 0, 4, 13, 8, 6, 4,
-                                   1, 3, 11, 15, 0, 5, 12, 2, 13, 9, 7, 10, 14 };
+  private static final int[] R = {
+       0,  1,  2,  3,  4,  5,  6, 7,  8, 9, 10, 11, 12, 13, 14, 15,
+       7,  4, 13,  1, 10,  6, 15, 3, 12, 0,  9,  5,  2, 14, 11,  8,
+       3, 10, 14,  4,  9, 15,  8, 1,  2, 7,  0,  6, 13, 11,  5, 12,
+       1,  9, 11, 10,  0,  8, 12, 4, 13, 3,  7, 15, 14,  5,  6,  2 };
+
+  private static final int[] Rp = {
+       5, 14, 7, 0, 9,  2, 11,  4, 13,  6, 15,  8, 1, 10,  3, 12,
+       6, 11, 3, 7, 0, 13,  5, 10, 14, 15,  8, 12, 4,  9,  1,  2,
+      15,  5, 1, 3, 7, 14,  6,  9, 11,  8, 12,  2, 10, 0,  4, 13,
+       8,  6, 4, 1, 3, 11, 15,  0,  5, 12,  2, 13,  9, 7, 10, 14 };
 
   // amount for rotate left (rol)
-  private static final int[] S = { 11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15,
-                                  6, 7, 9, 8, 7, 6, 8, 13, 11, 9, 7, 15, 7, 12,
-                                  15, 9, 11, 7, 13, 12, 11, 13, 6, 7, 14, 9,
-                                  13, 15, 14, 8, 13, 6, 5, 12, 7, 5, 11, 12,
-                                  14, 15, 14, 15, 9, 8, 9, 14, 5, 6, 8, 6, 5,
-                                  12 };
-
-  private static final int[] Sp = { 8, 9, 9, 11, 13, 15, 15, 5, 7, 7, 8, 11,
-                                   14, 14, 12, 6, 9, 13, 15, 7, 12, 8, 9, 11,
-                                   7, 7, 12, 7, 6, 15, 13, 11, 9, 7, 15, 11, 8,
-                                   6, 6, 14, 12, 13, 5, 14, 13, 13, 7, 5, 15,
-                                   5, 8, 11, 14, 14, 6, 14, 6, 9, 12, 9, 12, 5,
-                                   15, 8 };
+  private static final int[] S = {
+      11, 14, 15, 12,  5,  8,  7,  9, 11, 13, 14, 15,  6,  7,  9,  8,
+       7,  6,  8, 13, 11,  9,  7, 15,  7, 12, 15,  9, 11,  7, 13, 12,
+      11, 13,  6,  7, 14,  9, 13, 15, 14,  8, 13,  6,  5, 12,  7,  5,
+      11, 12, 14, 15, 14, 15,  9,  8,  9, 14,  5,  6,  8,  6,  5, 12 };
+
+  private static final int[] Sp = {
+       8,  9,  9, 11, 13, 15, 15,  5,  7,  7,  8, 11, 14, 14, 12,  6,
+       9, 13, 15,  7, 12,  8,  9, 11,  7,  7, 12,  7,  6, 15, 13, 11,
+       9,  7, 15, 11,  8,  6,  6, 14, 12, 13,  5, 14, 13, 13,  7,  5,
+      15,  5,  8, 11, 14, 14,  6, 14,  6,  9, 12,  9, 12,  5, 15,  8 };
 
   /** caches the result of the correctness test, once executed. */
   private static Boolean valid;
@@ -100,9 +94,6 @@ public class RipeMD128 extends BaseHash
   /** 512 bits work buffer = 16 x 32-bit words */
   private int[] X = new int[16];
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial 0-arguments constructor. */
   public RipeMD128()
   {
@@ -110,7 +101,7 @@ public class RipeMD128 extends BaseHash
   }
 
   /**
-   * <p>Private constructor for cloning purposes.</p>
+   * Private constructor for cloning purposes.
    *
    * @param md the instance to clone.
    */
@@ -126,40 +117,26 @@ public class RipeMD128 extends BaseHash
     this.buffer = (byte[]) md.buffer.clone();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.lang.Cloneable interface implementation ----------------------------
-
   public Object clone()
   {
     return new RipeMD128(this);
   }
 
-  // Implementation of concrete methods in BaseHash --------------------------
-
   protected void transform(byte[] in, int offset)
   {
     int A, B, C, D, Ap, Bp, Cp, Dp, T, s, i;
-
-    // encode 64 bytes from input block into an array of 16 unsigned
-    // integers.
+    // encode 64 bytes from input block into an array of 16 unsigned integers.
     for (i = 0; i < 16; i++)
-      {
-        X[i] = (in[offset++] & 0xFF) | (in[offset++] & 0xFF) << 8
-               | (in[offset++] & 0xFF) << 16 | in[offset++] << 24;
-      }
-
+      X[i] = (in[offset++] & 0xFF)
+           | (in[offset++] & 0xFF) << 8
+           | (in[offset++] & 0xFF) << 16
+           |  in[offset++]         << 24;
     A = Ap = h0;
     B = Bp = h1;
     C = Cp = h2;
     D = Dp = h3;
-
-    for (i = 0; i < 16; i++)
-      { // rounds 0...15
+    for (i = 0; i < 16; i++) // rounds 0...15
+      {
         s = S[i];
         T = A + (B ^ C ^ D) + X[i];
         A = D;
@@ -174,9 +151,8 @@ public class RipeMD128 extends BaseHash
         Cp = Bp;
         Bp = T << s | T >>> (32 - s);
       }
-
-    for (; i < 32; i++)
-      { // rounds 16...31
+    for (; i < 32; i++) // rounds 16...31
+      {
         s = S[i];
         T = A + ((B & C) | (~B & D)) + X[R[i]] + 0x5A827999;
         A = D;
@@ -191,9 +167,8 @@ public class RipeMD128 extends BaseHash
         Cp = Bp;
         Bp = T << s | T >>> (32 - s);
       }
-
-    for (; i < 48; i++)
-      { // rounds 32...47
+    for (; i < 48; i++) // rounds 32...47
+      {
         s = S[i];
         T = A + ((B | ~C) ^ D) + X[R[i]] + 0x6ED9EBA1;
         A = D;
@@ -208,9 +183,8 @@ public class RipeMD128 extends BaseHash
         Cp = Bp;
         Bp = T << s | T >>> (32 - s);
       }
-
-    for (; i < 64; i++)
-      { // rounds 48...63
+    for (; i < 64; i++) // rounds 48...63
+      {
         s = S[i];
         T = A + ((B & D) | (C & ~D)) + X[R[i]] + 0x8F1BBCDC;
         A = D;
@@ -225,7 +199,6 @@ public class RipeMD128 extends BaseHash
         Cp = Bp;
         Bp = T << s | T >>> (32 - s);
       }
-
     T = h1 + C + Dp;
     h1 = h2 + D + Ap;
     h2 = h3 + A + Bp;
@@ -235,39 +208,32 @@ public class RipeMD128 extends BaseHash
 
   protected byte[] padBuffer()
   {
-    int n = (int) (count % BLOCK_SIZE);
+    int n = (int)(count % BLOCK_SIZE);
     int padding = (n < 56) ? (56 - n) : (120 - n);
     byte[] result = new byte[padding + 8];
-
     // padding is always binary 1 followed by binary 0s
     result[0] = (byte) 0x80;
-
     // save number of bits, casting the long to an array of 8 bytes
     long bits = count << 3;
     result[padding++] = (byte) bits;
-    result[padding++] = (byte) (bits >>> 8);
-    result[padding++] = (byte) (bits >>> 16);
-    result[padding++] = (byte) (bits >>> 24);
-    result[padding++] = (byte) (bits >>> 32);
-    result[padding++] = (byte) (bits >>> 40);
-    result[padding++] = (byte) (bits >>> 48);
-    result[padding] = (byte) (bits >>> 56);
-
+    result[padding++] = (byte)(bits >>> 8);
+    result[padding++] = (byte)(bits >>> 16);
+    result[padding++] = (byte)(bits >>> 24);
+    result[padding++] = (byte)(bits >>> 32);
+    result[padding++] = (byte)(bits >>> 40);
+    result[padding++] = (byte)(bits >>> 48);
+    result[padding  ] = (byte)(bits >>> 56);
     return result;
   }
 
   protected byte[] getResult()
   {
-    byte[] result = new byte[] { (byte) h0, (byte) (h0 >>> 8),
-                                (byte) (h0 >>> 16), (byte) (h0 >>> 24),
-                                (byte) h1, (byte) (h1 >>> 8),
-                                (byte) (h1 >>> 16), (byte) (h1 >>> 24),
-                                (byte) h2, (byte) (h2 >>> 8),
-                                (byte) (h2 >>> 16), (byte) (h2 >>> 24),
-                                (byte) h3, (byte) (h3 >>> 8),
-                                (byte) (h3 >>> 16), (byte) (h3 >>> 24) };
-
-    return result;
+    return new byte[] {
+        (byte) h0, (byte)(h0 >>> 8), (byte)(h0 >>> 16), (byte)(h0 >>> 24),
+        (byte) h1, (byte)(h1 >>> 8), (byte)(h1 >>> 16), (byte)(h1 >>> 24),
+        (byte) h2, (byte)(h2 >>> 8), (byte)(h2 >>> 16), (byte)(h2 >>> 24),
+        (byte) h3, (byte)(h3 >>> 8), (byte)(h3 >>> 16), (byte)(h3 >>> 24)
+    };
   }
 
   protected void resetContext()
@@ -283,8 +249,8 @@ public class RipeMD128 extends BaseHash
   {
     if (valid == null)
       {
-        valid = Boolean.valueOf
-          (DIGEST0.equals(Util.toString(new RipeMD128().digest())));
+        String d = Util.toString(new RipeMD128().digest());
+        valid = Boolean.valueOf(DIGEST0.equals(d));
       }
     return valid.booleanValue();
   }
diff --git a/libjava/classpath/gnu/java/security/hash/RipeMD160.java b/libjava/classpath/gnu/java/security/hash/RipeMD160.java
index 642ffb32de6..7949bc2547c 100644
--- a/libjava/classpath/gnu/java/security/hash/RipeMD160.java
+++ b/libjava/classpath/gnu/java/security/hash/RipeMD160.java
@@ -42,59 +42,51 @@ import gnu.java.security.Registry;
 import gnu.java.security.util.Util;
 
 /**
- * <p>RIPEMD-160 is a 160-bit message digest.</p>
- *
- * <p>References:</p>
- *
+ * RIPEMD-160 is a 160-bit message digest.
+ * <p>
+ * References:
  * <ol>
  *    <li><a href="http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html">
  *    RIPEMD160</a>: A Strengthened Version of RIPEMD.<br>
  *    Hans Dobbertin, Antoon Bosselaers and Bart Preneel.</li>
  * </ol>
  */
-public class RipeMD160 extends BaseHash
+public class RipeMD160
+    extends BaseHash
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   private static final int BLOCK_SIZE = 64; // inner block size in bytes
 
   private static final String DIGEST0 = "9C1185A5C5E9FC54612808977EE8F548B2258D31";
 
   // selection of message word
-  private static final int[] R = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12,
-                                  13, 14, 15, 7, 4, 13, 1, 10, 6, 15, 3, 12, 0,
-                                  9, 5, 2, 14, 11, 8, 3, 10, 14, 4, 9, 15, 8,
-                                  1, 2, 7, 0, 6, 13, 11, 5, 12, 1, 9, 11, 10,
-                                  0, 8, 12, 4, 13, 3, 7, 15, 14, 5, 6, 2, 4, 0,
-                                  5, 9, 7, 12, 2, 10, 14, 1, 3, 8, 11, 6, 15,
-                                  13 };
-
-  private static final int[] Rp = { 5, 14, 7, 0, 9, 2, 11, 4, 13, 6, 15, 8, 1,
-                                   10, 3, 12, 6, 11, 3, 7, 0, 13, 5, 10, 14,
-                                   15, 8, 12, 4, 9, 1, 2, 15, 5, 1, 3, 7, 14,
-                                   6, 9, 11, 8, 12, 2, 10, 0, 4, 13, 8, 6, 4,
-                                   1, 3, 11, 15, 0, 5, 12, 2, 13, 9, 7, 10, 14,
-                                   12, 15, 10, 4, 1, 5, 8, 7, 6, 2, 13, 14, 0,
-                                   3, 9, 11 };
+  private static final int[] R = {
+      0,  1,  2,  3,  4,  5,  6,  7,  8, 9, 10, 11, 12, 13, 14, 15,
+      7,  4, 13,  1, 10,  6, 15,  3, 12, 0,  9,  5,  2, 14, 11,  8,
+      3, 10, 14,  4,  9, 15,  8,  1,  2, 7,  0,  6, 13, 11,  5, 12,
+      1,  9, 11, 10,  0,  8, 12,  4, 13, 3,  7, 15, 14,  5,  6,  2,
+      4,  0,  5,  9,  7, 12,  2, 10, 14, 1,  3,  8, 11,  6, 15, 13 };
+
+  private static final int[] Rp = {
+       5, 14,  7, 0, 9,  2, 11,  4, 13,  6, 15,  8,  1, 10,  3, 12,
+       6, 11,  3, 7, 0, 13,  5, 10, 14, 15,  8, 12,  4,  9,  1,  2,
+      15,  5,  1, 3, 7, 14,  6,  9, 11,  8, 12,  2, 10,  0,  4, 13,
+       8,  6,  4, 1, 3, 11, 15,  0,  5, 12,  2, 13,  9,  7, 10, 14,
+      12, 15, 10, 4, 1,  5,  8,  7,  6,  2, 13, 14,  0,  3,  9, 11 };
 
   // amount for rotate left (rol)
-  private static final int[] S = { 11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15,
-                                  6, 7, 9, 8, 7, 6, 8, 13, 11, 9, 7, 15, 7, 12,
-                                  15, 9, 11, 7, 13, 12, 11, 13, 6, 7, 14, 9,
-                                  13, 15, 14, 8, 13, 6, 5, 12, 7, 5, 11, 12,
-                                  14, 15, 14, 15, 9, 8, 9, 14, 5, 6, 8, 6, 5,
-                                  12, 9, 15, 5, 11, 6, 8, 13, 12, 5, 12, 13,
-                                  14, 11, 8, 5, 6 };
-
-  private static final int[] Sp = { 8, 9, 9, 11, 13, 15, 15, 5, 7, 7, 8, 11,
-                                   14, 14, 12, 6, 9, 13, 15, 7, 12, 8, 9, 11,
-                                   7, 7, 12, 7, 6, 15, 13, 11, 9, 7, 15, 11, 8,
-                                   6, 6, 14, 12, 13, 5, 14, 13, 13, 7, 5, 15,
-                                   5, 8, 11, 14, 14, 6, 14, 6, 9, 12, 9, 12, 5,
-                                   15, 8, 8, 5, 12, 9, 12, 5, 14, 6, 8, 13, 6,
-                                   5, 15, 13, 11, 11 };
+  private static final int[] S = {
+      11, 14, 15, 12,  5,  8,  7,  9, 11, 13, 14, 15,  6,  7,  9,  8,
+       7,  6,  8, 13, 11,  9,  7, 15,  7, 12, 15,  9, 11,  7, 13, 12,
+      11, 13,  6,  7, 14,  9, 13, 15, 14,  8, 13,  6,  5, 12,  7,  5,
+      11, 12, 14, 15, 14, 15,  9,  8,  9, 14,  5,  6,  8,  6,  5, 12,
+       9, 15,  5, 11,  6,  8, 13, 12,  5, 12, 13, 14, 11,  8,  5,  6 };
+
+  private static final int[] Sp = {
+       8,  9,  9, 11, 13, 15, 15,  5,  7,  7,  8, 11, 14, 14, 12,  6,
+       9, 13, 15,  7, 12,  8,  9, 11,  7,  7, 12,  7,  6, 15, 13, 11,
+       9,  7, 15, 11,  8,  6,  6, 14, 12, 13,  5, 14, 13, 13,  7,  5,
+      15,  5,  8, 11, 14, 14,  6, 14,  6,  9, 12,  9, 12,  5, 15,  8,
+       8,  5, 12,  9, 12,  5, 14,  6,  8, 13,  6,  5, 15, 13, 11, 11 };
 
   /** caches the result of the correctness test, once executed. */
   private static Boolean valid;
@@ -105,9 +97,6 @@ public class RipeMD160 extends BaseHash
   /** 512 bits work buffer = 16 x 32-bit words */
   private int[] X = new int[16];
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial 0-arguments constructor. */
   public RipeMD160()
   {
@@ -115,7 +104,7 @@ public class RipeMD160 extends BaseHash
   }
 
   /**
-   * <p>Private constructor for cloning purposes.</p>
+   * Private constructor for cloning purposes.
    *
    * @param md the instance to clone.
    */
@@ -132,40 +121,27 @@ public class RipeMD160 extends BaseHash
     this.buffer = (byte[]) md.buffer.clone();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.lang.Cloneable interface implementation ----------------------------
-
   public Object clone()
   {
     return (new RipeMD160(this));
   }
 
-  // Implementation of concrete methods in BaseHash --------------------------
-
   protected void transform(byte[] in, int offset)
   {
     int A, B, C, D, E, Ap, Bp, Cp, Dp, Ep, T, s, i;
-
     // encode 64 bytes from input block into an array of 16 unsigned integers
     for (i = 0; i < 16; i++)
-      {
-        X[i] = (in[offset++] & 0xFF) | (in[offset++] & 0xFF) << 8
-               | (in[offset++] & 0xFF) << 16 | in[offset++] << 24;
-      }
-
+      X[i] = (in[offset++] & 0xFF)
+           | (in[offset++] & 0xFF) << 8
+           | (in[offset++] & 0xFF) << 16
+           |  in[offset++]         << 24;
     A = Ap = h0;
     B = Bp = h1;
     C = Cp = h2;
     D = Dp = h3;
     E = Ep = h4;
-
-    for (i = 0; i < 16; i++)
-      { // rounds 0...15
+    for (i = 0; i < 16; i++) // rounds 0...15
+      {
         s = S[i];
         T = A + (B ^ C ^ D) + X[i];
         A = E;
@@ -182,9 +158,8 @@ public class RipeMD160 extends BaseHash
         Cp = Bp;
         Bp = (T << s | T >>> (32 - s)) + Ap;
       }
-
-    for (; i < 32; i++)
-      { // rounds 16...31
+    for (; i < 32; i++) // rounds 16...31
+      {
         s = S[i];
         T = A + ((B & C) | (~B & D)) + X[R[i]] + 0x5A827999;
         A = E;
@@ -201,9 +176,8 @@ public class RipeMD160 extends BaseHash
         Cp = Bp;
         Bp = (T << s | T >>> (32 - s)) + Ap;
       }
-
-    for (; i < 48; i++)
-      { // rounds 32...47
+    for (; i < 48; i++) // rounds 32...47
+      {
         s = S[i];
         T = A + ((B | ~C) ^ D) + X[R[i]] + 0x6ED9EBA1;
         A = E;
@@ -220,9 +194,8 @@ public class RipeMD160 extends BaseHash
         Cp = Bp;
         Bp = (T << s | T >>> (32 - s)) + Ap;
       }
-
-    for (; i < 64; i++)
-      { // rounds 48...63
+    for (; i < 64; i++) // rounds 48...63
+      {
         s = S[i];
         T = A + ((B & D) | (C & ~D)) + X[R[i]] + 0x8F1BBCDC;
         A = E;
@@ -239,9 +212,8 @@ public class RipeMD160 extends BaseHash
         Cp = Bp;
         Bp = (T << s | T >>> (32 - s)) + Ap;
       }
-
-    for (; i < 80; i++)
-      { // rounds 64...79
+    for (; i < 80; i++) // rounds 64...79
+      {
         s = S[i];
         T = A + (B ^ (C | ~D)) + X[R[i]] + 0xA953FD4E;
         A = E;
@@ -258,7 +230,6 @@ public class RipeMD160 extends BaseHash
         Cp = Bp;
         Bp = (T << s | T >>> (32 - s)) + Ap;
       }
-
     T = h1 + C + Dp;
     h1 = h2 + D + Ep;
     h2 = h3 + E + Ap;
@@ -269,41 +240,33 @@ public class RipeMD160 extends BaseHash
 
   protected byte[] padBuffer()
   {
-    int n = (int) (count % BLOCK_SIZE);
+    int n = (int)(count % BLOCK_SIZE);
     int padding = (n < 56) ? (56 - n) : (120 - n);
     byte[] result = new byte[padding + 8];
-
     // padding is always binary 1 followed by binary 0s
     result[0] = (byte) 0x80;
-
     // save number of bits, casting the long to an array of 8 bytes
     long bits = count << 3;
     result[padding++] = (byte) bits;
-    result[padding++] = (byte) (bits >>> 8);
-    result[padding++] = (byte) (bits >>> 16);
-    result[padding++] = (byte) (bits >>> 24);
-    result[padding++] = (byte) (bits >>> 32);
-    result[padding++] = (byte) (bits >>> 40);
-    result[padding++] = (byte) (bits >>> 48);
-    result[padding] = (byte) (bits >>> 56);
-
+    result[padding++] = (byte)(bits >>> 8);
+    result[padding++] = (byte)(bits >>> 16);
+    result[padding++] = (byte)(bits >>> 24);
+    result[padding++] = (byte)(bits >>> 32);
+    result[padding++] = (byte)(bits >>> 40);
+    result[padding++] = (byte)(bits >>> 48);
+    result[padding  ] = (byte)(bits >>> 56);
     return result;
   }
 
   protected byte[] getResult()
   {
-    byte[] result = new byte[] { (byte) h0, (byte) (h0 >>> 8),
-                                (byte) (h0 >>> 16), (byte) (h0 >>> 24),
-                                (byte) h1, (byte) (h1 >>> 8),
-                                (byte) (h1 >>> 16), (byte) (h1 >>> 24),
-                                (byte) h2, (byte) (h2 >>> 8),
-                                (byte) (h2 >>> 16), (byte) (h2 >>> 24),
-                                (byte) h3, (byte) (h3 >>> 8),
-                                (byte) (h3 >>> 16), (byte) (h3 >>> 24),
-                                (byte) h4, (byte) (h4 >>> 8),
-                                (byte) (h4 >>> 16), (byte) (h4 >>> 24) };
-
-    return result;
+    return new byte[] {
+        (byte) h0, (byte)(h0 >>> 8), (byte)(h0 >>> 16), (byte)(h0 >>> 24),
+        (byte) h1, (byte)(h1 >>> 8), (byte)(h1 >>> 16), (byte)(h1 >>> 24),
+        (byte) h2, (byte)(h2 >>> 8), (byte)(h2 >>> 16), (byte)(h2 >>> 24),
+        (byte) h3, (byte)(h3 >>> 8), (byte)(h3 >>> 16), (byte)(h3 >>> 24),
+        (byte) h4, (byte)(h4 >>> 8), (byte)(h4 >>> 16), (byte)(h4 >>> 24)
+    };
   }
 
   protected void resetContext()
@@ -320,8 +283,8 @@ public class RipeMD160 extends BaseHash
   {
     if (valid == null)
       {
-        valid = Boolean.valueOf
-          (DIGEST0.equals(Util.toString(new RipeMD160().digest())));
+        String d = Util.toString(new RipeMD160().digest());
+        valid = Boolean.valueOf(DIGEST0.equals(d));
       }
     return valid.booleanValue();
   }
diff --git a/libjava/classpath/gnu/java/security/hash/Sha160.java b/libjava/classpath/gnu/java/security/hash/Sha160.java
index 037b118e601..6adeba07079 100644
--- a/libjava/classpath/gnu/java/security/hash/Sha160.java
+++ b/libjava/classpath/gnu/java/security/hash/Sha160.java
@@ -42,7 +42,7 @@ import gnu.java.security.Registry;
 import gnu.java.security.util.Util;
 
 /**
- * <p>The Secure Hash Algorithm (SHA-1) is required for use with the Digital
+ * The Secure Hash Algorithm (SHA-1) is required for use with the Digital
  * Signature Algorithm (DSA) as specified in the Digital Signature Standard
  * (DSS) and whenever a secure hash algorithm is required for federal
  * applications. For a message of length less than 2^64 bits, the SHA-1
@@ -51,15 +51,14 @@ import gnu.java.security.util.Util;
  * message. The SHA-1 is also used to compute a message digest for the received
  * version of the message during the process of verifying the signature. Any
  * change to the message in transit will, with very high probability, result in
- * a different message digest, and the signature will fail to verify.</p>
- *
- * <p>The SHA-1 is designed to have the following properties: it is
+ * a different message digest, and the signature will fail to verify.
+ * <p>
+ * The SHA-1 is designed to have the following properties: it is
  * computationally infeasible to find a message which corresponds to a given
  * message digest, or to find two different messages which produce the same
- * message digest.</p>
- *
- * <p>References:</p>
- *
+ * message digest.
+ * <p>
+ * References:
  * <ol>
  *    <li><a href="http://www.itl.nist.gov/fipspubs/fip180-1.htm">SECURE HASH
  *    STANDARD</a><br>
@@ -67,12 +66,9 @@ import gnu.java.security.util.Util;
  *    </li>
  * </ol>
  */
-public class Sha160 extends BaseHash
+public class Sha160
+    extends BaseHash
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   private static final int BLOCK_SIZE = 64; // inner block size in bytes
 
   private static final String DIGEST0 = "A9993E364706816ABA3E25717850C26C9CD0D89D";
@@ -85,9 +81,6 @@ public class Sha160 extends BaseHash
   /** 160-bit interim result. */
   private int h0, h1, h2, h3, h4;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial 0-arguments constructor. */
   public Sha160()
   {
@@ -95,7 +88,7 @@ public class Sha160 extends BaseHash
   }
 
   /**
-   * <p>Private constructor for cloning purposes.</p>
+   * Private constructor for cloning purposes.
    *
    * @param md the instance to clone.
    */
@@ -112,58 +105,20 @@ public class Sha160 extends BaseHash
     this.buffer = (byte[]) md.buffer.clone();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   public static final int[] G(int hh0, int hh1, int hh2, int hh3, int hh4,
                               byte[] in, int offset)
   {
-    //      int[] w = new int[80];
-    //      int i, T;
-    //      for (i = 0; i < 16; i++) {
-    //         w[i] = in[offset++]         << 24 |
-    //               (in[offset++] & 0xFF) << 16 |
-    //               (in[offset++] & 0xFF) <<  8 |
-    //               (in[offset++] & 0xFF);
-    //      }
-    //      for (i = 16; i < 80; i++) {
-    //         T = w[i-3] ^ w[i-8] ^ w[i-14] ^ w[i-16];
-    //         w[i] = T << 1 | T >>> 31;
-    //      }
-
-    //      return sha(hh0, hh1, hh2, hh3, hh4, in, offset, w);
     return sha(hh0, hh1, hh2, hh3, hh4, in, offset);
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.lang.Cloneable interface implementation ----------------------------
-
   public Object clone()
   {
     return new Sha160(this);
   }
 
-  // Implementation of concrete methods in BaseHash --------------------------
-
   protected void transform(byte[] in, int offset)
   {
-    //      int i, T;
-    //      for (i = 0; i < 16; i++) {
-    //         W[i] = in[offset++]         << 24 |
-    //               (in[offset++] & 0xFF) << 16 |
-    //               (in[offset++] & 0xFF) <<  8 |
-    //               (in[offset++] & 0xFF);
-    //      }
-    //      for (i = 16; i < 80; i++) {
-    //         T = W[i-3] ^ W[i-8] ^ W[i-14] ^ W[i-16];
-    //         W[i] = T << 1 | T >>> 31;
-    //      }
-
-    //      int[] result = sha(h0, h1, h2, h3, h4, in, offset, W);
     int[] result = sha(h0, h1, h2, h3, h4, in, offset);
-
     h0 = result[0];
     h1 = result[1];
     h2 = result[2];
@@ -173,41 +128,32 @@ public class Sha160 extends BaseHash
 
   protected byte[] padBuffer()
   {
-    int n = (int) (count % BLOCK_SIZE);
+    int n = (int)(count % BLOCK_SIZE);
     int padding = (n < 56) ? (56 - n) : (120 - n);
     byte[] result = new byte[padding + 8];
-
     // padding is always binary 1 followed by binary 0s
     result[0] = (byte) 0x80;
-
     // save number of bits, casting the long to an array of 8 bytes
     long bits = count << 3;
-    result[padding++] = (byte) (bits >>> 56);
-    result[padding++] = (byte) (bits >>> 48);
-    result[padding++] = (byte) (bits >>> 40);
-    result[padding++] = (byte) (bits >>> 32);
-    result[padding++] = (byte) (bits >>> 24);
-    result[padding++] = (byte) (bits >>> 16);
-    result[padding++] = (byte) (bits >>> 8);
-    result[padding] = (byte) bits;
-
+    result[padding++] = (byte)(bits >>> 56);
+    result[padding++] = (byte)(bits >>> 48);
+    result[padding++] = (byte)(bits >>> 40);
+    result[padding++] = (byte)(bits >>> 32);
+    result[padding++] = (byte)(bits >>> 24);
+    result[padding++] = (byte)(bits >>> 16);
+    result[padding++] = (byte)(bits >>> 8);
+    result[padding  ] = (byte) bits;
     return result;
   }
 
   protected byte[] getResult()
   {
-    byte[] result = new byte[] { (byte) (h0 >>> 24), (byte) (h0 >>> 16),
-                                (byte) (h0 >>> 8), (byte) h0,
-                                (byte) (h1 >>> 24), (byte) (h1 >>> 16),
-                                (byte) (h1 >>> 8), (byte) h1,
-                                (byte) (h2 >>> 24), (byte) (h2 >>> 16),
-                                (byte) (h2 >>> 8), (byte) h2,
-                                (byte) (h3 >>> 24), (byte) (h3 >>> 16),
-                                (byte) (h3 >>> 8), (byte) h3,
-                                (byte) (h4 >>> 24), (byte) (h4 >>> 16),
-                                (byte) (h4 >>> 8), (byte) h4 };
-
-    return result;
+    return new byte[] {
+        (byte)(h0 >>> 24), (byte)(h0 >>> 16), (byte)(h0 >>> 8), (byte) h0,
+        (byte)(h1 >>> 24), (byte)(h1 >>> 16), (byte)(h1 >>> 8), (byte) h1,
+        (byte)(h2 >>> 24), (byte)(h2 >>> 16), (byte)(h2 >>> 8), (byte) h2,
+        (byte)(h3 >>> 24), (byte)(h3 >>> 16), (byte)(h3 >>> 8), (byte) h3,
+        (byte)(h4 >>> 24), (byte)(h4 >>> 16), (byte)(h4 >>> 8), (byte) h4 };
   }
 
   protected void resetContext()
@@ -234,11 +180,9 @@ public class Sha160 extends BaseHash
     return valid.booleanValue();
   }
 
-  // SHA specific methods ----------------------------------------------------
-
-  private static final synchronized int[]
-  //   sha(int hh0, int hh1, int hh2, int hh3, int hh4, byte[] in, int offset, int[] w) {
-  sha(int hh0, int hh1, int hh2, int hh3, int hh4, byte[] in, int offset)
+  private static synchronized final int[] sha(int hh0, int hh1, int hh2,
+                                              int hh3, int hh4, byte[] in,
+                                              int offset)
   {
     int A = hh0;
     int B = hh1;
@@ -246,20 +190,17 @@ public class Sha160 extends BaseHash
     int D = hh3;
     int E = hh4;
     int r, T;
-
     for (r = 0; r < 16; r++)
-      {
-        w[r] = in[offset++] << 24 | (in[offset++] & 0xFF) << 16
-               | (in[offset++] & 0xFF) << 8 | (in[offset++] & 0xFF);
-      }
+      w[r] =  in[offset++]         << 24
+           | (in[offset++] & 0xFF) << 16
+           | (in[offset++] & 0xFF) << 8
+           | (in[offset++] & 0xFF);
     for (r = 16; r < 80; r++)
       {
         T = w[r - 3] ^ w[r - 8] ^ w[r - 14] ^ w[r - 16];
         w[r] = T << 1 | T >>> 31;
       }
-
-    // rounds 0-19
-    for (r = 0; r < 20; r++)
+    for (r = 0; r < 20; r++) // rounds 0-19
       {
         T = (A << 5 | A >>> 27) + ((B & C) | (~B & D)) + E + w[r] + 0x5A827999;
         E = D;
@@ -268,9 +209,7 @@ public class Sha160 extends BaseHash
         B = A;
         A = T;
       }
-
-    // rounds 20-39
-    for (r = 20; r < 40; r++)
+    for (r = 20; r < 40; r++) // rounds 20-39
       {
         T = (A << 5 | A >>> 27) + (B ^ C ^ D) + E + w[r] + 0x6ED9EBA1;
         E = D;
@@ -279,21 +218,16 @@ public class Sha160 extends BaseHash
         B = A;
         A = T;
       }
-
-    // rounds 40-59
-    for (r = 40; r < 60; r++)
+    for (r = 40; r < 60; r++) // rounds 40-59
       {
-        T = (A << 5 | A >>> 27) + (B & C | B & D | C & D) + E + w[r]
-            + 0x8F1BBCDC;
+        T = (A << 5 | A >>> 27) + (B & C | B & D | C & D) + E + w[r] + 0x8F1BBCDC;
         E = D;
         D = C;
         C = B << 30 | B >>> 2;
         B = A;
         A = T;
       }
-
-    // rounds 60-79
-    for (r = 60; r < 80; r++)
+    for (r = 60; r < 80; r++) // rounds 60-79
       {
         T = (A << 5 | A >>> 27) + (B ^ C ^ D) + E + w[r] + 0xCA62C1D6;
         E = D;
@@ -302,7 +236,6 @@ public class Sha160 extends BaseHash
         B = A;
         A = T;
       }
-
     return new int[] { hh0 + A, hh1 + B, hh2 + C, hh3 + D, hh4 + E };
   }
 }
diff --git a/libjava/classpath/gnu/java/security/hash/Sha256.java b/libjava/classpath/gnu/java/security/hash/Sha256.java
index 284425ea43a..536b1c8bab3 100644
--- a/libjava/classpath/gnu/java/security/hash/Sha256.java
+++ b/libjava/classpath/gnu/java/security/hash/Sha256.java
@@ -42,46 +42,41 @@ import gnu.java.security.Registry;
 import gnu.java.security.util.Util;
 
 /**
- * <p>Implementation of SHA2-1 [SHA-256] per the IETF Draft Specification.</p>
- *
- * <p>References:</p>
+ * Implementation of SHA2-1 [SHA-256] per the IETF Draft Specification.
+ * <p>
+ * References:
  * <ol>
  *    <li><a href="http://ftp.ipv4.heanet.ie/pub/ietf/internet-drafts/draft-ietf-ipsec-ciph-aes-cbc-03.txt">
  *    Descriptions of SHA-256, SHA-384, and SHA-512</a>,</li>
  *    <li>http://csrc.nist.gov/cryptval/shs/sha256-384-512.pdf</li>
  * </ol>
  */
-public class Sha256 extends BaseHash
+public class Sha256
+    extends BaseHash
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-  private static final int[] k = { 0x428a2f98, 0x71374491, 0xb5c0fbcf,
-                                  0xe9b5dba5, 0x3956c25b, 0x59f111f1,
-                                  0x923f82a4, 0xab1c5ed5, 0xd807aa98,
-                                  0x12835b01, 0x243185be, 0x550c7dc3,
-                                  0x72be5d74, 0x80deb1fe, 0x9bdc06a7,
-                                  0xc19bf174, 0xe49b69c1, 0xefbe4786,
-                                  0x0fc19dc6, 0x240ca1cc, 0x2de92c6f,
-                                  0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
-                                  0x983e5152, 0xa831c66d, 0xb00327c8,
-                                  0xbf597fc7, 0xc6e00bf3, 0xd5a79147,
-                                  0x06ca6351, 0x14292967, 0x27b70a85,
-                                  0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
-                                  0x650a7354, 0x766a0abb, 0x81c2c92e,
-                                  0x92722c85, 0xa2bfe8a1, 0xa81a664b,
-                                  0xc24b8b70, 0xc76c51a3, 0xd192e819,
-                                  0xd6990624, 0xf40e3585, 0x106aa070,
-                                  0x19a4c116, 0x1e376c08, 0x2748774c,
-                                  0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a,
-                                  0x5b9cca4f, 0x682e6ff3, 0x748f82ee,
-                                  0x78a5636f, 0x84c87814, 0x8cc70208,
-                                  0x90befffa, 0xa4506ceb, 0xbef9a3f7,
-                                  0xc67178f2 };
+  private static final int[] k = {
+      0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
+      0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
+      0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
+      0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
+      0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
+      0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
+      0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
+      0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
+      0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
+      0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
+      0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
+      0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
+      0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
+      0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
+      0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
+      0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
+  };
 
   private static final int BLOCK_SIZE = 64; // inner block size in bytes
 
-  private static final String DIGEST0 = "BA7816BF8F01CFEA414140DE5DAE2223B00361A396177A9CB410FF61F20015AD";
+  private static final String DIGEST0 =
+      "BA7816BF8F01CFEA414140DE5DAE2223B00361A396177A9CB410FF61F20015AD";
 
   private static final int[] w = new int[64];
 
@@ -91,9 +86,6 @@ public class Sha256 extends BaseHash
   /** 256-bit interim result. */
   private int h0, h1, h2, h3, h4, h5, h6, h7;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial 0-arguments constructor. */
   public Sha256()
   {
@@ -101,7 +93,7 @@ public class Sha256 extends BaseHash
   }
 
   /**
-   * <p>Private constructor for cloning purposes.</p>
+   * Private constructor for cloning purposes.
    *
    * @param md the instance to clone.
    */
@@ -121,31 +113,20 @@ public class Sha256 extends BaseHash
     this.buffer = (byte[]) md.buffer.clone();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   public static final int[] G(int hh0, int hh1, int hh2, int hh3, int hh4,
                               int hh5, int hh6, int hh7, byte[] in, int offset)
   {
     return sha(hh0, hh1, hh2, hh3, hh4, hh5, hh6, hh7, in, offset);
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.lang.Cloneable interface implementation ----------------------------
-
   public Object clone()
   {
     return new Sha256(this);
   }
 
-  // Implementation of concrete methods in BaseHash --------------------------
-
   protected void transform(byte[] in, int offset)
   {
     int[] result = sha(h0, h1, h2, h3, h4, h5, h6, h7, in, offset);
-
     h0 = result[0];
     h1 = result[1];
     h2 = result[2];
@@ -158,41 +139,35 @@ public class Sha256 extends BaseHash
 
   protected byte[] padBuffer()
   {
-    int n = (int) (count % BLOCK_SIZE);
+    int n = (int)(count % BLOCK_SIZE);
     int padding = (n < 56) ? (56 - n) : (120 - n);
     byte[] result = new byte[padding + 8];
-
     // padding is always binary 1 followed by binary 0s
     result[0] = (byte) 0x80;
-
     // save number of bits, casting the long to an array of 8 bytes
     long bits = count << 3;
-    result[padding++] = (byte) (bits >>> 56);
-    result[padding++] = (byte) (bits >>> 48);
-    result[padding++] = (byte) (bits >>> 40);
-    result[padding++] = (byte) (bits >>> 32);
-    result[padding++] = (byte) (bits >>> 24);
-    result[padding++] = (byte) (bits >>> 16);
-    result[padding++] = (byte) (bits >>> 8);
-    result[padding] = (byte) bits;
-
+    result[padding++] = (byte)(bits >>> 56);
+    result[padding++] = (byte)(bits >>> 48);
+    result[padding++] = (byte)(bits >>> 40);
+    result[padding++] = (byte)(bits >>> 32);
+    result[padding++] = (byte)(bits >>> 24);
+    result[padding++] = (byte)(bits >>> 16);
+    result[padding++] = (byte)(bits >>> 8);
+    result[padding  ] = (byte) bits;
     return result;
   }
 
   protected byte[] getResult()
   {
-    return new byte[] { (byte) (h0 >>> 24), (byte) (h0 >>> 16),
-                       (byte) (h0 >>> 8), (byte) h0, (byte) (h1 >>> 24),
-                       (byte) (h1 >>> 16), (byte) (h1 >>> 8), (byte) h1,
-                       (byte) (h2 >>> 24), (byte) (h2 >>> 16),
-                       (byte) (h2 >>> 8), (byte) h2, (byte) (h3 >>> 24),
-                       (byte) (h3 >>> 16), (byte) (h3 >>> 8), (byte) h3,
-                       (byte) (h4 >>> 24), (byte) (h4 >>> 16),
-                       (byte) (h4 >>> 8), (byte) h4, (byte) (h5 >>> 24),
-                       (byte) (h5 >>> 16), (byte) (h5 >>> 8), (byte) h5,
-                       (byte) (h6 >>> 24), (byte) (h6 >>> 16),
-                       (byte) (h6 >>> 8), (byte) h6, (byte) (h7 >>> 24),
-                       (byte) (h7 >>> 16), (byte) (h7 >>> 8), (byte) h7 };
+    return new byte[] {
+        (byte)(h0 >>> 24), (byte)(h0 >>> 16), (byte)(h0 >>> 8), (byte) h0,
+        (byte)(h1 >>> 24), (byte)(h1 >>> 16), (byte)(h1 >>> 8), (byte) h1,
+        (byte)(h2 >>> 24), (byte)(h2 >>> 16), (byte)(h2 >>> 8), (byte) h2,
+        (byte)(h3 >>> 24), (byte)(h3 >>> 16), (byte)(h3 >>> 8), (byte) h3,
+        (byte)(h4 >>> 24), (byte)(h4 >>> 16), (byte)(h4 >>> 8), (byte) h4,
+        (byte)(h5 >>> 24), (byte)(h5 >>> 16), (byte)(h5 >>> 8), (byte) h5,
+        (byte)(h6 >>> 24), (byte)(h6 >>> 16), (byte)(h6 >>> 8), (byte) h6,
+        (byte)(h7 >>> 24), (byte)(h7 >>> 16), (byte)(h7 >>> 8), (byte) h7 };
   }
 
   protected void resetContext()
@@ -219,13 +194,10 @@ public class Sha256 extends BaseHash
         String result = Util.toString(md.digest());
         valid = Boolean.valueOf(DIGEST0.equals(result));
       }
-
     return valid.booleanValue();
   }
 
-  // SHA specific methods ----------------------------------------------------
-
-  private static final synchronized int[] sha(int hh0, int hh1, int hh2,
+  private static synchronized final int[] sha(int hh0, int hh1, int hh2,
                                               int hh3, int hh4, int hh5,
                                               int hh6, int hh7, byte[] in,
                                               int offset)
@@ -239,29 +211,31 @@ public class Sha256 extends BaseHash
     int G = hh6;
     int H = hh7;
     int r, T, T2;
-
     for (r = 0; r < 16; r++)
-      {
-        w[r] = (in[offset++] << 24 | (in[offset++] & 0xFF) << 16
-                | (in[offset++] & 0xFF) << 8 | (in[offset++] & 0xFF));
-      }
+      w[r] = (in[offset++]         << 24
+           | (in[offset++] & 0xFF) << 16
+           | (in[offset++] & 0xFF) << 8
+           | (in[offset++] & 0xFF));
     for (r = 16; r < 64; r++)
       {
-        T = w[r - 2];
+        T =  w[r -  2];
         T2 = w[r - 15];
         w[r] = ((((T >>> 17) | (T << 15)) ^ ((T >>> 19) | (T << 13)) ^ (T >>> 10))
                 + w[r - 7]
-                + (((T2 >>> 7) | (T2 << 25)) ^ ((T2 >>> 18) | (T2 << 14)) ^ (T2 >>> 3))
-                + w[r - 16]);
+                + (((T2 >>> 7) | (T2 << 25))
+                    ^ ((T2 >>> 18) | (T2 << 14))
+                    ^ (T2 >>> 3)) + w[r - 16]);
       }
-
     for (r = 0; r < 64; r++)
       {
         T = (H
-             + (((E >>> 6) | (E << 26)) ^ ((E >>> 11) | (E << 21)) ^ ((E >>> 25) | (E << 7)))
+             + (((E >>> 6) | (E << 26))
+                 ^ ((E >>> 11) | (E << 21))
+                 ^ ((E >>> 25) | (E << 7)))
              + ((E & F) ^ (~E & G)) + k[r] + w[r]);
-        T2 = ((((A >>> 2) | (A << 30)) ^ ((A >>> 13) | (A << 19)) ^ ((A >>> 22) | (A << 10)))
-              + ((A & B) ^ (A & C) ^ (B & C)));
+        T2 = ((((A >>> 2) | (A << 30))
+               ^ ((A >>> 13) | (A << 19))
+               ^ ((A >>> 22) | (A << 10))) + ((A & B) ^ (A & C) ^ (B & C)));
         H = G;
         G = F;
         F = E;
@@ -271,8 +245,8 @@ public class Sha256 extends BaseHash
         B = A;
         A = T + T2;
       }
-
-    return new int[] { hh0 + A, hh1 + B, hh2 + C, hh3 + D, hh4 + E, hh5 + F,
-                       hh6 + G, hh7 + H };
+    return new int[] {
+        hh0 + A, hh1 + B, hh2 + C, hh3 + D,
+        hh4 + E, hh5 + F, hh6 + G, hh7 + H };
   }
 }
diff --git a/libjava/classpath/gnu/java/security/hash/Sha384.java b/libjava/classpath/gnu/java/security/hash/Sha384.java
index 332f048d782..a47eb67db95 100644
--- a/libjava/classpath/gnu/java/security/hash/Sha384.java
+++ b/libjava/classpath/gnu/java/security/hash/Sha384.java
@@ -42,66 +42,52 @@ import gnu.java.security.Registry;
 import gnu.java.security.util.Util;
 
 /**
- * <p>Implementation of SHA2-2 [SHA-384] per the IETF Draft Specification.</p>
- *
- * <p>References:</p>
+ * Implementation of SHA2-2 [SHA-384] per the IETF Draft Specification.
+ * <p>
+ * References:
  * <ol>
  *    <li><a href="http://ftp.ipv4.heanet.ie/pub/ietf/internet-drafts/draft-ietf-ipsec-ciph-aes-cbc-03.txt">
  *    Descriptions of SHA-256, SHA-384, and SHA-512</a>,</li>
  *    <li>http://csrc.nist.gov/cryptval/shs/sha256-384-512.pdf</li>
  * </ol>
  */
-public class Sha384 extends BaseHash
+public class Sha384
+    extends BaseHash
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  private static final long[] k = { 0x428a2f98d728ae22L, 0x7137449123ef65cdL,
-                                   0xb5c0fbcfec4d3b2fL, 0xe9b5dba58189dbbcL,
-                                   0x3956c25bf348b538L, 0x59f111f1b605d019L,
-                                   0x923f82a4af194f9bL, 0xab1c5ed5da6d8118L,
-                                   0xd807aa98a3030242L, 0x12835b0145706fbeL,
-                                   0x243185be4ee4b28cL, 0x550c7dc3d5ffb4e2L,
-                                   0x72be5d74f27b896fL, 0x80deb1fe3b1696b1L,
-                                   0x9bdc06a725c71235L, 0xc19bf174cf692694L,
-                                   0xe49b69c19ef14ad2L, 0xefbe4786384f25e3L,
-                                   0x0fc19dc68b8cd5b5L, 0x240ca1cc77ac9c65L,
-                                   0x2de92c6f592b0275L, 0x4a7484aa6ea6e483L,
-                                   0x5cb0a9dcbd41fbd4L, 0x76f988da831153b5L,
-                                   0x983e5152ee66dfabL, 0xa831c66d2db43210L,
-                                   0xb00327c898fb213fL, 0xbf597fc7beef0ee4L,
-                                   0xc6e00bf33da88fc2L, 0xd5a79147930aa725L,
-                                   0x06ca6351e003826fL, 0x142929670a0e6e70L,
-                                   0x27b70a8546d22ffcL, 0x2e1b21385c26c926L,
-                                   0x4d2c6dfc5ac42aedL, 0x53380d139d95b3dfL,
-                                   0x650a73548baf63deL, 0x766a0abb3c77b2a8L,
-                                   0x81c2c92e47edaee6L, 0x92722c851482353bL,
-                                   0xa2bfe8a14cf10364L, 0xa81a664bbc423001L,
-                                   0xc24b8b70d0f89791L, 0xc76c51a30654be30L,
-                                   0xd192e819d6ef5218L, 0xd69906245565a910L,
-                                   0xf40e35855771202aL, 0x106aa07032bbd1b8L,
-                                   0x19a4c116b8d2d0c8L, 0x1e376c085141ab53L,
-                                   0x2748774cdf8eeb99L, 0x34b0bcb5e19b48a8L,
-                                   0x391c0cb3c5c95a63L, 0x4ed8aa4ae3418acbL,
-                                   0x5b9cca4f7763e373L, 0x682e6ff3d6b2b8a3L,
-                                   0x748f82ee5defb2fcL, 0x78a5636f43172f60L,
-                                   0x84c87814a1f0ab72L, 0x8cc702081a6439ecL,
-                                   0x90befffa23631e28L, 0xa4506cebde82bde9L,
-                                   0xbef9a3f7b2c67915L, 0xc67178f2e372532bL,
-                                   0xca273eceea26619cL, 0xd186b8c721c0c207L,
-                                   0xeada7dd6cde0eb1eL, 0xf57d4f7fee6ed178L,
-                                   0x06f067aa72176fbaL, 0x0a637dc5a2c898a6L,
-                                   0x113f9804bef90daeL, 0x1b710b35131c471bL,
-                                   0x28db77f523047d84L, 0x32caab7b40c72493L,
-                                   0x3c9ebe0a15c9bebcL, 0x431d67c49c100d4cL,
-                                   0x4cc5d4becb3e42b6L, 0x597f299cfc657e2aL,
-                                   0x5fcb6fab3ad6faecL, 0x6c44198c4a475817L };
+  private static final long[] k = {
+      0x428a2f98d728ae22L, 0x7137449123ef65cdL, 0xb5c0fbcfec4d3b2fL,
+      0xe9b5dba58189dbbcL, 0x3956c25bf348b538L, 0x59f111f1b605d019L,
+      0x923f82a4af194f9bL, 0xab1c5ed5da6d8118L, 0xd807aa98a3030242L,
+      0x12835b0145706fbeL, 0x243185be4ee4b28cL, 0x550c7dc3d5ffb4e2L,
+      0x72be5d74f27b896fL, 0x80deb1fe3b1696b1L, 0x9bdc06a725c71235L,
+      0xc19bf174cf692694L, 0xe49b69c19ef14ad2L, 0xefbe4786384f25e3L,
+      0x0fc19dc68b8cd5b5L, 0x240ca1cc77ac9c65L, 0x2de92c6f592b0275L,
+      0x4a7484aa6ea6e483L, 0x5cb0a9dcbd41fbd4L, 0x76f988da831153b5L,
+      0x983e5152ee66dfabL, 0xa831c66d2db43210L, 0xb00327c898fb213fL,
+      0xbf597fc7beef0ee4L, 0xc6e00bf33da88fc2L, 0xd5a79147930aa725L,
+      0x06ca6351e003826fL, 0x142929670a0e6e70L, 0x27b70a8546d22ffcL,
+      0x2e1b21385c26c926L, 0x4d2c6dfc5ac42aedL, 0x53380d139d95b3dfL,
+      0x650a73548baf63deL, 0x766a0abb3c77b2a8L, 0x81c2c92e47edaee6L,
+      0x92722c851482353bL, 0xa2bfe8a14cf10364L, 0xa81a664bbc423001L,
+      0xc24b8b70d0f89791L, 0xc76c51a30654be30L, 0xd192e819d6ef5218L,
+      0xd69906245565a910L, 0xf40e35855771202aL, 0x106aa07032bbd1b8L,
+      0x19a4c116b8d2d0c8L, 0x1e376c085141ab53L, 0x2748774cdf8eeb99L,
+      0x34b0bcb5e19b48a8L, 0x391c0cb3c5c95a63L, 0x4ed8aa4ae3418acbL,
+      0x5b9cca4f7763e373L, 0x682e6ff3d6b2b8a3L, 0x748f82ee5defb2fcL,
+      0x78a5636f43172f60L, 0x84c87814a1f0ab72L, 0x8cc702081a6439ecL,
+      0x90befffa23631e28L, 0xa4506cebde82bde9L, 0xbef9a3f7b2c67915L,
+      0xc67178f2e372532bL, 0xca273eceea26619cL, 0xd186b8c721c0c207L,
+      0xeada7dd6cde0eb1eL, 0xf57d4f7fee6ed178L, 0x06f067aa72176fbaL,
+      0x0a637dc5a2c898a6L, 0x113f9804bef90daeL, 0x1b710b35131c471bL,
+      0x28db77f523047d84L, 0x32caab7b40c72493L, 0x3c9ebe0a15c9bebcL,
+      0x431d67c49c100d4cL, 0x4cc5d4becb3e42b6L, 0x597f299cfc657e2aL,
+      0x5fcb6fab3ad6faecL, 0x6c44198c4a475817L };
 
   private static final int BLOCK_SIZE = 128; // inner block size in bytes
 
-  private static final String DIGEST0 = "CB00753F45A35E8BB5A03D699AC65007272C32AB0EDED1631A8B605A43FF5BED"
-                                        + "8086072BA1E7CC2358BAECA134C825A7";
+  private static final String DIGEST0 =
+      "CB00753F45A35E8BB5A03D699AC65007272C32AB0EDED1631A8B605A43FF5BED"
+    + "8086072BA1E7CC2358BAECA134C825A7";
 
   private static final long[] w = new long[80];
 
@@ -111,9 +97,6 @@ public class Sha384 extends BaseHash
   /** 512-bit interim result. */
   private long h0, h1, h2, h3, h4, h5, h6, h7;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial 0-arguments constructor. */
   public Sha384()
   {
@@ -121,7 +104,7 @@ public class Sha384 extends BaseHash
   }
 
   /**
-   * <p>Private constructor for cloning purposes.</p>
+   * Private constructor for cloning purposes.
    *
    * @param md the instance to clone.
    */
@@ -141,9 +124,6 @@ public class Sha384 extends BaseHash
     this.buffer = (byte[]) md.buffer.clone();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   public static final long[] G(long hh0, long hh1, long hh2, long hh3,
                                long hh4, long hh5, long hh6, long hh7,
                                byte[] in, int offset)
@@ -151,22 +131,14 @@ public class Sha384 extends BaseHash
     return sha(hh0, hh1, hh2, hh3, hh4, hh5, hh6, hh7, in, offset);
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.lang.Cloneable interface implementation ----------------------------
-
   public Object clone()
   {
     return new Sha384(this);
   }
 
-  // Implementation of concrete methods in BaseHash --------------------------
-
   protected void transform(byte[] in, int offset)
   {
     long[] result = sha(h0, h1, h2, h3, h4, h5, h6, h7, in, offset);
-
     h0 = result[0];
     h1 = result[1];
     h2 = result[2];
@@ -179,57 +151,41 @@ public class Sha384 extends BaseHash
 
   protected byte[] padBuffer()
   {
-    int n = (int) (count % BLOCK_SIZE);
+    int n = (int)(count % BLOCK_SIZE);
     int padding = (n < 112) ? (112 - n) : (240 - n);
     byte[] result = new byte[padding + 16];
-
     // padding is always binary 1 followed by binary 0s
     result[0] = (byte) 0x80;
-
     // save number of bits, casting the long to an array of 8 bytes
     // TODO: FIX Only ~35 bits of 128 bit counter usable this way
     long bits = count << 3;
     padding += 8;
-    result[padding++] = (byte) (bits >>> 56);
-    result[padding++] = (byte) (bits >>> 48);
-    result[padding++] = (byte) (bits >>> 40);
-    result[padding++] = (byte) (bits >>> 32);
-    result[padding++] = (byte) (bits >>> 24);
-    result[padding++] = (byte) (bits >>> 16);
-    result[padding++] = (byte) (bits >>> 8);
-    result[padding] = (byte) bits;
-
+    result[padding++] = (byte)(bits >>> 56);
+    result[padding++] = (byte)(bits >>> 48);
+    result[padding++] = (byte)(bits >>> 40);
+    result[padding++] = (byte)(bits >>> 32);
+    result[padding++] = (byte)(bits >>> 24);
+    result[padding++] = (byte)(bits >>> 16);
+    result[padding++] = (byte)(bits >>> 8);
+    result[padding  ] = (byte) bits;
     return result;
   }
 
   protected byte[] getResult()
   {
-    return new byte[] { (byte) (h0 >>> 56), (byte) (h0 >>> 48),
-                       (byte) (h0 >>> 40), (byte) (h0 >>> 32),
-                       (byte) (h0 >>> 24), (byte) (h0 >>> 16),
-                       (byte) (h0 >>> 8), (byte) h0, (byte) (h1 >>> 56),
-                       (byte) (h1 >>> 48), (byte) (h1 >>> 40),
-                       (byte) (h1 >>> 32), (byte) (h1 >>> 24),
-                       (byte) (h1 >>> 16), (byte) (h1 >>> 8), (byte) h1,
-                       (byte) (h2 >>> 56), (byte) (h2 >>> 48),
-                       (byte) (h2 >>> 40), (byte) (h2 >>> 32),
-                       (byte) (h2 >>> 24), (byte) (h2 >>> 16),
-                       (byte) (h2 >>> 8), (byte) h2, (byte) (h3 >>> 56),
-                       (byte) (h3 >>> 48), (byte) (h3 >>> 40),
-                       (byte) (h3 >>> 32), (byte) (h3 >>> 24),
-                       (byte) (h3 >>> 16), (byte) (h3 >>> 8), (byte) h3,
-                       (byte) (h4 >>> 56), (byte) (h4 >>> 48),
-                       (byte) (h4 >>> 40), (byte) (h4 >>> 32),
-                       (byte) (h4 >>> 24), (byte) (h4 >>> 16),
-                       (byte) (h4 >>> 8), (byte) h4, (byte) (h5 >>> 56),
-                       (byte) (h5 >>> 48), (byte) (h5 >>> 40),
-                       (byte) (h5 >>> 32), (byte) (h5 >>> 24),
-                       (byte) (h5 >>> 16), (byte) (h5 >>> 8), (byte) h5
-    //         (byte)(h6 >>> 56), (byte)(h6 >>> 48), (byte)(h6 >>> 40), (byte)(h6 >>> 32),
-    //         (byte)(h6 >>> 24), (byte)(h6 >>> 16), (byte)(h6 >>>  8), (byte) h6,
-    //         (byte)(h7 >>> 56), (byte)(h7 >>> 48), (byte)(h7 >>> 40), (byte)(h7 >>> 32),
-    //         (byte)(h7 >>> 24), (byte)(h7 >>> 16), (byte)(h7 >>>  8), (byte) h7
-    };
+    return new byte[] {
+        (byte)(h0 >>> 56), (byte)(h0 >>> 48), (byte)(h0 >>> 40), (byte)(h0 >>> 32),
+        (byte)(h0 >>> 24), (byte)(h0 >>> 16), (byte)(h0 >>>  8), (byte) h0,
+        (byte)(h1 >>> 56), (byte)(h1 >>> 48), (byte)(h1 >>> 40), (byte)(h1 >>> 32),
+        (byte)(h1 >>> 24), (byte)(h1 >>> 16), (byte)(h1 >>>  8), (byte) h1,
+        (byte)(h2 >>> 56), (byte)(h2 >>> 48), (byte)(h2 >>> 40), (byte)(h2 >>> 32),
+        (byte)(h2 >>> 24), (byte)(h2 >>> 16), (byte)(h2 >>>  8), (byte) h2,
+        (byte)(h3 >>> 56), (byte)(h3 >>> 48), (byte)(h3 >>> 40), (byte)(h3 >>> 32),
+        (byte)(h3 >>> 24), (byte)(h3 >>> 16), (byte)(h3 >>>  8), (byte) h3,
+        (byte)(h4 >>> 56), (byte)(h4 >>> 48), (byte)(h4 >>> 40), (byte)(h4 >>> 32),
+        (byte)(h4 >>> 24), (byte)(h4 >>> 16), (byte)(h4 >>>  8), (byte) h4,
+        (byte)(h5 >>> 56), (byte)(h5 >>> 48), (byte)(h5 >>> 40), (byte)(h5 >>> 32),
+        (byte)(h5 >>> 24), (byte)(h5 >>> 16), (byte)(h5 >>>  8), (byte) h5 };
   }
 
   protected void resetContext()
@@ -259,9 +215,7 @@ public class Sha384 extends BaseHash
     return valid.booleanValue();
   }
 
-  // SHA specific methods ----------------------------------------------------
-
-  private static final synchronized long[] sha(long hh0, long hh1, long hh2,
+  private static synchronized final long[] sha(long hh0, long hh1, long hh2,
                                                long hh3, long hh4, long hh5,
                                                long hh6, long hh7, byte[] in,
                                                int offset)
@@ -276,35 +230,38 @@ public class Sha384 extends BaseHash
     long H = hh7;
     long T, T2;
     int r;
-
     for (r = 0; r < 16; r++)
-      {
-        w[r] = (long) in[offset++] << 56 | ((long) in[offset++] & 0xFF) << 48
-               | ((long) in[offset++] & 0xFF) << 40
-               | ((long) in[offset++] & 0xFF) << 32
-               | ((long) in[offset++] & 0xFF) << 24
-               | ((long) in[offset++] & 0xFF) << 16
-               | ((long) in[offset++] & 0xFF) << 8
-               | ((long) in[offset++] & 0xFF);
-      }
+      w[r] =  (long) in[offset++]         << 56
+           | ((long) in[offset++] & 0xFF) << 48
+           | ((long) in[offset++] & 0xFF) << 40
+           | ((long) in[offset++] & 0xFF) << 32
+           | ((long) in[offset++] & 0xFF) << 24
+           | ((long) in[offset++] & 0xFF) << 16
+           | ((long) in[offset++] & 0xFF) << 8
+           | ((long) in[offset++] & 0xFF);
     for (r = 16; r < 80; r++)
       {
         T = w[r - 2];
         T2 = w[r - 15];
         w[r] = (((T >>> 19) | (T << 45)) ^ ((T >>> 61) | (T << 3)) ^ (T >>> 6))
                + w[r - 7]
-               + (((T2 >>> 1) | (T2 << 63)) ^ ((T2 >>> 8) | (T2 << 56)) ^ (T2 >>> 7))
+               + (((T2 >>> 1) | (T2 << 63))
+                   ^ ((T2 >>> 8) | (T2 << 56))
+                   ^ (T2 >>> 7))
                + w[r - 16];
       }
-
     for (r = 0; r < 80; r++)
       {
 
         T = H
-            + (((E >>> 14) | (E << 50)) ^ ((E >>> 18) | (E << 46)) ^ ((E >>> 41) | (E << 23)))
+            + (((E >>> 14) | (E << 50))
+                ^ ((E >>> 18) | (E << 46))
+                ^ ((E >>> 41) | (E << 23)))
             + ((E & F) ^ ((~E) & G)) + k[r] + w[r];
         // T IS INCORRECT SOMEHOW
-        T2 = (((A >>> 28) | (A << 36)) ^ ((A >>> 34) | (A << 30)) ^ ((A >>> 39) | (A << 25)))
+        T2 = (((A >>> 28) | (A << 36))
+               ^ ((A >>> 34) | (A << 30))
+               ^ ((A >>> 39) | (A << 25)))
              + ((A & B) ^ (A & C) ^ (B & C));
         H = G;
         G = F;
@@ -315,8 +272,8 @@ public class Sha384 extends BaseHash
         B = A;
         A = T + T2;
       }
-
-    return new long[] { hh0 + A, hh1 + B, hh2 + C, hh3 + D, hh4 + E, hh5 + F,
-                       hh6 + G, hh7 + H };
+    return new long[] {
+        hh0 + A, hh1 + B, hh2 + C, hh3 + D,
+        hh4 + E, hh5 + F, hh6 + G, hh7 + H };
   }
 }
diff --git a/libjava/classpath/gnu/java/security/hash/Sha512.java b/libjava/classpath/gnu/java/security/hash/Sha512.java
index da035dcfc2d..e6f553ed40a 100644
--- a/libjava/classpath/gnu/java/security/hash/Sha512.java
+++ b/libjava/classpath/gnu/java/security/hash/Sha512.java
@@ -42,66 +42,52 @@ import gnu.java.security.Registry;
 import gnu.java.security.util.Util;
 
 /**
- * <p>Implementation of SHA2-3 [SHA-512] per the IETF Draft Specification.</p>
- *
- * <p>References:</p>
+ * Implementation of SHA2-3 [SHA-512] per the IETF Draft Specification.
+ * <p>
+ * References:
  * <ol>
  *    <li><a href="http://ftp.ipv4.heanet.ie/pub/ietf/internet-drafts/draft-ietf-ipsec-ciph-aes-cbc-03.txt">
  *    Descriptions of SHA-256, SHA-384, and SHA-512</a>,</li>
  *    <li>http://csrc.nist.gov/cryptval/shs/sha256-384-512.pdf</li>
  * </ol>
  */
-public class Sha512 extends BaseHash
+public class Sha512
+    extends BaseHash
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  private static final long[] k = { 0x428a2f98d728ae22L, 0x7137449123ef65cdL,
-                                   0xb5c0fbcfec4d3b2fL, 0xe9b5dba58189dbbcL,
-                                   0x3956c25bf348b538L, 0x59f111f1b605d019L,
-                                   0x923f82a4af194f9bL, 0xab1c5ed5da6d8118L,
-                                   0xd807aa98a3030242L, 0x12835b0145706fbeL,
-                                   0x243185be4ee4b28cL, 0x550c7dc3d5ffb4e2L,
-                                   0x72be5d74f27b896fL, 0x80deb1fe3b1696b1L,
-                                   0x9bdc06a725c71235L, 0xc19bf174cf692694L,
-                                   0xe49b69c19ef14ad2L, 0xefbe4786384f25e3L,
-                                   0x0fc19dc68b8cd5b5L, 0x240ca1cc77ac9c65L,
-                                   0x2de92c6f592b0275L, 0x4a7484aa6ea6e483L,
-                                   0x5cb0a9dcbd41fbd4L, 0x76f988da831153b5L,
-                                   0x983e5152ee66dfabL, 0xa831c66d2db43210L,
-                                   0xb00327c898fb213fL, 0xbf597fc7beef0ee4L,
-                                   0xc6e00bf33da88fc2L, 0xd5a79147930aa725L,
-                                   0x06ca6351e003826fL, 0x142929670a0e6e70L,
-                                   0x27b70a8546d22ffcL, 0x2e1b21385c26c926L,
-                                   0x4d2c6dfc5ac42aedL, 0x53380d139d95b3dfL,
-                                   0x650a73548baf63deL, 0x766a0abb3c77b2a8L,
-                                   0x81c2c92e47edaee6L, 0x92722c851482353bL,
-                                   0xa2bfe8a14cf10364L, 0xa81a664bbc423001L,
-                                   0xc24b8b70d0f89791L, 0xc76c51a30654be30L,
-                                   0xd192e819d6ef5218L, 0xd69906245565a910L,
-                                   0xf40e35855771202aL, 0x106aa07032bbd1b8L,
-                                   0x19a4c116b8d2d0c8L, 0x1e376c085141ab53L,
-                                   0x2748774cdf8eeb99L, 0x34b0bcb5e19b48a8L,
-                                   0x391c0cb3c5c95a63L, 0x4ed8aa4ae3418acbL,
-                                   0x5b9cca4f7763e373L, 0x682e6ff3d6b2b8a3L,
-                                   0x748f82ee5defb2fcL, 0x78a5636f43172f60L,
-                                   0x84c87814a1f0ab72L, 0x8cc702081a6439ecL,
-                                   0x90befffa23631e28L, 0xa4506cebde82bde9L,
-                                   0xbef9a3f7b2c67915L, 0xc67178f2e372532bL,
-                                   0xca273eceea26619cL, 0xd186b8c721c0c207L,
-                                   0xeada7dd6cde0eb1eL, 0xf57d4f7fee6ed178L,
-                                   0x06f067aa72176fbaL, 0x0a637dc5a2c898a6L,
-                                   0x113f9804bef90daeL, 0x1b710b35131c471bL,
-                                   0x28db77f523047d84L, 0x32caab7b40c72493L,
-                                   0x3c9ebe0a15c9bebcL, 0x431d67c49c100d4cL,
-                                   0x4cc5d4becb3e42b6L, 0x597f299cfc657e2aL,
-                                   0x5fcb6fab3ad6faecL, 0x6c44198c4a475817L };
+  private static final long[] k = {
+      0x428a2f98d728ae22L, 0x7137449123ef65cdL, 0xb5c0fbcfec4d3b2fL,
+      0xe9b5dba58189dbbcL, 0x3956c25bf348b538L, 0x59f111f1b605d019L,
+      0x923f82a4af194f9bL, 0xab1c5ed5da6d8118L, 0xd807aa98a3030242L,
+      0x12835b0145706fbeL, 0x243185be4ee4b28cL, 0x550c7dc3d5ffb4e2L,
+      0x72be5d74f27b896fL, 0x80deb1fe3b1696b1L, 0x9bdc06a725c71235L,
+      0xc19bf174cf692694L, 0xe49b69c19ef14ad2L, 0xefbe4786384f25e3L,
+      0x0fc19dc68b8cd5b5L, 0x240ca1cc77ac9c65L, 0x2de92c6f592b0275L,
+      0x4a7484aa6ea6e483L, 0x5cb0a9dcbd41fbd4L, 0x76f988da831153b5L,
+      0x983e5152ee66dfabL, 0xa831c66d2db43210L, 0xb00327c898fb213fL,
+      0xbf597fc7beef0ee4L, 0xc6e00bf33da88fc2L, 0xd5a79147930aa725L,
+      0x06ca6351e003826fL, 0x142929670a0e6e70L, 0x27b70a8546d22ffcL,
+      0x2e1b21385c26c926L, 0x4d2c6dfc5ac42aedL, 0x53380d139d95b3dfL,
+      0x650a73548baf63deL, 0x766a0abb3c77b2a8L, 0x81c2c92e47edaee6L,
+      0x92722c851482353bL, 0xa2bfe8a14cf10364L, 0xa81a664bbc423001L,
+      0xc24b8b70d0f89791L, 0xc76c51a30654be30L, 0xd192e819d6ef5218L,
+      0xd69906245565a910L, 0xf40e35855771202aL, 0x106aa07032bbd1b8L,
+      0x19a4c116b8d2d0c8L, 0x1e376c085141ab53L, 0x2748774cdf8eeb99L,
+      0x34b0bcb5e19b48a8L, 0x391c0cb3c5c95a63L, 0x4ed8aa4ae3418acbL,
+      0x5b9cca4f7763e373L, 0x682e6ff3d6b2b8a3L, 0x748f82ee5defb2fcL,
+      0x78a5636f43172f60L, 0x84c87814a1f0ab72L, 0x8cc702081a6439ecL,
+      0x90befffa23631e28L, 0xa4506cebde82bde9L, 0xbef9a3f7b2c67915L,
+      0xc67178f2e372532bL, 0xca273eceea26619cL, 0xd186b8c721c0c207L,
+      0xeada7dd6cde0eb1eL, 0xf57d4f7fee6ed178L, 0x06f067aa72176fbaL,
+      0x0a637dc5a2c898a6L, 0x113f9804bef90daeL, 0x1b710b35131c471bL,
+      0x28db77f523047d84L, 0x32caab7b40c72493L, 0x3c9ebe0a15c9bebcL,
+      0x431d67c49c100d4cL, 0x4cc5d4becb3e42b6L, 0x597f299cfc657e2aL,
+      0x5fcb6fab3ad6faecL, 0x6c44198c4a475817L };
 
   private static final int BLOCK_SIZE = 128; // inner block size in bytes
 
-  private static final String DIGEST0 = "DDAF35A193617ABACC417349AE20413112E6FA4E89A97EA20A9EEEE64B55D39A"
-                                        + "2192992A274FC1A836BA3C23A3FEEBBD454D4423643CE80E2A9AC94FA54CA49F";
+  private static final String DIGEST0 =
+      "DDAF35A193617ABACC417349AE20413112E6FA4E89A97EA20A9EEEE64B55D39A"
+    + "2192992A274FC1A836BA3C23A3FEEBBD454D4423643CE80E2A9AC94FA54CA49F";
 
   private static final long[] w = new long[80];
 
@@ -111,9 +97,6 @@ public class Sha512 extends BaseHash
   /** 512-bit interim result. */
   private long h0, h1, h2, h3, h4, h5, h6, h7;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial 0-arguments constructor. */
   public Sha512()
   {
@@ -121,7 +104,7 @@ public class Sha512 extends BaseHash
   }
 
   /**
-   * <p>Private constructor for cloning purposes.</p>
+   * Private constructor for cloning purposes.
    *
    * @param md the instance to clone.
    */
@@ -141,9 +124,6 @@ public class Sha512 extends BaseHash
     this.buffer = (byte[]) md.buffer.clone();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   public static final long[] G(long hh0, long hh1, long hh2, long hh3,
                                long hh4, long hh5, long hh6, long hh7,
                                byte[] in, int offset)
@@ -151,22 +131,14 @@ public class Sha512 extends BaseHash
     return sha(hh0, hh1, hh2, hh3, hh4, hh5, hh6, hh7, in, offset);
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.lang.Cloneable interface implementation ----------------------------
-
   public Object clone()
   {
     return new Sha512(this);
   }
 
-  // Implementation of concrete methods in BaseHash --------------------------
-
   protected void transform(byte[] in, int offset)
   {
     long[] result = sha(h0, h1, h2, h3, h4, h5, h6, h7, in, offset);
-
     h0 = result[0];
     h1 = result[1];
     h2 = result[2];
@@ -179,59 +151,45 @@ public class Sha512 extends BaseHash
 
   protected byte[] padBuffer()
   {
-    int n = (int) (count % BLOCK_SIZE);
+    int n = (int)(count % BLOCK_SIZE);
     int padding = (n < 112) ? (112 - n) : (240 - n);
     byte[] result = new byte[padding + 16];
-
     // padding is always binary 1 followed by binary 0s
     result[0] = (byte) 0x80;
-
     // save number of bits, casting the long to an array of 8 bytes
     // TODO: FIX Only ~35 bits of 128 bit counter usable this way
     long bits = count << 3;
     padding += 8;
-    result[padding++] = (byte) (bits >>> 56);
-    result[padding++] = (byte) (bits >>> 48);
-    result[padding++] = (byte) (bits >>> 40);
-    result[padding++] = (byte) (bits >>> 32);
-    result[padding++] = (byte) (bits >>> 24);
-    result[padding++] = (byte) (bits >>> 16);
-    result[padding++] = (byte) (bits >>> 8);
-    result[padding] = (byte) bits;
-
+    result[padding++] = (byte)(bits >>> 56);
+    result[padding++] = (byte)(bits >>> 48);
+    result[padding++] = (byte)(bits >>> 40);
+    result[padding++] = (byte)(bits >>> 32);
+    result[padding++] = (byte)(bits >>> 24);
+    result[padding++] = (byte)(bits >>> 16);
+    result[padding++] = (byte)(bits >>> 8);
+    result[padding  ] = (byte) bits;
     return result;
   }
 
   protected byte[] getResult()
   {
-    return new byte[] { (byte) (h0 >>> 56), (byte) (h0 >>> 48),
-                       (byte) (h0 >>> 40), (byte) (h0 >>> 32),
-                       (byte) (h0 >>> 24), (byte) (h0 >>> 16),
-                       (byte) (h0 >>> 8), (byte) h0, (byte) (h1 >>> 56),
-                       (byte) (h1 >>> 48), (byte) (h1 >>> 40),
-                       (byte) (h1 >>> 32), (byte) (h1 >>> 24),
-                       (byte) (h1 >>> 16), (byte) (h1 >>> 8), (byte) h1,
-                       (byte) (h2 >>> 56), (byte) (h2 >>> 48),
-                       (byte) (h2 >>> 40), (byte) (h2 >>> 32),
-                       (byte) (h2 >>> 24), (byte) (h2 >>> 16),
-                       (byte) (h2 >>> 8), (byte) h2, (byte) (h3 >>> 56),
-                       (byte) (h3 >>> 48), (byte) (h3 >>> 40),
-                       (byte) (h3 >>> 32), (byte) (h3 >>> 24),
-                       (byte) (h3 >>> 16), (byte) (h3 >>> 8), (byte) h3,
-                       (byte) (h4 >>> 56), (byte) (h4 >>> 48),
-                       (byte) (h4 >>> 40), (byte) (h4 >>> 32),
-                       (byte) (h4 >>> 24), (byte) (h4 >>> 16),
-                       (byte) (h4 >>> 8), (byte) h4, (byte) (h5 >>> 56),
-                       (byte) (h5 >>> 48), (byte) (h5 >>> 40),
-                       (byte) (h5 >>> 32), (byte) (h5 >>> 24),
-                       (byte) (h5 >>> 16), (byte) (h5 >>> 8), (byte) h5,
-                       (byte) (h6 >>> 56), (byte) (h6 >>> 48),
-                       (byte) (h6 >>> 40), (byte) (h6 >>> 32),
-                       (byte) (h6 >>> 24), (byte) (h6 >>> 16),
-                       (byte) (h6 >>> 8), (byte) h6, (byte) (h7 >>> 56),
-                       (byte) (h7 >>> 48), (byte) (h7 >>> 40),
-                       (byte) (h7 >>> 32), (byte) (h7 >>> 24),
-                       (byte) (h7 >>> 16), (byte) (h7 >>> 8), (byte) h7 };
+    return new byte[] {
+        (byte)(h0 >>> 56), (byte)(h0 >>> 48), (byte)(h0 >>> 40), (byte)(h0 >>> 32),
+        (byte)(h0 >>> 24), (byte)(h0 >>> 16), (byte)(h0 >>>  8), (byte) h0,
+        (byte)(h1 >>> 56), (byte)(h1 >>> 48), (byte)(h1 >>> 40), (byte)(h1 >>> 32),
+        (byte)(h1 >>> 24), (byte)(h1 >>> 16), (byte)(h1 >>>  8), (byte) h1,
+        (byte)(h2 >>> 56), (byte)(h2 >>> 48), (byte)(h2 >>> 40), (byte)(h2 >>> 32),
+        (byte)(h2 >>> 24), (byte)(h2 >>> 16), (byte)(h2 >>> 8), (byte) h2,
+        (byte)(h3 >>> 56), (byte)(h3 >>> 48), (byte)(h3 >>> 40), (byte)(h3 >>> 32),
+        (byte)(h3 >>> 24), (byte)(h3 >>> 16), (byte)(h3 >>>  8), (byte) h3,
+        (byte)(h4 >>> 56), (byte)(h4 >>> 48), (byte)(h4 >>> 40), (byte)(h4 >>> 32),
+        (byte)(h4 >>> 24), (byte)(h4 >>> 16), (byte)(h4 >>>  8), (byte) h4,
+        (byte)(h5 >>> 56), (byte)(h5 >>> 48), (byte)(h5 >>> 40), (byte)(h5 >>> 32),
+        (byte)(h5 >>> 24), (byte)(h5 >>> 16), (byte)(h5 >>> 8), (byte) h5,
+        (byte)(h6 >>> 56), (byte)(h6 >>> 48), (byte)(h6 >>> 40), (byte)(h6 >>> 32),
+        (byte)(h6 >>> 24), (byte)(h6 >>> 16), (byte)(h6 >>>  8), (byte) h6,
+        (byte)(h7 >>> 56), (byte)(h7 >>> 48), (byte)(h7 >>> 40), (byte)(h7 >>> 32),
+        (byte)(h7 >>> 24), (byte)(h7 >>> 16), (byte)(h7 >>>  8), (byte) h7 };
   }
 
   protected void resetContext()
@@ -261,9 +219,7 @@ public class Sha512 extends BaseHash
     return valid.booleanValue();
   }
 
-  // SHA specific methods ----------------------------------------------------
-
-  private static final synchronized long[] sha(long hh0, long hh1, long hh2,
+  private static synchronized final long[] sha(long hh0, long hh1, long hh2,
                                                long hh3, long hh4, long hh5,
                                                long hh6, long hh7, byte[] in,
                                                int offset)
@@ -278,33 +234,36 @@ public class Sha512 extends BaseHash
     long H = hh7;
     long T, T2;
     int r;
-
     for (r = 0; r < 16; r++)
-      {
-        w[r] = (long) in[offset++] << 56 | ((long) in[offset++] & 0xFF) << 48
-               | ((long) in[offset++] & 0xFF) << 40
-               | ((long) in[offset++] & 0xFF) << 32
-               | ((long) in[offset++] & 0xFF) << 24
-               | ((long) in[offset++] & 0xFF) << 16
-               | ((long) in[offset++] & 0xFF) << 8
-               | ((long) in[offset++] & 0xFF);
-      }
+      w[r] =  (long) in[offset++]         << 56
+           | ((long) in[offset++] & 0xFF) << 48
+           | ((long) in[offset++] & 0xFF) << 40
+           | ((long) in[offset++] & 0xFF) << 32
+           | ((long) in[offset++] & 0xFF) << 24
+           | ((long) in[offset++] & 0xFF) << 16
+           | ((long) in[offset++] & 0xFF) << 8
+           | ((long) in[offset++] & 0xFF);
     for (r = 16; r < 80; r++)
       {
         T = w[r - 2];
         T2 = w[r - 15];
         w[r] = (((T >>> 19) | (T << 45)) ^ ((T >>> 61) | (T << 3)) ^ (T >>> 6))
                + w[r - 7]
-               + (((T2 >>> 1) | (T2 << 63)) ^ ((T2 >>> 8) | (T2 << 56)) ^ (T2 >>> 7))
+               + (((T2 >>> 1) | (T2 << 63))
+                   ^ ((T2 >>> 8) | (T2 << 56))
+                   ^ (T2 >>> 7))
                + w[r - 16];
       }
-
     for (r = 0; r < 80; r++)
       {
         T = H
-            + (((E >>> 14) | (E << 50)) ^ ((E >>> 18) | (E << 46)) ^ ((E >>> 41) | (E << 23)))
+            + (((E >>> 14) | (E << 50))
+                ^ ((E >>> 18) | (E << 46))
+                ^ ((E >>> 41) | (E << 23)))
             + ((E & F) ^ ((~E) & G)) + k[r] + w[r];
-        T2 = (((A >>> 28) | (A << 36)) ^ ((A >>> 34) | (A << 30)) ^ ((A >>> 39) | (A << 25)))
+        T2 = (((A >>> 28) | (A << 36))
+               ^ ((A >>> 34) | (A << 30))
+               ^ ((A >>> 39) | (A << 25)))
              + ((A & B) ^ (A & C) ^ (B & C));
         H = G;
         G = F;
@@ -315,8 +274,8 @@ public class Sha512 extends BaseHash
         B = A;
         A = T + T2;
       }
-
-    return new long[] { hh0 + A, hh1 + B, hh2 + C, hh3 + D, hh4 + E, hh5 + F,
-                       hh6 + G, hh7 + H };
+    return new long[] {
+        hh0 + A, hh1 + B, hh2 + C, hh3 + D,
+        hh4 + E, hh5 + F, hh6 + G, hh7 + H };
   }
 }
diff --git a/libjava/classpath/gnu/java/security/hash/Tiger.java b/libjava/classpath/gnu/java/security/hash/Tiger.java
index be0921dceb5..101df39efe9 100644
--- a/libjava/classpath/gnu/java/security/hash/Tiger.java
+++ b/libjava/classpath/gnu/java/security/hash/Tiger.java
@@ -46,29 +46,27 @@ import gnu.java.security.util.Util;
  * Biham, with the goal of producing a secure, fast hash function that
  * performs especially well on next-generation 64-bit architectures, but
  * is still efficient on 32- and 16-bit architectures.
- *
- * <p>Tiger processes data in 512-bit blocks and produces a 192-bit
- * digest.</p>
- *
- * <p>References:</p>
+ * <p>
+ * Tiger processes data in 512-bit blocks and produces a 192-bit
+ * digest.
+ * <p>
+ * References:
  * <ol>
  * <li><a
  * href="http://www.cs.technion.ac.il/~biham/Reports/Tiger/">Tiger: A
  * Fast New Hash Function</a>, Ross Anderson and Eli Biham.</a></li>
  * </ol>
  */
-public class Tiger extends BaseHash
+public class Tiger
+    extends BaseHash
 {
-
-  // Constants and variables.
-  // -----------------------------------------------------------------------
-
   private static final int HASH_SIZE = 24;
 
   private static final int BLOCK_SIZE = 64;
 
   /** Result when no data has been input. */
-  private static final String DIGEST0 = "3293AC630C13F0245F92BBB1766E16167A4E58492DDE73F3";
+  private static final String DIGEST0 =
+      "3293AC630C13F0245F92BBB1766E16167A4E58492DDE73F3";
 
   private static final long A = 0x0123456789ABCDEFL;
 
@@ -77,524 +75,360 @@ public class Tiger extends BaseHash
   private static final long C = 0xF096A5B4C3B2E187L;
 
   /** S-Box T1. */
-  private static final long[] T1 = { 0x02AAB17CF7E90C5EL, 0xAC424B03E243A8ECL,
-                                    0x72CD5BE30DD5FCD3L, 0x6D019B93F6F97F3AL,
-                                    0xCD9978FFD21F9193L, 0x7573A1C9708029E2L,
-                                    0xB164326B922A83C3L, 0x46883EEE04915870L,
-                                    0xEAACE3057103ECE6L, 0xC54169B808A3535CL,
-                                    0x4CE754918DDEC47CL, 0x0AA2F4DFDC0DF40CL,
-                                    0x10B76F18A74DBEFAL, 0xC6CCB6235AD1AB6AL,
-                                    0x13726121572FE2FFL, 0x1A488C6F199D921EL,
-                                    0x4BC9F9F4DA0007CAL, 0x26F5E6F6E85241C7L,
-                                    0x859079DBEA5947B6L, 0x4F1885C5C99E8C92L,
-                                    0xD78E761EA96F864BL, 0x8E36428C52B5C17DL,
-                                    0x69CF6827373063C1L, 0xB607C93D9BB4C56EL,
-                                    0x7D820E760E76B5EAL, 0x645C9CC6F07FDC42L,
-                                    0xBF38A078243342E0L, 0x5F6B343C9D2E7D04L,
-                                    0xF2C28AEB600B0EC6L, 0x6C0ED85F7254BCACL,
-                                    0x71592281A4DB4FE5L, 0x1967FA69CE0FED9FL,
-                                    0xFD5293F8B96545DBL, 0xC879E9D7F2A7600BL,
-                                    0x860248920193194EL, 0xA4F9533B2D9CC0B3L,
-                                    0x9053836C15957613L, 0xDB6DCF8AFC357BF1L,
-                                    0x18BEEA7A7A370F57L, 0x037117CA50B99066L,
-                                    0x6AB30A9774424A35L, 0xF4E92F02E325249BL,
-                                    0x7739DB07061CCAE1L, 0xD8F3B49CECA42A05L,
-                                    0xBD56BE3F51382F73L, 0x45FAED5843B0BB28L,
-                                    0x1C813D5C11BF1F83L, 0x8AF0E4B6D75FA169L,
-                                    0x33EE18A487AD9999L, 0x3C26E8EAB1C94410L,
-                                    0xB510102BC0A822F9L, 0x141EEF310CE6123BL,
-                                    0xFC65B90059DDB154L, 0xE0158640C5E0E607L,
-                                    0x884E079826C3A3CFL, 0x930D0D9523C535FDL,
-                                    0x35638D754E9A2B00L, 0x4085FCCF40469DD5L,
-                                    0xC4B17AD28BE23A4CL, 0xCAB2F0FC6A3E6A2EL,
-                                    0x2860971A6B943FCDL, 0x3DDE6EE212E30446L,
-                                    0x6222F32AE01765AEL, 0x5D550BB5478308FEL,
-                                    0xA9EFA98DA0EDA22AL, 0xC351A71686C40DA7L,
-                                    0x1105586D9C867C84L, 0xDCFFEE85FDA22853L,
-                                    0xCCFBD0262C5EEF76L, 0xBAF294CB8990D201L,
-                                    0xE69464F52AFAD975L, 0x94B013AFDF133E14L,
-                                    0x06A7D1A32823C958L, 0x6F95FE5130F61119L,
-                                    0xD92AB34E462C06C0L, 0xED7BDE33887C71D2L,
-                                    0x79746D6E6518393EL, 0x5BA419385D713329L,
-                                    0x7C1BA6B948A97564L, 0x31987C197BFDAC67L,
-                                    0xDE6C23C44B053D02L, 0x581C49FED002D64DL,
-                                    0xDD474D6338261571L, 0xAA4546C3E473D062L,
-                                    0x928FCE349455F860L, 0x48161BBACAAB94D9L,
-                                    0x63912430770E6F68L, 0x6EC8A5E602C6641CL,
-                                    0x87282515337DDD2BL, 0x2CDA6B42034B701BL,
-                                    0xB03D37C181CB096DL, 0xE108438266C71C6FL,
-                                    0x2B3180C7EB51B255L, 0xDF92B82F96C08BBCL,
-                                    0x5C68C8C0A632F3BAL, 0x5504CC861C3D0556L,
-                                    0xABBFA4E55FB26B8FL, 0x41848B0AB3BACEB4L,
-                                    0xB334A273AA445D32L, 0xBCA696F0A85AD881L,
-                                    0x24F6EC65B528D56CL, 0x0CE1512E90F4524AL,
-                                    0x4E9DD79D5506D35AL, 0x258905FAC6CE9779L,
-                                    0x2019295B3E109B33L, 0xF8A9478B73A054CCL,
-                                    0x2924F2F934417EB0L, 0x3993357D536D1BC4L,
-                                    0x38A81AC21DB6FF8BL, 0x47C4FBF17D6016BFL,
-                                    0x1E0FAADD7667E3F5L, 0x7ABCFF62938BEB96L,
-                                    0xA78DAD948FC179C9L, 0x8F1F98B72911E50DL,
-                                    0x61E48EAE27121A91L, 0x4D62F7AD31859808L,
-                                    0xECEBA345EF5CEAEBL, 0xF5CEB25EBC9684CEL,
-                                    0xF633E20CB7F76221L, 0xA32CDF06AB8293E4L,
-                                    0x985A202CA5EE2CA4L, 0xCF0B8447CC8A8FB1L,
-                                    0x9F765244979859A3L, 0xA8D516B1A1240017L,
-                                    0x0BD7BA3EBB5DC726L, 0xE54BCA55B86ADB39L,
-                                    0x1D7A3AFD6C478063L, 0x519EC608E7669EDDL,
-                                    0x0E5715A2D149AA23L, 0x177D4571848FF194L,
-                                    0xEEB55F3241014C22L, 0x0F5E5CA13A6E2EC2L,
-                                    0x8029927B75F5C361L, 0xAD139FABC3D6E436L,
-                                    0x0D5DF1A94CCF402FL, 0x3E8BD948BEA5DFC8L,
-                                    0xA5A0D357BD3FF77EL, 0xA2D12E251F74F645L,
-                                    0x66FD9E525E81A082L, 0x2E0C90CE7F687A49L,
-                                    0xC2E8BCBEBA973BC5L, 0x000001BCE509745FL,
-                                    0x423777BBE6DAB3D6L, 0xD1661C7EAEF06EB5L,
-                                    0xA1781F354DAACFD8L, 0x2D11284A2B16AFFCL,
-                                    0xF1FC4F67FA891D1FL, 0x73ECC25DCB920ADAL,
-                                    0xAE610C22C2A12651L, 0x96E0A810D356B78AL,
-                                    0x5A9A381F2FE7870FL, 0xD5AD62EDE94E5530L,
-                                    0xD225E5E8368D1427L, 0x65977B70C7AF4631L,
-                                    0x99F889B2DE39D74FL, 0x233F30BF54E1D143L,
-                                    0x9A9675D3D9A63C97L, 0x5470554FF334F9A8L,
-                                    0x166ACB744A4F5688L, 0x70C74CAAB2E4AEADL,
-                                    0xF0D091646F294D12L, 0x57B82A89684031D1L,
-                                    0xEFD95A5A61BE0B6BL, 0x2FBD12E969F2F29AL,
-                                    0x9BD37013FEFF9FE8L, 0x3F9B0404D6085A06L,
-                                    0x4940C1F3166CFE15L, 0x09542C4DCDF3DEFBL,
-                                    0xB4C5218385CD5CE3L, 0xC935B7DC4462A641L,
-                                    0x3417F8A68ED3B63FL, 0xB80959295B215B40L,
-                                    0xF99CDAEF3B8C8572L, 0x018C0614F8FCB95DL,
-                                    0x1B14ACCD1A3ACDF3L, 0x84D471F200BB732DL,
-                                    0xC1A3110E95E8DA16L, 0x430A7220BF1A82B8L,
-                                    0xB77E090D39DF210EL, 0x5EF4BD9F3CD05E9DL,
-                                    0x9D4FF6DA7E57A444L, 0xDA1D60E183D4A5F8L,
-                                    0xB287C38417998E47L, 0xFE3EDC121BB31886L,
-                                    0xC7FE3CCC980CCBEFL, 0xE46FB590189BFD03L,
-                                    0x3732FD469A4C57DCL, 0x7EF700A07CF1AD65L,
-                                    0x59C64468A31D8859L, 0x762FB0B4D45B61F6L,
-                                    0x155BAED099047718L, 0x68755E4C3D50BAA6L,
-                                    0xE9214E7F22D8B4DFL, 0x2ADDBF532EAC95F4L,
-                                    0x32AE3909B4BD0109L, 0x834DF537B08E3450L,
-                                    0xFA209DA84220728DL, 0x9E691D9B9EFE23F7L,
-                                    0x0446D288C4AE8D7FL, 0x7B4CC524E169785BL,
-                                    0x21D87F0135CA1385L, 0xCEBB400F137B8AA5L,
-                                    0x272E2B66580796BEL, 0x3612264125C2B0DEL,
-                                    0x057702BDAD1EFBB2L, 0xD4BABB8EACF84BE9L,
-                                    0x91583139641BC67BL, 0x8BDC2DE08036E024L,
-                                    0x603C8156F49F68EDL, 0xF7D236F7DBEF5111L,
-                                    0x9727C4598AD21E80L, 0xA08A0896670A5FD7L,
-                                    0xCB4A8F4309EBA9CBL, 0x81AF564B0F7036A1L,
-                                    0xC0B99AA778199ABDL, 0x959F1EC83FC8E952L,
-                                    0x8C505077794A81B9L, 0x3ACAAF8F056338F0L,
-                                    0x07B43F50627A6778L, 0x4A44AB49F5ECCC77L,
-                                    0x3BC3D6E4B679EE98L, 0x9CC0D4D1CF14108CL,
-                                    0x4406C00B206BC8A0L, 0x82A18854C8D72D89L,
-                                    0x67E366B35C3C432CL, 0xB923DD61102B37F2L,
-                                    0x56AB2779D884271DL, 0xBE83E1B0FF1525AFL,
-                                    0xFB7C65D4217E49A9L, 0x6BDBE0E76D48E7D4L,
-                                    0x08DF828745D9179EL, 0x22EA6A9ADD53BD34L,
-                                    0xE36E141C5622200AL, 0x7F805D1B8CB750EEL,
-                                    0xAFE5C7A59F58E837L, 0xE27F996A4FB1C23CL,
-                                    0xD3867DFB0775F0D0L, 0xD0E673DE6E88891AL,
-                                    0x123AEB9EAFB86C25L, 0x30F1D5D5C145B895L,
-                                    0xBB434A2DEE7269E7L, 0x78CB67ECF931FA38L,
-                                    0xF33B0372323BBF9CL, 0x52D66336FB279C74L,
-                                    0x505F33AC0AFB4EAAL, 0xE8A5CD99A2CCE187L,
-                                    0x534974801E2D30BBL, 0x8D2D5711D5876D90L,
-                                    0x1F1A412891BC038EL, 0xD6E2E71D82E56648L,
-                                    0x74036C3A497732B7L, 0x89B67ED96361F5ABL,
-                                    0xFFED95D8F1EA02A2L, 0xE72B3BD61464D43DL,
-                                    0xA6300F170BDC4820L, 0xEBC18760ED78A77AL };
+  private static final long[] T1 = {
+      0x02AAB17CF7E90C5EL, 0xAC424B03E243A8ECL, 0x72CD5BE30DD5FCD3L,
+      0x6D019B93F6F97F3AL, 0xCD9978FFD21F9193L, 0x7573A1C9708029E2L,
+      0xB164326B922A83C3L, 0x46883EEE04915870L, 0xEAACE3057103ECE6L,
+      0xC54169B808A3535CL, 0x4CE754918DDEC47CL, 0x0AA2F4DFDC0DF40CL,
+      0x10B76F18A74DBEFAL, 0xC6CCB6235AD1AB6AL, 0x13726121572FE2FFL,
+      0x1A488C6F199D921EL, 0x4BC9F9F4DA0007CAL, 0x26F5E6F6E85241C7L,
+      0x859079DBEA5947B6L, 0x4F1885C5C99E8C92L, 0xD78E761EA96F864BL,
+      0x8E36428C52B5C17DL, 0x69CF6827373063C1L, 0xB607C93D9BB4C56EL,
+      0x7D820E760E76B5EAL, 0x645C9CC6F07FDC42L, 0xBF38A078243342E0L,
+      0x5F6B343C9D2E7D04L, 0xF2C28AEB600B0EC6L, 0x6C0ED85F7254BCACL,
+      0x71592281A4DB4FE5L, 0x1967FA69CE0FED9FL, 0xFD5293F8B96545DBL,
+      0xC879E9D7F2A7600BL, 0x860248920193194EL, 0xA4F9533B2D9CC0B3L,
+      0x9053836C15957613L, 0xDB6DCF8AFC357BF1L, 0x18BEEA7A7A370F57L,
+      0x037117CA50B99066L, 0x6AB30A9774424A35L, 0xF4E92F02E325249BL,
+      0x7739DB07061CCAE1L, 0xD8F3B49CECA42A05L, 0xBD56BE3F51382F73L,
+      0x45FAED5843B0BB28L, 0x1C813D5C11BF1F83L, 0x8AF0E4B6D75FA169L,
+      0x33EE18A487AD9999L, 0x3C26E8EAB1C94410L, 0xB510102BC0A822F9L,
+      0x141EEF310CE6123BL, 0xFC65B90059DDB154L, 0xE0158640C5E0E607L,
+      0x884E079826C3A3CFL, 0x930D0D9523C535FDL, 0x35638D754E9A2B00L,
+      0x4085FCCF40469DD5L, 0xC4B17AD28BE23A4CL, 0xCAB2F0FC6A3E6A2EL,
+      0x2860971A6B943FCDL, 0x3DDE6EE212E30446L, 0x6222F32AE01765AEL,
+      0x5D550BB5478308FEL, 0xA9EFA98DA0EDA22AL, 0xC351A71686C40DA7L,
+      0x1105586D9C867C84L, 0xDCFFEE85FDA22853L, 0xCCFBD0262C5EEF76L,
+      0xBAF294CB8990D201L, 0xE69464F52AFAD975L, 0x94B013AFDF133E14L,
+      0x06A7D1A32823C958L, 0x6F95FE5130F61119L, 0xD92AB34E462C06C0L,
+      0xED7BDE33887C71D2L, 0x79746D6E6518393EL, 0x5BA419385D713329L,
+      0x7C1BA6B948A97564L, 0x31987C197BFDAC67L, 0xDE6C23C44B053D02L,
+      0x581C49FED002D64DL, 0xDD474D6338261571L, 0xAA4546C3E473D062L,
+      0x928FCE349455F860L, 0x48161BBACAAB94D9L, 0x63912430770E6F68L,
+      0x6EC8A5E602C6641CL, 0x87282515337DDD2BL, 0x2CDA6B42034B701BL,
+      0xB03D37C181CB096DL, 0xE108438266C71C6FL, 0x2B3180C7EB51B255L,
+      0xDF92B82F96C08BBCL, 0x5C68C8C0A632F3BAL, 0x5504CC861C3D0556L,
+      0xABBFA4E55FB26B8FL, 0x41848B0AB3BACEB4L, 0xB334A273AA445D32L,
+      0xBCA696F0A85AD881L, 0x24F6EC65B528D56CL, 0x0CE1512E90F4524AL,
+      0x4E9DD79D5506D35AL, 0x258905FAC6CE9779L, 0x2019295B3E109B33L,
+      0xF8A9478B73A054CCL, 0x2924F2F934417EB0L, 0x3993357D536D1BC4L,
+      0x38A81AC21DB6FF8BL, 0x47C4FBF17D6016BFL, 0x1E0FAADD7667E3F5L,
+      0x7ABCFF62938BEB96L, 0xA78DAD948FC179C9L, 0x8F1F98B72911E50DL,
+      0x61E48EAE27121A91L, 0x4D62F7AD31859808L, 0xECEBA345EF5CEAEBL,
+      0xF5CEB25EBC9684CEL, 0xF633E20CB7F76221L, 0xA32CDF06AB8293E4L,
+      0x985A202CA5EE2CA4L, 0xCF0B8447CC8A8FB1L, 0x9F765244979859A3L,
+      0xA8D516B1A1240017L, 0x0BD7BA3EBB5DC726L, 0xE54BCA55B86ADB39L,
+      0x1D7A3AFD6C478063L, 0x519EC608E7669EDDL, 0x0E5715A2D149AA23L,
+      0x177D4571848FF194L, 0xEEB55F3241014C22L, 0x0F5E5CA13A6E2EC2L,
+      0x8029927B75F5C361L, 0xAD139FABC3D6E436L, 0x0D5DF1A94CCF402FL,
+      0x3E8BD948BEA5DFC8L, 0xA5A0D357BD3FF77EL, 0xA2D12E251F74F645L,
+      0x66FD9E525E81A082L, 0x2E0C90CE7F687A49L, 0xC2E8BCBEBA973BC5L,
+      0x000001BCE509745FL, 0x423777BBE6DAB3D6L, 0xD1661C7EAEF06EB5L,
+      0xA1781F354DAACFD8L, 0x2D11284A2B16AFFCL, 0xF1FC4F67FA891D1FL,
+      0x73ECC25DCB920ADAL, 0xAE610C22C2A12651L, 0x96E0A810D356B78AL,
+      0x5A9A381F2FE7870FL, 0xD5AD62EDE94E5530L, 0xD225E5E8368D1427L,
+      0x65977B70C7AF4631L, 0x99F889B2DE39D74FL, 0x233F30BF54E1D143L,
+      0x9A9675D3D9A63C97L, 0x5470554FF334F9A8L, 0x166ACB744A4F5688L,
+      0x70C74CAAB2E4AEADL, 0xF0D091646F294D12L, 0x57B82A89684031D1L,
+      0xEFD95A5A61BE0B6BL, 0x2FBD12E969F2F29AL, 0x9BD37013FEFF9FE8L,
+      0x3F9B0404D6085A06L, 0x4940C1F3166CFE15L, 0x09542C4DCDF3DEFBL,
+      0xB4C5218385CD5CE3L, 0xC935B7DC4462A641L, 0x3417F8A68ED3B63FL,
+      0xB80959295B215B40L, 0xF99CDAEF3B8C8572L, 0x018C0614F8FCB95DL,
+      0x1B14ACCD1A3ACDF3L, 0x84D471F200BB732DL, 0xC1A3110E95E8DA16L,
+      0x430A7220BF1A82B8L, 0xB77E090D39DF210EL, 0x5EF4BD9F3CD05E9DL,
+      0x9D4FF6DA7E57A444L, 0xDA1D60E183D4A5F8L, 0xB287C38417998E47L,
+      0xFE3EDC121BB31886L, 0xC7FE3CCC980CCBEFL, 0xE46FB590189BFD03L,
+      0x3732FD469A4C57DCL, 0x7EF700A07CF1AD65L, 0x59C64468A31D8859L,
+      0x762FB0B4D45B61F6L, 0x155BAED099047718L, 0x68755E4C3D50BAA6L,
+      0xE9214E7F22D8B4DFL, 0x2ADDBF532EAC95F4L, 0x32AE3909B4BD0109L,
+      0x834DF537B08E3450L, 0xFA209DA84220728DL, 0x9E691D9B9EFE23F7L,
+      0x0446D288C4AE8D7FL, 0x7B4CC524E169785BL, 0x21D87F0135CA1385L,
+      0xCEBB400F137B8AA5L, 0x272E2B66580796BEL, 0x3612264125C2B0DEL,
+      0x057702BDAD1EFBB2L, 0xD4BABB8EACF84BE9L, 0x91583139641BC67BL,
+      0x8BDC2DE08036E024L, 0x603C8156F49F68EDL, 0xF7D236F7DBEF5111L,
+      0x9727C4598AD21E80L, 0xA08A0896670A5FD7L, 0xCB4A8F4309EBA9CBL,
+      0x81AF564B0F7036A1L, 0xC0B99AA778199ABDL, 0x959F1EC83FC8E952L,
+      0x8C505077794A81B9L, 0x3ACAAF8F056338F0L, 0x07B43F50627A6778L,
+      0x4A44AB49F5ECCC77L, 0x3BC3D6E4B679EE98L, 0x9CC0D4D1CF14108CL,
+      0x4406C00B206BC8A0L, 0x82A18854C8D72D89L, 0x67E366B35C3C432CL,
+      0xB923DD61102B37F2L, 0x56AB2779D884271DL, 0xBE83E1B0FF1525AFL,
+      0xFB7C65D4217E49A9L, 0x6BDBE0E76D48E7D4L, 0x08DF828745D9179EL,
+      0x22EA6A9ADD53BD34L, 0xE36E141C5622200AL, 0x7F805D1B8CB750EEL,
+      0xAFE5C7A59F58E837L, 0xE27F996A4FB1C23CL, 0xD3867DFB0775F0D0L,
+      0xD0E673DE6E88891AL, 0x123AEB9EAFB86C25L, 0x30F1D5D5C145B895L,
+      0xBB434A2DEE7269E7L, 0x78CB67ECF931FA38L, 0xF33B0372323BBF9CL,
+      0x52D66336FB279C74L, 0x505F33AC0AFB4EAAL, 0xE8A5CD99A2CCE187L,
+      0x534974801E2D30BBL, 0x8D2D5711D5876D90L, 0x1F1A412891BC038EL,
+      0xD6E2E71D82E56648L, 0x74036C3A497732B7L, 0x89B67ED96361F5ABL,
+      0xFFED95D8F1EA02A2L, 0xE72B3BD61464D43DL, 0xA6300F170BDC4820L,
+      0xEBC18760ED78A77AL };
 
   /** S-Box T2. */
-  private static final long[] T2 = { 0xE6A6BE5A05A12138L, 0xB5A122A5B4F87C98L,
-                                    0x563C6089140B6990L, 0x4C46CB2E391F5DD5L,
-                                    0xD932ADDBC9B79434L, 0x08EA70E42015AFF5L,
-                                    0xD765A6673E478CF1L, 0xC4FB757EAB278D99L,
-                                    0xDF11C6862D6E0692L, 0xDDEB84F10D7F3B16L,
-                                    0x6F2EF604A665EA04L, 0x4A8E0F0FF0E0DFB3L,
-                                    0xA5EDEEF83DBCBA51L, 0xFC4F0A2A0EA4371EL,
-                                    0xE83E1DA85CB38429L, 0xDC8FF882BA1B1CE2L,
-                                    0xCD45505E8353E80DL, 0x18D19A00D4DB0717L,
-                                    0x34A0CFEDA5F38101L, 0x0BE77E518887CAF2L,
-                                    0x1E341438B3C45136L, 0xE05797F49089CCF9L,
-                                    0xFFD23F9DF2591D14L, 0x543DDA228595C5CDL,
-                                    0x661F81FD99052A33L, 0x8736E641DB0F7B76L,
-                                    0x15227725418E5307L, 0xE25F7F46162EB2FAL,
-                                    0x48A8B2126C13D9FEL, 0xAFDC541792E76EEAL,
-                                    0x03D912BFC6D1898FL, 0x31B1AAFA1B83F51BL,
-                                    0xF1AC2796E42AB7D9L, 0x40A3A7D7FCD2EBACL,
-                                    0x1056136D0AFBBCC5L, 0x7889E1DD9A6D0C85L,
-                                    0xD33525782A7974AAL, 0xA7E25D09078AC09BL,
-                                    0xBD4138B3EAC6EDD0L, 0x920ABFBE71EB9E70L,
-                                    0xA2A5D0F54FC2625CL, 0xC054E36B0B1290A3L,
-                                    0xF6DD59FF62FE932BL, 0x3537354511A8AC7DL,
-                                    0xCA845E9172FADCD4L, 0x84F82B60329D20DCL,
-                                    0x79C62CE1CD672F18L, 0x8B09A2ADD124642CL,
-                                    0xD0C1E96A19D9E726L, 0x5A786A9B4BA9500CL,
-                                    0x0E020336634C43F3L, 0xC17B474AEB66D822L,
-                                    0x6A731AE3EC9BAAC2L, 0x8226667AE0840258L,
-                                    0x67D4567691CAECA5L, 0x1D94155C4875ADB5L,
-                                    0x6D00FD985B813FDFL, 0x51286EFCB774CD06L,
-                                    0x5E8834471FA744AFL, 0xF72CA0AEE761AE2EL,
-                                    0xBE40E4CDAEE8E09AL, 0xE9970BBB5118F665L,
-                                    0x726E4BEB33DF1964L, 0x703B000729199762L,
-                                    0x4631D816F5EF30A7L, 0xB880B5B51504A6BEL,
-                                    0x641793C37ED84B6CL, 0x7B21ED77F6E97D96L,
-                                    0x776306312EF96B73L, 0xAE528948E86FF3F4L,
-                                    0x53DBD7F286A3F8F8L, 0x16CADCE74CFC1063L,
-                                    0x005C19BDFA52C6DDL, 0x68868F5D64D46AD3L,
-                                    0x3A9D512CCF1E186AL, 0x367E62C2385660AEL,
-                                    0xE359E7EA77DCB1D7L, 0x526C0773749ABE6EL,
-                                    0x735AE5F9D09F734BL, 0x493FC7CC8A558BA8L,
-                                    0xB0B9C1533041AB45L, 0x321958BA470A59BDL,
-                                    0x852DB00B5F46C393L, 0x91209B2BD336B0E5L,
-                                    0x6E604F7D659EF19FL, 0xB99A8AE2782CCB24L,
-                                    0xCCF52AB6C814C4C7L, 0x4727D9AFBE11727BL,
-                                    0x7E950D0C0121B34DL, 0x756F435670AD471FL,
-                                    0xF5ADD442615A6849L, 0x4E87E09980B9957AL,
-                                    0x2ACFA1DF50AEE355L, 0xD898263AFD2FD556L,
-                                    0xC8F4924DD80C8FD6L, 0xCF99CA3D754A173AL,
-                                    0xFE477BACAF91BF3CL, 0xED5371F6D690C12DL,
-                                    0x831A5C285E687094L, 0xC5D3C90A3708A0A4L,
-                                    0x0F7F903717D06580L, 0x19F9BB13B8FDF27FL,
-                                    0xB1BD6F1B4D502843L, 0x1C761BA38FFF4012L,
-                                    0x0D1530C4E2E21F3BL, 0x8943CE69A7372C8AL,
-                                    0xE5184E11FEB5CE66L, 0x618BDB80BD736621L,
-                                    0x7D29BAD68B574D0BL, 0x81BB613E25E6FE5BL,
-                                    0x071C9C10BC07913FL, 0xC7BEEB7909AC2D97L,
-                                    0xC3E58D353BC5D757L, 0xEB017892F38F61E8L,
-                                    0xD4EFFB9C9B1CC21AL, 0x99727D26F494F7ABL,
-                                    0xA3E063A2956B3E03L, 0x9D4A8B9A4AA09C30L,
-                                    0x3F6AB7D500090FB4L, 0x9CC0F2A057268AC0L,
-                                    0x3DEE9D2DEDBF42D1L, 0x330F49C87960A972L,
-                                    0xC6B2720287421B41L, 0x0AC59EC07C00369CL,
-                                    0xEF4EAC49CB353425L, 0xF450244EEF0129D8L,
-                                    0x8ACC46E5CAF4DEB6L, 0x2FFEAB63989263F7L,
-                                    0x8F7CB9FE5D7A4578L, 0x5BD8F7644E634635L,
-                                    0x427A7315BF2DC900L, 0x17D0C4AA2125261CL,
-                                    0x3992486C93518E50L, 0xB4CBFEE0A2D7D4C3L,
-                                    0x7C75D6202C5DDD8DL, 0xDBC295D8E35B6C61L,
-                                    0x60B369D302032B19L, 0xCE42685FDCE44132L,
-                                    0x06F3DDB9DDF65610L, 0x8EA4D21DB5E148F0L,
-                                    0x20B0FCE62FCD496FL, 0x2C1B912358B0EE31L,
-                                    0xB28317B818F5A308L, 0xA89C1E189CA6D2CFL,
-                                    0x0C6B18576AAADBC8L, 0xB65DEAA91299FAE3L,
-                                    0xFB2B794B7F1027E7L, 0x04E4317F443B5BEBL,
-                                    0x4B852D325939D0A6L, 0xD5AE6BEEFB207FFCL,
-                                    0x309682B281C7D374L, 0xBAE309A194C3B475L,
-                                    0x8CC3F97B13B49F05L, 0x98A9422FF8293967L,
-                                    0x244B16B01076FF7CL, 0xF8BF571C663D67EEL,
-                                    0x1F0D6758EEE30DA1L, 0xC9B611D97ADEB9B7L,
-                                    0xB7AFD5887B6C57A2L, 0x6290AE846B984FE1L,
-                                    0x94DF4CDEACC1A5FDL, 0x058A5BD1C5483AFFL,
-                                    0x63166CC142BA3C37L, 0x8DB8526EB2F76F40L,
-                                    0xE10880036F0D6D4EL, 0x9E0523C9971D311DL,
-                                    0x45EC2824CC7CD691L, 0x575B8359E62382C9L,
-                                    0xFA9E400DC4889995L, 0xD1823ECB45721568L,
-                                    0xDAFD983B8206082FL, 0xAA7D29082386A8CBL,
-                                    0x269FCD4403B87588L, 0x1B91F5F728BDD1E0L,
-                                    0xE4669F39040201F6L, 0x7A1D7C218CF04ADEL,
-                                    0x65623C29D79CE5CEL, 0x2368449096C00BB1L,
-                                    0xAB9BF1879DA503BAL, 0xBC23ECB1A458058EL,
-                                    0x9A58DF01BB401ECCL, 0xA070E868A85F143DL,
-                                    0x4FF188307DF2239EL, 0x14D565B41A641183L,
-                                    0xEE13337452701602L, 0x950E3DCF3F285E09L,
-                                    0x59930254B9C80953L, 0x3BF299408930DA6DL,
-                                    0xA955943F53691387L, 0xA15EDECAA9CB8784L,
-                                    0x29142127352BE9A0L, 0x76F0371FFF4E7AFBL,
-                                    0x0239F450274F2228L, 0xBB073AF01D5E868BL,
-                                    0xBFC80571C10E96C1L, 0xD267088568222E23L,
-                                    0x9671A3D48E80B5B0L, 0x55B5D38AE193BB81L,
-                                    0x693AE2D0A18B04B8L, 0x5C48B4ECADD5335FL,
-                                    0xFD743B194916A1CAL, 0x2577018134BE98C4L,
-                                    0xE77987E83C54A4ADL, 0x28E11014DA33E1B9L,
-                                    0x270CC59E226AA213L, 0x71495F756D1A5F60L,
-                                    0x9BE853FB60AFEF77L, 0xADC786A7F7443DBFL,
-                                    0x0904456173B29A82L, 0x58BC7A66C232BD5EL,
-                                    0xF306558C673AC8B2L, 0x41F639C6B6C9772AL,
-                                    0x216DEFE99FDA35DAL, 0x11640CC71C7BE615L,
-                                    0x93C43694565C5527L, 0xEA038E6246777839L,
-                                    0xF9ABF3CE5A3E2469L, 0x741E768D0FD312D2L,
-                                    0x0144B883CED652C6L, 0xC20B5A5BA33F8552L,
-                                    0x1AE69633C3435A9DL, 0x97A28CA4088CFDECL,
-                                    0x8824A43C1E96F420L, 0x37612FA66EEEA746L,
-                                    0x6B4CB165F9CF0E5AL, 0x43AA1C06A0ABFB4AL,
-                                    0x7F4DC26FF162796BL, 0x6CBACC8E54ED9B0FL,
-                                    0xA6B7FFEFD2BB253EL, 0x2E25BC95B0A29D4FL,
-                                    0x86D6A58BDEF1388CL, 0xDED74AC576B6F054L,
-                                    0x8030BDBC2B45805DL, 0x3C81AF70E94D9289L,
-                                    0x3EFF6DDA9E3100DBL, 0xB38DC39FDFCC8847L,
-                                    0x123885528D17B87EL, 0xF2DA0ED240B1B642L,
-                                    0x44CEFADCD54BF9A9L, 0x1312200E433C7EE6L,
-                                    0x9FFCC84F3A78C748L, 0xF0CD1F72248576BBL,
-                                    0xEC6974053638CFE4L, 0x2BA7B67C0CEC4E4CL,
-                                    0xAC2F4DF3E5CE32EDL, 0xCB33D14326EA4C11L,
-                                    0xA4E9044CC77E58BCL, 0x5F513293D934FCEFL,
-                                    0x5DC9645506E55444L, 0x50DE418F317DE40AL,
-                                    0x388CB31A69DDE259L, 0x2DB4A83455820A86L,
-                                    0x9010A91E84711AE9L, 0x4DF7F0B7B1498371L,
-                                    0xD62A2EABC0977179L, 0x22FAC097AA8D5C0EL };
+  private static final long[] T2 = {
+      0xE6A6BE5A05A12138L, 0xB5A122A5B4F87C98L, 0x563C6089140B6990L,
+      0x4C46CB2E391F5DD5L, 0xD932ADDBC9B79434L, 0x08EA70E42015AFF5L,
+      0xD765A6673E478CF1L, 0xC4FB757EAB278D99L, 0xDF11C6862D6E0692L,
+      0xDDEB84F10D7F3B16L, 0x6F2EF604A665EA04L, 0x4A8E0F0FF0E0DFB3L,
+      0xA5EDEEF83DBCBA51L, 0xFC4F0A2A0EA4371EL, 0xE83E1DA85CB38429L,
+      0xDC8FF882BA1B1CE2L, 0xCD45505E8353E80DL, 0x18D19A00D4DB0717L,
+      0x34A0CFEDA5F38101L, 0x0BE77E518887CAF2L, 0x1E341438B3C45136L,
+      0xE05797F49089CCF9L, 0xFFD23F9DF2591D14L, 0x543DDA228595C5CDL,
+      0x661F81FD99052A33L, 0x8736E641DB0F7B76L, 0x15227725418E5307L,
+      0xE25F7F46162EB2FAL, 0x48A8B2126C13D9FEL, 0xAFDC541792E76EEAL,
+      0x03D912BFC6D1898FL, 0x31B1AAFA1B83F51BL, 0xF1AC2796E42AB7D9L,
+      0x40A3A7D7FCD2EBACL, 0x1056136D0AFBBCC5L, 0x7889E1DD9A6D0C85L,
+      0xD33525782A7974AAL, 0xA7E25D09078AC09BL, 0xBD4138B3EAC6EDD0L,
+      0x920ABFBE71EB9E70L, 0xA2A5D0F54FC2625CL, 0xC054E36B0B1290A3L,
+      0xF6DD59FF62FE932BL, 0x3537354511A8AC7DL, 0xCA845E9172FADCD4L,
+      0x84F82B60329D20DCL, 0x79C62CE1CD672F18L, 0x8B09A2ADD124642CL,
+      0xD0C1E96A19D9E726L, 0x5A786A9B4BA9500CL, 0x0E020336634C43F3L,
+      0xC17B474AEB66D822L, 0x6A731AE3EC9BAAC2L, 0x8226667AE0840258L,
+      0x67D4567691CAECA5L, 0x1D94155C4875ADB5L, 0x6D00FD985B813FDFL,
+      0x51286EFCB774CD06L, 0x5E8834471FA744AFL, 0xF72CA0AEE761AE2EL,
+      0xBE40E4CDAEE8E09AL, 0xE9970BBB5118F665L, 0x726E4BEB33DF1964L,
+      0x703B000729199762L, 0x4631D816F5EF30A7L, 0xB880B5B51504A6BEL,
+      0x641793C37ED84B6CL, 0x7B21ED77F6E97D96L, 0x776306312EF96B73L,
+      0xAE528948E86FF3F4L, 0x53DBD7F286A3F8F8L, 0x16CADCE74CFC1063L,
+      0x005C19BDFA52C6DDL, 0x68868F5D64D46AD3L, 0x3A9D512CCF1E186AL,
+      0x367E62C2385660AEL, 0xE359E7EA77DCB1D7L, 0x526C0773749ABE6EL,
+      0x735AE5F9D09F734BL, 0x493FC7CC8A558BA8L, 0xB0B9C1533041AB45L,
+      0x321958BA470A59BDL, 0x852DB00B5F46C393L, 0x91209B2BD336B0E5L,
+      0x6E604F7D659EF19FL, 0xB99A8AE2782CCB24L, 0xCCF52AB6C814C4C7L,
+      0x4727D9AFBE11727BL, 0x7E950D0C0121B34DL, 0x756F435670AD471FL,
+      0xF5ADD442615A6849L, 0x4E87E09980B9957AL, 0x2ACFA1DF50AEE355L,
+      0xD898263AFD2FD556L, 0xC8F4924DD80C8FD6L, 0xCF99CA3D754A173AL,
+      0xFE477BACAF91BF3CL, 0xED5371F6D690C12DL, 0x831A5C285E687094L,
+      0xC5D3C90A3708A0A4L, 0x0F7F903717D06580L, 0x19F9BB13B8FDF27FL,
+      0xB1BD6F1B4D502843L, 0x1C761BA38FFF4012L, 0x0D1530C4E2E21F3BL,
+      0x8943CE69A7372C8AL, 0xE5184E11FEB5CE66L, 0x618BDB80BD736621L,
+      0x7D29BAD68B574D0BL, 0x81BB613E25E6FE5BL, 0x071C9C10BC07913FL,
+      0xC7BEEB7909AC2D97L, 0xC3E58D353BC5D757L, 0xEB017892F38F61E8L,
+      0xD4EFFB9C9B1CC21AL, 0x99727D26F494F7ABL, 0xA3E063A2956B3E03L,
+      0x9D4A8B9A4AA09C30L, 0x3F6AB7D500090FB4L, 0x9CC0F2A057268AC0L,
+      0x3DEE9D2DEDBF42D1L, 0x330F49C87960A972L, 0xC6B2720287421B41L,
+      0x0AC59EC07C00369CL, 0xEF4EAC49CB353425L, 0xF450244EEF0129D8L,
+      0x8ACC46E5CAF4DEB6L, 0x2FFEAB63989263F7L, 0x8F7CB9FE5D7A4578L,
+      0x5BD8F7644E634635L, 0x427A7315BF2DC900L, 0x17D0C4AA2125261CL,
+      0x3992486C93518E50L, 0xB4CBFEE0A2D7D4C3L, 0x7C75D6202C5DDD8DL,
+      0xDBC295D8E35B6C61L, 0x60B369D302032B19L, 0xCE42685FDCE44132L,
+      0x06F3DDB9DDF65610L, 0x8EA4D21DB5E148F0L, 0x20B0FCE62FCD496FL,
+      0x2C1B912358B0EE31L, 0xB28317B818F5A308L, 0xA89C1E189CA6D2CFL,
+      0x0C6B18576AAADBC8L, 0xB65DEAA91299FAE3L, 0xFB2B794B7F1027E7L,
+      0x04E4317F443B5BEBL, 0x4B852D325939D0A6L, 0xD5AE6BEEFB207FFCL,
+      0x309682B281C7D374L, 0xBAE309A194C3B475L, 0x8CC3F97B13B49F05L,
+      0x98A9422FF8293967L, 0x244B16B01076FF7CL, 0xF8BF571C663D67EEL,
+      0x1F0D6758EEE30DA1L, 0xC9B611D97ADEB9B7L, 0xB7AFD5887B6C57A2L,
+      0x6290AE846B984FE1L, 0x94DF4CDEACC1A5FDL, 0x058A5BD1C5483AFFL,
+      0x63166CC142BA3C37L, 0x8DB8526EB2F76F40L, 0xE10880036F0D6D4EL,
+      0x9E0523C9971D311DL, 0x45EC2824CC7CD691L, 0x575B8359E62382C9L,
+      0xFA9E400DC4889995L, 0xD1823ECB45721568L, 0xDAFD983B8206082FL,
+      0xAA7D29082386A8CBL, 0x269FCD4403B87588L, 0x1B91F5F728BDD1E0L,
+      0xE4669F39040201F6L, 0x7A1D7C218CF04ADEL, 0x65623C29D79CE5CEL,
+      0x2368449096C00BB1L, 0xAB9BF1879DA503BAL, 0xBC23ECB1A458058EL,
+      0x9A58DF01BB401ECCL, 0xA070E868A85F143DL, 0x4FF188307DF2239EL,
+      0x14D565B41A641183L, 0xEE13337452701602L, 0x950E3DCF3F285E09L,
+      0x59930254B9C80953L, 0x3BF299408930DA6DL, 0xA955943F53691387L,
+      0xA15EDECAA9CB8784L, 0x29142127352BE9A0L, 0x76F0371FFF4E7AFBL,
+      0x0239F450274F2228L, 0xBB073AF01D5E868BL, 0xBFC80571C10E96C1L,
+      0xD267088568222E23L, 0x9671A3D48E80B5B0L, 0x55B5D38AE193BB81L,
+      0x693AE2D0A18B04B8L, 0x5C48B4ECADD5335FL, 0xFD743B194916A1CAL,
+      0x2577018134BE98C4L, 0xE77987E83C54A4ADL, 0x28E11014DA33E1B9L,
+      0x270CC59E226AA213L, 0x71495F756D1A5F60L, 0x9BE853FB60AFEF77L,
+      0xADC786A7F7443DBFL, 0x0904456173B29A82L, 0x58BC7A66C232BD5EL,
+      0xF306558C673AC8B2L, 0x41F639C6B6C9772AL, 0x216DEFE99FDA35DAL,
+      0x11640CC71C7BE615L, 0x93C43694565C5527L, 0xEA038E6246777839L,
+      0xF9ABF3CE5A3E2469L, 0x741E768D0FD312D2L, 0x0144B883CED652C6L,
+      0xC20B5A5BA33F8552L, 0x1AE69633C3435A9DL, 0x97A28CA4088CFDECL,
+      0x8824A43C1E96F420L, 0x37612FA66EEEA746L, 0x6B4CB165F9CF0E5AL,
+      0x43AA1C06A0ABFB4AL, 0x7F4DC26FF162796BL, 0x6CBACC8E54ED9B0FL,
+      0xA6B7FFEFD2BB253EL, 0x2E25BC95B0A29D4FL, 0x86D6A58BDEF1388CL,
+      0xDED74AC576B6F054L, 0x8030BDBC2B45805DL, 0x3C81AF70E94D9289L,
+      0x3EFF6DDA9E3100DBL, 0xB38DC39FDFCC8847L, 0x123885528D17B87EL,
+      0xF2DA0ED240B1B642L, 0x44CEFADCD54BF9A9L, 0x1312200E433C7EE6L,
+      0x9FFCC84F3A78C748L, 0xF0CD1F72248576BBL, 0xEC6974053638CFE4L,
+      0x2BA7B67C0CEC4E4CL, 0xAC2F4DF3E5CE32EDL, 0xCB33D14326EA4C11L,
+      0xA4E9044CC77E58BCL, 0x5F513293D934FCEFL, 0x5DC9645506E55444L,
+      0x50DE418F317DE40AL, 0x388CB31A69DDE259L, 0x2DB4A83455820A86L,
+      0x9010A91E84711AE9L, 0x4DF7F0B7B1498371L, 0xD62A2EABC0977179L,
+      0x22FAC097AA8D5C0EL };
 
   /** S-Box T3. */
-  private static final long[] T3 = { 0xF49FCC2FF1DAF39BL, 0x487FD5C66FF29281L,
-                                    0xE8A30667FCDCA83FL, 0x2C9B4BE3D2FCCE63L,
-                                    0xDA3FF74B93FBBBC2L, 0x2FA165D2FE70BA66L,
-                                    0xA103E279970E93D4L, 0xBECDEC77B0E45E71L,
-                                    0xCFB41E723985E497L, 0xB70AAA025EF75017L,
-                                    0xD42309F03840B8E0L, 0x8EFC1AD035898579L,
-                                    0x96C6920BE2B2ABC5L, 0x66AF4163375A9172L,
-                                    0x2174ABDCCA7127FBL, 0xB33CCEA64A72FF41L,
-                                    0xF04A4933083066A5L, 0x8D970ACDD7289AF5L,
-                                    0x8F96E8E031C8C25EL, 0xF3FEC02276875D47L,
-                                    0xEC7BF310056190DDL, 0xF5ADB0AEBB0F1491L,
-                                    0x9B50F8850FD58892L, 0x4975488358B74DE8L,
-                                    0xA3354FF691531C61L, 0x0702BBE481D2C6EEL,
-                                    0x89FB24057DEDED98L, 0xAC3075138596E902L,
-                                    0x1D2D3580172772EDL, 0xEB738FC28E6BC30DL,
-                                    0x5854EF8F63044326L, 0x9E5C52325ADD3BBEL,
-                                    0x90AA53CF325C4623L, 0xC1D24D51349DD067L,
-                                    0x2051CFEEA69EA624L, 0x13220F0A862E7E4FL,
-                                    0xCE39399404E04864L, 0xD9C42CA47086FCB7L,
-                                    0x685AD2238A03E7CCL, 0x066484B2AB2FF1DBL,
-                                    0xFE9D5D70EFBF79ECL, 0x5B13B9DD9C481854L,
-                                    0x15F0D475ED1509ADL, 0x0BEBCD060EC79851L,
-                                    0xD58C6791183AB7F8L, 0xD1187C5052F3EEE4L,
-                                    0xC95D1192E54E82FFL, 0x86EEA14CB9AC6CA2L,
-                                    0x3485BEB153677D5DL, 0xDD191D781F8C492AL,
-                                    0xF60866BAA784EBF9L, 0x518F643BA2D08C74L,
-                                    0x8852E956E1087C22L, 0xA768CB8DC410AE8DL,
-                                    0x38047726BFEC8E1AL, 0xA67738B4CD3B45AAL,
-                                    0xAD16691CEC0DDE19L, 0xC6D4319380462E07L,
-                                    0xC5A5876D0BA61938L, 0x16B9FA1FA58FD840L,
-                                    0x188AB1173CA74F18L, 0xABDA2F98C99C021FL,
-                                    0x3E0580AB134AE816L, 0x5F3B05B773645ABBL,
-                                    0x2501A2BE5575F2F6L, 0x1B2F74004E7E8BA9L,
-                                    0x1CD7580371E8D953L, 0x7F6ED89562764E30L,
-                                    0xB15926FF596F003DL, 0x9F65293DA8C5D6B9L,
-                                    0x6ECEF04DD690F84CL, 0x4782275FFF33AF88L,
-                                    0xE41433083F820801L, 0xFD0DFE409A1AF9B5L,
-                                    0x4325A3342CDB396BL, 0x8AE77E62B301B252L,
-                                    0xC36F9E9F6655615AL, 0x85455A2D92D32C09L,
-                                    0xF2C7DEA949477485L, 0x63CFB4C133A39EBAL,
-                                    0x83B040CC6EBC5462L, 0x3B9454C8FDB326B0L,
-                                    0x56F56A9E87FFD78CL, 0x2DC2940D99F42BC6L,
-                                    0x98F7DF096B096E2DL, 0x19A6E01E3AD852BFL,
-                                    0x42A99CCBDBD4B40BL, 0xA59998AF45E9C559L,
-                                    0x366295E807D93186L, 0x6B48181BFAA1F773L,
-                                    0x1FEC57E2157A0A1DL, 0x4667446AF6201AD5L,
-                                    0xE615EBCACFB0F075L, 0xB8F31F4F68290778L,
-                                    0x22713ED6CE22D11EL, 0x3057C1A72EC3C93BL,
-                                    0xCB46ACC37C3F1F2FL, 0xDBB893FD02AAF50EL,
-                                    0x331FD92E600B9FCFL, 0xA498F96148EA3AD6L,
-                                    0xA8D8426E8B6A83EAL, 0xA089B274B7735CDCL,
-                                    0x87F6B3731E524A11L, 0x118808E5CBC96749L,
-                                    0x9906E4C7B19BD394L, 0xAFED7F7E9B24A20CL,
-                                    0x6509EADEEB3644A7L, 0x6C1EF1D3E8EF0EDEL,
-                                    0xB9C97D43E9798FB4L, 0xA2F2D784740C28A3L,
-                                    0x7B8496476197566FL, 0x7A5BE3E6B65F069DL,
-                                    0xF96330ED78BE6F10L, 0xEEE60DE77A076A15L,
-                                    0x2B4BEE4AA08B9BD0L, 0x6A56A63EC7B8894EL,
-                                    0x02121359BA34FEF4L, 0x4CBF99F8283703FCL,
-                                    0x398071350CAF30C8L, 0xD0A77A89F017687AL,
-                                    0xF1C1A9EB9E423569L, 0x8C7976282DEE8199L,
-                                    0x5D1737A5DD1F7ABDL, 0x4F53433C09A9FA80L,
-                                    0xFA8B0C53DF7CA1D9L, 0x3FD9DCBC886CCB77L,
-                                    0xC040917CA91B4720L, 0x7DD00142F9D1DCDFL,
-                                    0x8476FC1D4F387B58L, 0x23F8E7C5F3316503L,
-                                    0x032A2244E7E37339L, 0x5C87A5D750F5A74BL,
-                                    0x082B4CC43698992EL, 0xDF917BECB858F63CL,
-                                    0x3270B8FC5BF86DDAL, 0x10AE72BB29B5DD76L,
-                                    0x576AC94E7700362BL, 0x1AD112DAC61EFB8FL,
-                                    0x691BC30EC5FAA427L, 0xFF246311CC327143L,
-                                    0x3142368E30E53206L, 0x71380E31E02CA396L,
-                                    0x958D5C960AAD76F1L, 0xF8D6F430C16DA536L,
-                                    0xC8FFD13F1BE7E1D2L, 0x7578AE66004DDBE1L,
-                                    0x05833F01067BE646L, 0xBB34B5AD3BFE586DL,
-                                    0x095F34C9A12B97F0L, 0x247AB64525D60CA8L,
-                                    0xDCDBC6F3017477D1L, 0x4A2E14D4DECAD24DL,
-                                    0xBDB5E6D9BE0A1EEBL, 0x2A7E70F7794301ABL,
-                                    0xDEF42D8A270540FDL, 0x01078EC0A34C22C1L,
-                                    0xE5DE511AF4C16387L, 0x7EBB3A52BD9A330AL,
-                                    0x77697857AA7D6435L, 0x004E831603AE4C32L,
-                                    0xE7A21020AD78E312L, 0x9D41A70C6AB420F2L,
-                                    0x28E06C18EA1141E6L, 0xD2B28CBD984F6B28L,
-                                    0x26B75F6C446E9D83L, 0xBA47568C4D418D7FL,
-                                    0xD80BADBFE6183D8EL, 0x0E206D7F5F166044L,
-                                    0xE258A43911CBCA3EL, 0x723A1746B21DC0BCL,
-                                    0xC7CAA854F5D7CDD3L, 0x7CAC32883D261D9CL,
-                                    0x7690C26423BA942CL, 0x17E55524478042B8L,
-                                    0xE0BE477656A2389FL, 0x4D289B5E67AB2DA0L,
-                                    0x44862B9C8FBBFD31L, 0xB47CC8049D141365L,
-                                    0x822C1B362B91C793L, 0x4EB14655FB13DFD8L,
-                                    0x1ECBBA0714E2A97BL, 0x6143459D5CDE5F14L,
-                                    0x53A8FBF1D5F0AC89L, 0x97EA04D81C5E5B00L,
-                                    0x622181A8D4FDB3F3L, 0xE9BCD341572A1208L,
-                                    0x1411258643CCE58AL, 0x9144C5FEA4C6E0A4L,
-                                    0x0D33D06565CF620FL, 0x54A48D489F219CA1L,
-                                    0xC43E5EAC6D63C821L, 0xA9728B3A72770DAFL,
-                                    0xD7934E7B20DF87EFL, 0xE35503B61A3E86E5L,
-                                    0xCAE321FBC819D504L, 0x129A50B3AC60BFA6L,
-                                    0xCD5E68EA7E9FB6C3L, 0xB01C90199483B1C7L,
-                                    0x3DE93CD5C295376CL, 0xAED52EDF2AB9AD13L,
-                                    0x2E60F512C0A07884L, 0xBC3D86A3E36210C9L,
-                                    0x35269D9B163951CEL, 0x0C7D6E2AD0CDB5FAL,
-                                    0x59E86297D87F5733L, 0x298EF221898DB0E7L,
-                                    0x55000029D1A5AA7EL, 0x8BC08AE1B5061B45L,
-                                    0xC2C31C2B6C92703AL, 0x94CC596BAF25EF42L,
-                                    0x0A1D73DB22540456L, 0x04B6A0F9D9C4179AL,
-                                    0xEFFDAFA2AE3D3C60L, 0xF7C8075BB49496C4L,
-                                    0x9CC5C7141D1CD4E3L, 0x78BD1638218E5534L,
-                                    0xB2F11568F850246AL, 0xEDFABCFA9502BC29L,
-                                    0x796CE5F2DA23051BL, 0xAAE128B0DC93537CL,
-                                    0x3A493DA0EE4B29AEL, 0xB5DF6B2C416895D7L,
-                                    0xFCABBD25122D7F37L, 0x70810B58105DC4B1L,
-                                    0xE10FDD37F7882A90L, 0x524DCAB5518A3F5CL,
-                                    0x3C9E85878451255BL, 0x4029828119BD34E2L,
-                                    0x74A05B6F5D3CECCBL, 0xB610021542E13ECAL,
-                                    0x0FF979D12F59E2ACL, 0x6037DA27E4F9CC50L,
-                                    0x5E92975A0DF1847DL, 0xD66DE190D3E623FEL,
-                                    0x5032D6B87B568048L, 0x9A36B7CE8235216EL,
-                                    0x80272A7A24F64B4AL, 0x93EFED8B8C6916F7L,
-                                    0x37DDBFF44CCE1555L, 0x4B95DB5D4B99BD25L,
-                                    0x92D3FDA169812FC0L, 0xFB1A4A9A90660BB6L,
-                                    0x730C196946A4B9B2L, 0x81E289AA7F49DA68L,
-                                    0x64669A0F83B1A05FL, 0x27B3FF7D9644F48BL,
-                                    0xCC6B615C8DB675B3L, 0x674F20B9BCEBBE95L,
-                                    0x6F31238275655982L, 0x5AE488713E45CF05L,
-                                    0xBF619F9954C21157L, 0xEABAC46040A8EAE9L,
-                                    0x454C6FE9F2C0C1CDL, 0x419CF6496412691CL,
-                                    0xD3DC3BEF265B0F70L, 0x6D0E60F5C3578A9EL };
+  private static final long[] T3 = {
+      0xF49FCC2FF1DAF39BL, 0x487FD5C66FF29281L, 0xE8A30667FCDCA83FL,
+      0x2C9B4BE3D2FCCE63L, 0xDA3FF74B93FBBBC2L, 0x2FA165D2FE70BA66L,
+      0xA103E279970E93D4L, 0xBECDEC77B0E45E71L, 0xCFB41E723985E497L,
+      0xB70AAA025EF75017L, 0xD42309F03840B8E0L, 0x8EFC1AD035898579L,
+      0x96C6920BE2B2ABC5L, 0x66AF4163375A9172L, 0x2174ABDCCA7127FBL,
+      0xB33CCEA64A72FF41L, 0xF04A4933083066A5L, 0x8D970ACDD7289AF5L,
+      0x8F96E8E031C8C25EL, 0xF3FEC02276875D47L, 0xEC7BF310056190DDL,
+      0xF5ADB0AEBB0F1491L, 0x9B50F8850FD58892L, 0x4975488358B74DE8L,
+      0xA3354FF691531C61L, 0x0702BBE481D2C6EEL, 0x89FB24057DEDED98L,
+      0xAC3075138596E902L, 0x1D2D3580172772EDL, 0xEB738FC28E6BC30DL,
+      0x5854EF8F63044326L, 0x9E5C52325ADD3BBEL, 0x90AA53CF325C4623L,
+      0xC1D24D51349DD067L, 0x2051CFEEA69EA624L, 0x13220F0A862E7E4FL,
+      0xCE39399404E04864L, 0xD9C42CA47086FCB7L, 0x685AD2238A03E7CCL,
+      0x066484B2AB2FF1DBL, 0xFE9D5D70EFBF79ECL, 0x5B13B9DD9C481854L,
+      0x15F0D475ED1509ADL, 0x0BEBCD060EC79851L, 0xD58C6791183AB7F8L,
+      0xD1187C5052F3EEE4L, 0xC95D1192E54E82FFL, 0x86EEA14CB9AC6CA2L,
+      0x3485BEB153677D5DL, 0xDD191D781F8C492AL, 0xF60866BAA784EBF9L,
+      0x518F643BA2D08C74L, 0x8852E956E1087C22L, 0xA768CB8DC410AE8DL,
+      0x38047726BFEC8E1AL, 0xA67738B4CD3B45AAL, 0xAD16691CEC0DDE19L,
+      0xC6D4319380462E07L, 0xC5A5876D0BA61938L, 0x16B9FA1FA58FD840L,
+      0x188AB1173CA74F18L, 0xABDA2F98C99C021FL, 0x3E0580AB134AE816L,
+      0x5F3B05B773645ABBL, 0x2501A2BE5575F2F6L, 0x1B2F74004E7E8BA9L,
+      0x1CD7580371E8D953L, 0x7F6ED89562764E30L, 0xB15926FF596F003DL,
+      0x9F65293DA8C5D6B9L, 0x6ECEF04DD690F84CL, 0x4782275FFF33AF88L,
+      0xE41433083F820801L, 0xFD0DFE409A1AF9B5L, 0x4325A3342CDB396BL,
+      0x8AE77E62B301B252L, 0xC36F9E9F6655615AL, 0x85455A2D92D32C09L,
+      0xF2C7DEA949477485L, 0x63CFB4C133A39EBAL, 0x83B040CC6EBC5462L,
+      0x3B9454C8FDB326B0L, 0x56F56A9E87FFD78CL, 0x2DC2940D99F42BC6L,
+      0x98F7DF096B096E2DL, 0x19A6E01E3AD852BFL, 0x42A99CCBDBD4B40BL,
+      0xA59998AF45E9C559L, 0x366295E807D93186L, 0x6B48181BFAA1F773L,
+      0x1FEC57E2157A0A1DL, 0x4667446AF6201AD5L, 0xE615EBCACFB0F075L,
+      0xB8F31F4F68290778L, 0x22713ED6CE22D11EL, 0x3057C1A72EC3C93BL,
+      0xCB46ACC37C3F1F2FL, 0xDBB893FD02AAF50EL, 0x331FD92E600B9FCFL,
+      0xA498F96148EA3AD6L, 0xA8D8426E8B6A83EAL, 0xA089B274B7735CDCL,
+      0x87F6B3731E524A11L, 0x118808E5CBC96749L, 0x9906E4C7B19BD394L,
+      0xAFED7F7E9B24A20CL, 0x6509EADEEB3644A7L, 0x6C1EF1D3E8EF0EDEL,
+      0xB9C97D43E9798FB4L, 0xA2F2D784740C28A3L, 0x7B8496476197566FL,
+      0x7A5BE3E6B65F069DL, 0xF96330ED78BE6F10L, 0xEEE60DE77A076A15L,
+      0x2B4BEE4AA08B9BD0L, 0x6A56A63EC7B8894EL, 0x02121359BA34FEF4L,
+      0x4CBF99F8283703FCL, 0x398071350CAF30C8L, 0xD0A77A89F017687AL,
+      0xF1C1A9EB9E423569L, 0x8C7976282DEE8199L, 0x5D1737A5DD1F7ABDL,
+      0x4F53433C09A9FA80L, 0xFA8B0C53DF7CA1D9L, 0x3FD9DCBC886CCB77L,
+      0xC040917CA91B4720L, 0x7DD00142F9D1DCDFL, 0x8476FC1D4F387B58L,
+      0x23F8E7C5F3316503L, 0x032A2244E7E37339L, 0x5C87A5D750F5A74BL,
+      0x082B4CC43698992EL, 0xDF917BECB858F63CL, 0x3270B8FC5BF86DDAL,
+      0x10AE72BB29B5DD76L, 0x576AC94E7700362BL, 0x1AD112DAC61EFB8FL,
+      0x691BC30EC5FAA427L, 0xFF246311CC327143L, 0x3142368E30E53206L,
+      0x71380E31E02CA396L, 0x958D5C960AAD76F1L, 0xF8D6F430C16DA536L,
+      0xC8FFD13F1BE7E1D2L, 0x7578AE66004DDBE1L, 0x05833F01067BE646L,
+      0xBB34B5AD3BFE586DL, 0x095F34C9A12B97F0L, 0x247AB64525D60CA8L,
+      0xDCDBC6F3017477D1L, 0x4A2E14D4DECAD24DL, 0xBDB5E6D9BE0A1EEBL,
+      0x2A7E70F7794301ABL, 0xDEF42D8A270540FDL, 0x01078EC0A34C22C1L,
+      0xE5DE511AF4C16387L, 0x7EBB3A52BD9A330AL, 0x77697857AA7D6435L,
+      0x004E831603AE4C32L, 0xE7A21020AD78E312L, 0x9D41A70C6AB420F2L,
+      0x28E06C18EA1141E6L, 0xD2B28CBD984F6B28L, 0x26B75F6C446E9D83L,
+      0xBA47568C4D418D7FL, 0xD80BADBFE6183D8EL, 0x0E206D7F5F166044L,
+      0xE258A43911CBCA3EL, 0x723A1746B21DC0BCL, 0xC7CAA854F5D7CDD3L,
+      0x7CAC32883D261D9CL, 0x7690C26423BA942CL, 0x17E55524478042B8L,
+      0xE0BE477656A2389FL, 0x4D289B5E67AB2DA0L, 0x44862B9C8FBBFD31L,
+      0xB47CC8049D141365L, 0x822C1B362B91C793L, 0x4EB14655FB13DFD8L,
+      0x1ECBBA0714E2A97BL, 0x6143459D5CDE5F14L, 0x53A8FBF1D5F0AC89L,
+      0x97EA04D81C5E5B00L, 0x622181A8D4FDB3F3L, 0xE9BCD341572A1208L,
+      0x1411258643CCE58AL, 0x9144C5FEA4C6E0A4L, 0x0D33D06565CF620FL,
+      0x54A48D489F219CA1L, 0xC43E5EAC6D63C821L, 0xA9728B3A72770DAFL,
+      0xD7934E7B20DF87EFL, 0xE35503B61A3E86E5L, 0xCAE321FBC819D504L,
+      0x129A50B3AC60BFA6L, 0xCD5E68EA7E9FB6C3L, 0xB01C90199483B1C7L,
+      0x3DE93CD5C295376CL, 0xAED52EDF2AB9AD13L, 0x2E60F512C0A07884L,
+      0xBC3D86A3E36210C9L, 0x35269D9B163951CEL, 0x0C7D6E2AD0CDB5FAL,
+      0x59E86297D87F5733L, 0x298EF221898DB0E7L, 0x55000029D1A5AA7EL,
+      0x8BC08AE1B5061B45L, 0xC2C31C2B6C92703AL, 0x94CC596BAF25EF42L,
+      0x0A1D73DB22540456L, 0x04B6A0F9D9C4179AL, 0xEFFDAFA2AE3D3C60L,
+      0xF7C8075BB49496C4L, 0x9CC5C7141D1CD4E3L, 0x78BD1638218E5534L,
+      0xB2F11568F850246AL, 0xEDFABCFA9502BC29L, 0x796CE5F2DA23051BL,
+      0xAAE128B0DC93537CL, 0x3A493DA0EE4B29AEL, 0xB5DF6B2C416895D7L,
+      0xFCABBD25122D7F37L, 0x70810B58105DC4B1L, 0xE10FDD37F7882A90L,
+      0x524DCAB5518A3F5CL, 0x3C9E85878451255BL, 0x4029828119BD34E2L,
+      0x74A05B6F5D3CECCBL, 0xB610021542E13ECAL, 0x0FF979D12F59E2ACL,
+      0x6037DA27E4F9CC50L, 0x5E92975A0DF1847DL, 0xD66DE190D3E623FEL,
+      0x5032D6B87B568048L, 0x9A36B7CE8235216EL, 0x80272A7A24F64B4AL,
+      0x93EFED8B8C6916F7L, 0x37DDBFF44CCE1555L, 0x4B95DB5D4B99BD25L,
+      0x92D3FDA169812FC0L, 0xFB1A4A9A90660BB6L, 0x730C196946A4B9B2L,
+      0x81E289AA7F49DA68L, 0x64669A0F83B1A05FL, 0x27B3FF7D9644F48BL,
+      0xCC6B615C8DB675B3L, 0x674F20B9BCEBBE95L, 0x6F31238275655982L,
+      0x5AE488713E45CF05L, 0xBF619F9954C21157L, 0xEABAC46040A8EAE9L,
+      0x454C6FE9F2C0C1CDL, 0x419CF6496412691CL, 0xD3DC3BEF265B0F70L,
+      0x6D0E60F5C3578A9EL };
 
   /** S-Box T4. */
-  private static final long[] T4 = { 0x5B0E608526323C55L, 0x1A46C1A9FA1B59F5L,
-                                    0xA9E245A17C4C8FFAL, 0x65CA5159DB2955D7L,
-                                    0x05DB0A76CE35AFC2L, 0x81EAC77EA9113D45L,
-                                    0x528EF88AB6AC0A0DL, 0xA09EA253597BE3FFL,
-                                    0x430DDFB3AC48CD56L, 0xC4B3A67AF45CE46FL,
-                                    0x4ECECFD8FBE2D05EL, 0x3EF56F10B39935F0L,
-                                    0x0B22D6829CD619C6L, 0x17FD460A74DF2069L,
-                                    0x6CF8CC8E8510ED40L, 0xD6C824BF3A6ECAA7L,
-                                    0x61243D581A817049L, 0x048BACB6BBC163A2L,
-                                    0xD9A38AC27D44CC32L, 0x7FDDFF5BAAF410ABL,
-                                    0xAD6D495AA804824BL, 0xE1A6A74F2D8C9F94L,
-                                    0xD4F7851235DEE8E3L, 0xFD4B7F886540D893L,
-                                    0x247C20042AA4BFDAL, 0x096EA1C517D1327CL,
-                                    0xD56966B4361A6685L, 0x277DA5C31221057DL,
-                                    0x94D59893A43ACFF7L, 0x64F0C51CCDC02281L,
-                                    0x3D33BCC4FF6189DBL, 0xE005CB184CE66AF1L,
-                                    0xFF5CCD1D1DB99BEAL, 0xB0B854A7FE42980FL,
-                                    0x7BD46A6A718D4B9FL, 0xD10FA8CC22A5FD8CL,
-                                    0xD31484952BE4BD31L, 0xC7FA975FCB243847L,
-                                    0x4886ED1E5846C407L, 0x28CDDB791EB70B04L,
-                                    0xC2B00BE2F573417FL, 0x5C9590452180F877L,
-                                    0x7A6BDDFFF370EB00L, 0xCE509E38D6D9D6A4L,
-                                    0xEBEB0F00647FA702L, 0x1DCC06CF76606F06L,
-                                    0xE4D9F28BA286FF0AL, 0xD85A305DC918C262L,
-                                    0x475B1D8732225F54L, 0x2D4FB51668CCB5FEL,
-                                    0xA679B9D9D72BBA20L, 0x53841C0D912D43A5L,
-                                    0x3B7EAA48BF12A4E8L, 0x781E0E47F22F1DDFL,
-                                    0xEFF20CE60AB50973L, 0x20D261D19DFFB742L,
-                                    0x16A12B03062A2E39L, 0x1960EB2239650495L,
-                                    0x251C16FED50EB8B8L, 0x9AC0C330F826016EL,
-                                    0xED152665953E7671L, 0x02D63194A6369570L,
-                                    0x5074F08394B1C987L, 0x70BA598C90B25CE1L,
-                                    0x794A15810B9742F6L, 0x0D5925E9FCAF8C6CL,
-                                    0x3067716CD868744EL, 0x910AB077E8D7731BL,
-                                    0x6A61BBDB5AC42F61L, 0x93513EFBF0851567L,
-                                    0xF494724B9E83E9D5L, 0xE887E1985C09648DL,
-                                    0x34B1D3C675370CFDL, 0xDC35E433BC0D255DL,
-                                    0xD0AAB84234131BE0L, 0x08042A50B48B7EAFL,
-                                    0x9997C4EE44A3AB35L, 0x829A7B49201799D0L,
-                                    0x263B8307B7C54441L, 0x752F95F4FD6A6CA6L,
-                                    0x927217402C08C6E5L, 0x2A8AB754A795D9EEL,
-                                    0xA442F7552F72943DL, 0x2C31334E19781208L,
-                                    0x4FA98D7CEAEE6291L, 0x55C3862F665DB309L,
-                                    0xBD0610175D53B1F3L, 0x46FE6CB840413F27L,
-                                    0x3FE03792DF0CFA59L, 0xCFE700372EB85E8FL,
-                                    0xA7BE29E7ADBCE118L, 0xE544EE5CDE8431DDL,
-                                    0x8A781B1B41F1873EL, 0xA5C94C78A0D2F0E7L,
-                                    0x39412E2877B60728L, 0xA1265EF3AFC9A62CL,
-                                    0xBCC2770C6A2506C5L, 0x3AB66DD5DCE1CE12L,
-                                    0xE65499D04A675B37L, 0x7D8F523481BFD216L,
-                                    0x0F6F64FCEC15F389L, 0x74EFBE618B5B13C8L,
-                                    0xACDC82B714273E1DL, 0xDD40BFE003199D17L,
-                                    0x37E99257E7E061F8L, 0xFA52626904775AAAL,
-                                    0x8BBBF63A463D56F9L, 0xF0013F1543A26E64L,
-                                    0xA8307E9F879EC898L, 0xCC4C27A4150177CCL,
-                                    0x1B432F2CCA1D3348L, 0xDE1D1F8F9F6FA013L,
-                                    0x606602A047A7DDD6L, 0xD237AB64CC1CB2C7L,
-                                    0x9B938E7225FCD1D3L, 0xEC4E03708E0FF476L,
-                                    0xFEB2FBDA3D03C12DL, 0xAE0BCED2EE43889AL,
-                                    0x22CB8923EBFB4F43L, 0x69360D013CF7396DL,
-                                    0x855E3602D2D4E022L, 0x073805BAD01F784CL,
-                                    0x33E17A133852F546L, 0xDF4874058AC7B638L,
-                                    0xBA92B29C678AA14AL, 0x0CE89FC76CFAADCDL,
-                                    0x5F9D4E0908339E34L, 0xF1AFE9291F5923B9L,
-                                    0x6E3480F60F4A265FL, 0xEEBF3A2AB29B841CL,
-                                    0xE21938A88F91B4ADL, 0x57DFEFF845C6D3C3L,
-                                    0x2F006B0BF62CAAF2L, 0x62F479EF6F75EE78L,
-                                    0x11A55AD41C8916A9L, 0xF229D29084FED453L,
-                                    0x42F1C27B16B000E6L, 0x2B1F76749823C074L,
-                                    0x4B76ECA3C2745360L, 0x8C98F463B91691BDL,
-                                    0x14BCC93CF1ADE66AL, 0x8885213E6D458397L,
-                                    0x8E177DF0274D4711L, 0xB49B73B5503F2951L,
-                                    0x10168168C3F96B6BL, 0x0E3D963B63CAB0AEL,
-                                    0x8DFC4B5655A1DB14L, 0xF789F1356E14DE5CL,
-                                    0x683E68AF4E51DAC1L, 0xC9A84F9D8D4B0FD9L,
-                                    0x3691E03F52A0F9D1L, 0x5ED86E46E1878E80L,
-                                    0x3C711A0E99D07150L, 0x5A0865B20C4E9310L,
-                                    0x56FBFC1FE4F0682EL, 0xEA8D5DE3105EDF9BL,
-                                    0x71ABFDB12379187AL, 0x2EB99DE1BEE77B9CL,
-                                    0x21ECC0EA33CF4523L, 0x59A4D7521805C7A1L,
-                                    0x3896F5EB56AE7C72L, 0xAA638F3DB18F75DCL,
-                                    0x9F39358DABE9808EL, 0xB7DEFA91C00B72ACL,
-                                    0x6B5541FD62492D92L, 0x6DC6DEE8F92E4D5BL,
-                                    0x353F57ABC4BEEA7EL, 0x735769D6DA5690CEL,
-                                    0x0A234AA642391484L, 0xF6F9508028F80D9DL,
-                                    0xB8E319A27AB3F215L, 0x31AD9C1151341A4DL,
-                                    0x773C22A57BEF5805L, 0x45C7561A07968633L,
-                                    0xF913DA9E249DBE36L, 0xDA652D9B78A64C68L,
-                                    0x4C27A97F3BC334EFL, 0x76621220E66B17F4L,
-                                    0x967743899ACD7D0BL, 0xF3EE5BCAE0ED6782L,
-                                    0x409F753600C879FCL, 0x06D09A39B5926DB6L,
-                                    0x6F83AEB0317AC588L, 0x01E6CA4A86381F21L,
-                                    0x66FF3462D19F3025L, 0x72207C24DDFD3BFBL,
-                                    0x4AF6B6D3E2ECE2EBL, 0x9C994DBEC7EA08DEL,
-                                    0x49ACE597B09A8BC4L, 0xB38C4766CF0797BAL,
-                                    0x131B9373C57C2A75L, 0xB1822CCE61931E58L,
-                                    0x9D7555B909BA1C0CL, 0x127FAFDD937D11D2L,
-                                    0x29DA3BADC66D92E4L, 0xA2C1D57154C2ECBCL,
-                                    0x58C5134D82F6FE24L, 0x1C3AE3515B62274FL,
-                                    0xE907C82E01CB8126L, 0xF8ED091913E37FCBL,
-                                    0x3249D8F9C80046C9L, 0x80CF9BEDE388FB63L,
-                                    0x1881539A116CF19EL, 0x5103F3F76BD52457L,
-                                    0x15B7E6F5AE47F7A8L, 0xDBD7C6DED47E9CCFL,
-                                    0x44E55C410228BB1AL, 0xB647D4255EDB4E99L,
-                                    0x5D11882BB8AAFC30L, 0xF5098BBB29D3212AL,
-                                    0x8FB5EA14E90296B3L, 0x677B942157DD025AL,
-                                    0xFB58E7C0A390ACB5L, 0x89D3674C83BD4A01L,
-                                    0x9E2DA4DF4BF3B93BL, 0xFCC41E328CAB4829L,
-                                    0x03F38C96BA582C52L, 0xCAD1BDBD7FD85DB2L,
-                                    0xBBB442C16082AE83L, 0xB95FE86BA5DA9AB0L,
-                                    0xB22E04673771A93FL, 0x845358C9493152D8L,
-                                    0xBE2A488697B4541EL, 0x95A2DC2DD38E6966L,
-                                    0xC02C11AC923C852BL, 0x2388B1990DF2A87BL,
-                                    0x7C8008FA1B4F37BEL, 0x1F70D0C84D54E503L,
-                                    0x5490ADEC7ECE57D4L, 0x002B3C27D9063A3AL,
-                                    0x7EAEA3848030A2BFL, 0xC602326DED2003C0L,
-                                    0x83A7287D69A94086L, 0xC57A5FCB30F57A8AL,
-                                    0xB56844E479EBE779L, 0xA373B40F05DCBCE9L,
-                                    0xD71A786E88570EE2L, 0x879CBACDBDE8F6A0L,
-                                    0x976AD1BCC164A32FL, 0xAB21E25E9666D78BL,
-                                    0x901063AAE5E5C33CL, 0x9818B34448698D90L,
-                                    0xE36487AE3E1E8ABBL, 0xAFBDF931893BDCB4L,
-                                    0x6345A0DC5FBBD519L, 0x8628FE269B9465CAL,
-                                    0x1E5D01603F9C51ECL, 0x4DE44006A15049B7L,
-                                    0xBF6C70E5F776CBB1L, 0x411218F2EF552BEDL,
-                                    0xCB0C0708705A36A3L, 0xE74D14754F986044L,
-                                    0xCD56D9430EA8280EL, 0xC12591D7535F5065L,
-                                    0xC83223F1720AEF96L, 0xC3A0396F7363A51FL };
+  private static final long[] T4 = {
+      0x5B0E608526323C55L, 0x1A46C1A9FA1B59F5L, 0xA9E245A17C4C8FFAL,
+      0x65CA5159DB2955D7L, 0x05DB0A76CE35AFC2L, 0x81EAC77EA9113D45L,
+      0x528EF88AB6AC0A0DL, 0xA09EA253597BE3FFL, 0x430DDFB3AC48CD56L,
+      0xC4B3A67AF45CE46FL, 0x4ECECFD8FBE2D05EL, 0x3EF56F10B39935F0L,
+      0x0B22D6829CD619C6L, 0x17FD460A74DF2069L, 0x6CF8CC8E8510ED40L,
+      0xD6C824BF3A6ECAA7L, 0x61243D581A817049L, 0x048BACB6BBC163A2L,
+      0xD9A38AC27D44CC32L, 0x7FDDFF5BAAF410ABL, 0xAD6D495AA804824BL,
+      0xE1A6A74F2D8C9F94L, 0xD4F7851235DEE8E3L, 0xFD4B7F886540D893L,
+      0x247C20042AA4BFDAL, 0x096EA1C517D1327CL, 0xD56966B4361A6685L,
+      0x277DA5C31221057DL, 0x94D59893A43ACFF7L, 0x64F0C51CCDC02281L,
+      0x3D33BCC4FF6189DBL, 0xE005CB184CE66AF1L, 0xFF5CCD1D1DB99BEAL,
+      0xB0B854A7FE42980FL, 0x7BD46A6A718D4B9FL, 0xD10FA8CC22A5FD8CL,
+      0xD31484952BE4BD31L, 0xC7FA975FCB243847L, 0x4886ED1E5846C407L,
+      0x28CDDB791EB70B04L, 0xC2B00BE2F573417FL, 0x5C9590452180F877L,
+      0x7A6BDDFFF370EB00L, 0xCE509E38D6D9D6A4L, 0xEBEB0F00647FA702L,
+      0x1DCC06CF76606F06L, 0xE4D9F28BA286FF0AL, 0xD85A305DC918C262L,
+      0x475B1D8732225F54L, 0x2D4FB51668CCB5FEL, 0xA679B9D9D72BBA20L,
+      0x53841C0D912D43A5L, 0x3B7EAA48BF12A4E8L, 0x781E0E47F22F1DDFL,
+      0xEFF20CE60AB50973L, 0x20D261D19DFFB742L, 0x16A12B03062A2E39L,
+      0x1960EB2239650495L, 0x251C16FED50EB8B8L, 0x9AC0C330F826016EL,
+      0xED152665953E7671L, 0x02D63194A6369570L, 0x5074F08394B1C987L,
+      0x70BA598C90B25CE1L, 0x794A15810B9742F6L, 0x0D5925E9FCAF8C6CL,
+      0x3067716CD868744EL, 0x910AB077E8D7731BL, 0x6A61BBDB5AC42F61L,
+      0x93513EFBF0851567L, 0xF494724B9E83E9D5L, 0xE887E1985C09648DL,
+      0x34B1D3C675370CFDL, 0xDC35E433BC0D255DL, 0xD0AAB84234131BE0L,
+      0x08042A50B48B7EAFL, 0x9997C4EE44A3AB35L, 0x829A7B49201799D0L,
+      0x263B8307B7C54441L, 0x752F95F4FD6A6CA6L, 0x927217402C08C6E5L,
+      0x2A8AB754A795D9EEL, 0xA442F7552F72943DL, 0x2C31334E19781208L,
+      0x4FA98D7CEAEE6291L, 0x55C3862F665DB309L, 0xBD0610175D53B1F3L,
+      0x46FE6CB840413F27L, 0x3FE03792DF0CFA59L, 0xCFE700372EB85E8FL,
+      0xA7BE29E7ADBCE118L, 0xE544EE5CDE8431DDL, 0x8A781B1B41F1873EL,
+      0xA5C94C78A0D2F0E7L, 0x39412E2877B60728L, 0xA1265EF3AFC9A62CL,
+      0xBCC2770C6A2506C5L, 0x3AB66DD5DCE1CE12L, 0xE65499D04A675B37L,
+      0x7D8F523481BFD216L, 0x0F6F64FCEC15F389L, 0x74EFBE618B5B13C8L,
+      0xACDC82B714273E1DL, 0xDD40BFE003199D17L, 0x37E99257E7E061F8L,
+      0xFA52626904775AAAL, 0x8BBBF63A463D56F9L, 0xF0013F1543A26E64L,
+      0xA8307E9F879EC898L, 0xCC4C27A4150177CCL, 0x1B432F2CCA1D3348L,
+      0xDE1D1F8F9F6FA013L, 0x606602A047A7DDD6L, 0xD237AB64CC1CB2C7L,
+      0x9B938E7225FCD1D3L, 0xEC4E03708E0FF476L, 0xFEB2FBDA3D03C12DL,
+      0xAE0BCED2EE43889AL, 0x22CB8923EBFB4F43L, 0x69360D013CF7396DL,
+      0x855E3602D2D4E022L, 0x073805BAD01F784CL, 0x33E17A133852F546L,
+      0xDF4874058AC7B638L, 0xBA92B29C678AA14AL, 0x0CE89FC76CFAADCDL,
+      0x5F9D4E0908339E34L, 0xF1AFE9291F5923B9L, 0x6E3480F60F4A265FL,
+      0xEEBF3A2AB29B841CL, 0xE21938A88F91B4ADL, 0x57DFEFF845C6D3C3L,
+      0x2F006B0BF62CAAF2L, 0x62F479EF6F75EE78L, 0x11A55AD41C8916A9L,
+      0xF229D29084FED453L, 0x42F1C27B16B000E6L, 0x2B1F76749823C074L,
+      0x4B76ECA3C2745360L, 0x8C98F463B91691BDL, 0x14BCC93CF1ADE66AL,
+      0x8885213E6D458397L, 0x8E177DF0274D4711L, 0xB49B73B5503F2951L,
+      0x10168168C3F96B6BL, 0x0E3D963B63CAB0AEL, 0x8DFC4B5655A1DB14L,
+      0xF789F1356E14DE5CL, 0x683E68AF4E51DAC1L, 0xC9A84F9D8D4B0FD9L,
+      0x3691E03F52A0F9D1L, 0x5ED86E46E1878E80L, 0x3C711A0E99D07150L,
+      0x5A0865B20C4E9310L, 0x56FBFC1FE4F0682EL, 0xEA8D5DE3105EDF9BL,
+      0x71ABFDB12379187AL, 0x2EB99DE1BEE77B9CL, 0x21ECC0EA33CF4523L,
+      0x59A4D7521805C7A1L, 0x3896F5EB56AE7C72L, 0xAA638F3DB18F75DCL,
+      0x9F39358DABE9808EL, 0xB7DEFA91C00B72ACL, 0x6B5541FD62492D92L,
+      0x6DC6DEE8F92E4D5BL, 0x353F57ABC4BEEA7EL, 0x735769D6DA5690CEL,
+      0x0A234AA642391484L, 0xF6F9508028F80D9DL, 0xB8E319A27AB3F215L,
+      0x31AD9C1151341A4DL, 0x773C22A57BEF5805L, 0x45C7561A07968633L,
+      0xF913DA9E249DBE36L, 0xDA652D9B78A64C68L, 0x4C27A97F3BC334EFL,
+      0x76621220E66B17F4L, 0x967743899ACD7D0BL, 0xF3EE5BCAE0ED6782L,
+      0x409F753600C879FCL, 0x06D09A39B5926DB6L, 0x6F83AEB0317AC588L,
+      0x01E6CA4A86381F21L, 0x66FF3462D19F3025L, 0x72207C24DDFD3BFBL,
+      0x4AF6B6D3E2ECE2EBL, 0x9C994DBEC7EA08DEL, 0x49ACE597B09A8BC4L,
+      0xB38C4766CF0797BAL, 0x131B9373C57C2A75L, 0xB1822CCE61931E58L,
+      0x9D7555B909BA1C0CL, 0x127FAFDD937D11D2L, 0x29DA3BADC66D92E4L,
+      0xA2C1D57154C2ECBCL, 0x58C5134D82F6FE24L, 0x1C3AE3515B62274FL,
+      0xE907C82E01CB8126L, 0xF8ED091913E37FCBL, 0x3249D8F9C80046C9L,
+      0x80CF9BEDE388FB63L, 0x1881539A116CF19EL, 0x5103F3F76BD52457L,
+      0x15B7E6F5AE47F7A8L, 0xDBD7C6DED47E9CCFL, 0x44E55C410228BB1AL,
+      0xB647D4255EDB4E99L, 0x5D11882BB8AAFC30L, 0xF5098BBB29D3212AL,
+      0x8FB5EA14E90296B3L, 0x677B942157DD025AL, 0xFB58E7C0A390ACB5L,
+      0x89D3674C83BD4A01L, 0x9E2DA4DF4BF3B93BL, 0xFCC41E328CAB4829L,
+      0x03F38C96BA582C52L, 0xCAD1BDBD7FD85DB2L, 0xBBB442C16082AE83L,
+      0xB95FE86BA5DA9AB0L, 0xB22E04673771A93FL, 0x845358C9493152D8L,
+      0xBE2A488697B4541EL, 0x95A2DC2DD38E6966L, 0xC02C11AC923C852BL,
+      0x2388B1990DF2A87BL, 0x7C8008FA1B4F37BEL, 0x1F70D0C84D54E503L,
+      0x5490ADEC7ECE57D4L, 0x002B3C27D9063A3AL, 0x7EAEA3848030A2BFL,
+      0xC602326DED2003C0L, 0x83A7287D69A94086L, 0xC57A5FCB30F57A8AL,
+      0xB56844E479EBE779L, 0xA373B40F05DCBCE9L, 0xD71A786E88570EE2L,
+      0x879CBACDBDE8F6A0L, 0x976AD1BCC164A32FL, 0xAB21E25E9666D78BL,
+      0x901063AAE5E5C33CL, 0x9818B34448698D90L, 0xE36487AE3E1E8ABBL,
+      0xAFBDF931893BDCB4L, 0x6345A0DC5FBBD519L, 0x8628FE269B9465CAL,
+      0x1E5D01603F9C51ECL, 0x4DE44006A15049B7L, 0xBF6C70E5F776CBB1L,
+      0x411218F2EF552BEDL, 0xCB0C0708705A36A3L, 0xE74D14754F986044L,
+      0xCD56D9430EA8280EL, 0xC12591D7535F5065L, 0xC83223F1720AEF96L,
+      0xC3A0396F7363A51FL };
 
   // The cached self-test result.
   private static Boolean valid;
@@ -602,9 +436,6 @@ public class Tiger extends BaseHash
   // The context.
   private long a, b, c;
 
-  // Constructors.
-  // -----------------------------------------------------------------------
-
   /**
    * Trivial 0-arguments constructor.
    */
@@ -628,9 +459,6 @@ public class Tiger extends BaseHash
     this.buffer = (that.buffer != null) ? (byte[]) that.buffer.clone() : null;
   }
 
-  // Instance methods implementing BaseHash.
-  // -----------------------------------------------------------------------
-
   public Object clone()
   {
     return new Tiger(this);
@@ -640,42 +468,39 @@ public class Tiger extends BaseHash
   {
     if (valid == null)
       {
-        valid = Boolean.valueOf(DIGEST0.equals(Util.toString(new Tiger().digest())));
+        String d = Util.toString(new Tiger().digest());
+        valid = Boolean.valueOf(DIGEST0.equals(d));
       }
     return valid.booleanValue();
   }
 
   protected byte[] padBuffer()
   {
-    int n = (int) (count % BLOCK_SIZE);
+    int n = (int)(count % BLOCK_SIZE);
     int padding = (n < 56) ? (56 - n) : (120 - n);
     byte[] pad = new byte[padding + 8];
-
     pad[0] = 1;
     long bits = count << 3;
-
     pad[padding++] = (byte) bits;
-    pad[padding++] = (byte) (bits >>> 8);
-    pad[padding++] = (byte) (bits >>> 16);
-    pad[padding++] = (byte) (bits >>> 24);
-    pad[padding++] = (byte) (bits >>> 32);
-    pad[padding++] = (byte) (bits >>> 40);
-    pad[padding++] = (byte) (bits >>> 48);
-    pad[padding] = (byte) (bits >>> 56);
-
+    pad[padding++] = (byte)(bits >>> 8);
+    pad[padding++] = (byte)(bits >>> 16);
+    pad[padding++] = (byte)(bits >>> 24);
+    pad[padding++] = (byte)(bits >>> 32);
+    pad[padding++] = (byte)(bits >>> 40);
+    pad[padding++] = (byte)(bits >>> 48);
+    pad[padding  ] = (byte)(bits >>> 56);
     return pad;
   }
 
   protected byte[] getResult()
   {
-    return new byte[] { (byte) a, (byte) (a >>> 8), (byte) (a >>> 16),
-                       (byte) (a >>> 24), (byte) (a >>> 32), (byte) (a >>> 40),
-                       (byte) (a >>> 48), (byte) (a >>> 56), (byte) b,
-                       (byte) (b >>> 8), (byte) (b >>> 16), (byte) (b >>> 24),
-                       (byte) (b >>> 32), (byte) (b >>> 40), (byte) (b >>> 48),
-                       (byte) (b >>> 56), (byte) c, (byte) (c >>> 8),
-                       (byte) (c >>> 16), (byte) (c >>> 24), (byte) (c >>> 32),
-                       (byte) (c >>> 40), (byte) (c >>> 48), (byte) (c >>> 56) };
+    return new byte[] {
+        (byte) a,         (byte)(a >>>  8), (byte)(a >>> 16), (byte)(a >>> 24),
+        (byte)(a >>> 32), (byte)(a >>> 40), (byte)(a >>> 48), (byte)(a >>> 56),
+        (byte) b,         (byte)(b >>>  8), (byte)(b >>> 16), (byte)(b >>> 24),
+        (byte)(b >>> 32), (byte)(b >>> 40), (byte)(b >>> 48), (byte)(b >>> 56),
+        (byte) c,         (byte)(c >>>  8), (byte)(c >>> 16), (byte)(c >>> 24),
+        (byte)(c >>> 32), (byte)(c >>> 40), (byte)(c >>> 48), (byte)(c >>> 56) };
   }
 
   protected void resetContext()
@@ -688,117 +513,153 @@ public class Tiger extends BaseHash
   protected void transform(byte[] in, int offset)
   {
     long x0, x1, x2, x3, x4, x5, x6, x7;
-
-    x0 = ((long) in[offset++] & 0xFF) | ((long) (in[offset++] & 0xFF) << 8)
-         | ((long) (in[offset++] & 0xFF) << 16)
-         | ((long) (in[offset++] & 0xFF) << 24)
-         | ((long) (in[offset++] & 0xFF) << 32)
-         | ((long) (in[offset++] & 0xFF) << 40)
-         | ((long) (in[offset++] & 0xFF) << 48)
-         | ((long) (in[offset++] & 0xFF) << 56);
-    x1 = ((long) in[offset++] & 0xFF) | ((long) (in[offset++] & 0xFF) << 8)
-         | ((long) (in[offset++] & 0xFF) << 16)
-         | ((long) (in[offset++] & 0xFF) << 24)
-         | ((long) (in[offset++] & 0xFF) << 32)
-         | ((long) (in[offset++] & 0xFF) << 40)
-         | ((long) (in[offset++] & 0xFF) << 48)
-         | ((long) (in[offset++] & 0xFF) << 56);
-    x2 = ((long) in[offset++] & 0xFF) | ((long) (in[offset++] & 0xFF) << 8)
-         | ((long) (in[offset++] & 0xFF) << 16)
-         | ((long) (in[offset++] & 0xFF) << 24)
-         | ((long) (in[offset++] & 0xFF) << 32)
-         | ((long) (in[offset++] & 0xFF) << 40)
-         | ((long) (in[offset++] & 0xFF) << 48)
-         | ((long) (in[offset++] & 0xFF) << 56);
-    x3 = ((long) in[offset++] & 0xFF) | ((long) (in[offset++] & 0xFF) << 8)
-         | ((long) (in[offset++] & 0xFF) << 16)
-         | ((long) (in[offset++] & 0xFF) << 24)
-         | ((long) (in[offset++] & 0xFF) << 32)
-         | ((long) (in[offset++] & 0xFF) << 40)
-         | ((long) (in[offset++] & 0xFF) << 48)
-         | ((long) (in[offset++] & 0xFF) << 56);
-    x4 = ((long) in[offset++] & 0xFF) | ((long) (in[offset++] & 0xFF) << 8)
-         | ((long) (in[offset++] & 0xFF) << 16)
-         | ((long) (in[offset++] & 0xFF) << 24)
-         | ((long) (in[offset++] & 0xFF) << 32)
-         | ((long) (in[offset++] & 0xFF) << 40)
-         | ((long) (in[offset++] & 0xFF) << 48)
-         | ((long) (in[offset++] & 0xFF) << 56);
-    x5 = ((long) in[offset++] & 0xFF) | ((long) (in[offset++] & 0xFF) << 8)
-         | ((long) (in[offset++] & 0xFF) << 16)
-         | ((long) (in[offset++] & 0xFF) << 24)
-         | ((long) (in[offset++] & 0xFF) << 32)
-         | ((long) (in[offset++] & 0xFF) << 40)
-         | ((long) (in[offset++] & 0xFF) << 48)
-         | ((long) (in[offset++] & 0xFF) << 56);
-    x6 = ((long) in[offset++] & 0xFF) | ((long) (in[offset++] & 0xFF) << 8)
-         | ((long) (in[offset++] & 0xFF) << 16)
-         | ((long) (in[offset++] & 0xFF) << 24)
-         | ((long) (in[offset++] & 0xFF) << 32)
-         | ((long) (in[offset++] & 0xFF) << 40)
-         | ((long) (in[offset++] & 0xFF) << 48)
-         | ((long) (in[offset++] & 0xFF) << 56);
-    x7 = ((long) in[offset++] & 0xFF) | ((long) (in[offset++] & 0xFF) << 8)
-         | ((long) (in[offset++] & 0xFF) << 16)
-         | ((long) (in[offset++] & 0xFF) << 24)
-         | ((long) (in[offset++] & 0xFF) << 32)
-         | ((long) (in[offset++] & 0xFF) << 40)
-         | ((long) (in[offset++] & 0xFF) << 48)
-         | ((long) (in[offset] & 0xFF) << 56);
-
+    x0 = ((long)  in[offset++] & 0xFF)
+       | ((long) (in[offset++] & 0xFF) << 8)
+       | ((long) (in[offset++] & 0xFF) << 16)
+       | ((long) (in[offset++] & 0xFF) << 24)
+       | ((long) (in[offset++] & 0xFF) << 32)
+       | ((long) (in[offset++] & 0xFF) << 40)
+       | ((long) (in[offset++] & 0xFF) << 48)
+       | ((long) (in[offset++] & 0xFF) << 56);
+    x1 = ((long)  in[offset++] & 0xFF)
+       | ((long) (in[offset++] & 0xFF) << 8)
+       | ((long) (in[offset++] & 0xFF) << 16)
+       | ((long) (in[offset++] & 0xFF) << 24)
+       | ((long) (in[offset++] & 0xFF) << 32)
+       | ((long) (in[offset++] & 0xFF) << 40)
+       | ((long) (in[offset++] & 0xFF) << 48)
+       | ((long) (in[offset++] & 0xFF) << 56);
+    x2 = ((long)  in[offset++] & 0xFF)
+       | ((long) (in[offset++] & 0xFF) << 8)
+       | ((long) (in[offset++] & 0xFF) << 16)
+       | ((long) (in[offset++] & 0xFF) << 24)
+       | ((long) (in[offset++] & 0xFF) << 32)
+       | ((long) (in[offset++] & 0xFF) << 40)
+       | ((long) (in[offset++] & 0xFF) << 48)
+       | ((long) (in[offset++] & 0xFF) << 56);
+    x3 = ((long)  in[offset++] & 0xFF)
+       | ((long) (in[offset++] & 0xFF) << 8)
+       | ((long) (in[offset++] & 0xFF) << 16)
+       | ((long) (in[offset++] & 0xFF) << 24)
+       | ((long) (in[offset++] & 0xFF) << 32)
+       | ((long) (in[offset++] & 0xFF) << 40)
+       | ((long) (in[offset++] & 0xFF) << 48)
+       | ((long) (in[offset++] & 0xFF) << 56);
+    x4 = ((long)  in[offset++] & 0xFF)
+       | ((long) (in[offset++] & 0xFF) << 8)
+       | ((long) (in[offset++] & 0xFF) << 16)
+       | ((long) (in[offset++] & 0xFF) << 24)
+       | ((long) (in[offset++] & 0xFF) << 32)
+       | ((long) (in[offset++] & 0xFF) << 40)
+       | ((long) (in[offset++] & 0xFF) << 48)
+       | ((long) (in[offset++] & 0xFF) << 56);
+    x5 = ((long)  in[offset++] & 0xFF)
+       | ((long) (in[offset++] & 0xFF) << 8)
+       | ((long) (in[offset++] & 0xFF) << 16)
+       | ((long) (in[offset++] & 0xFF) << 24)
+       | ((long) (in[offset++] & 0xFF) << 32)
+       | ((long) (in[offset++] & 0xFF) << 40)
+       | ((long) (in[offset++] & 0xFF) << 48)
+       | ((long) (in[offset++] & 0xFF) << 56);
+    x6 = ((long)  in[offset++] & 0xFF)
+       | ((long) (in[offset++] & 0xFF) << 8)
+       | ((long) (in[offset++] & 0xFF) << 16)
+       | ((long) (in[offset++] & 0xFF) << 24)
+       | ((long) (in[offset++] & 0xFF) << 32)
+       | ((long) (in[offset++] & 0xFF) << 40)
+       | ((long) (in[offset++] & 0xFF) << 48)
+       | ((long) (in[offset++] & 0xFF) << 56);
+    x7 = ((long)  in[offset++] & 0xFF)
+       | ((long) (in[offset++] & 0xFF) << 8)
+       | ((long) (in[offset++] & 0xFF) << 16)
+       | ((long) (in[offset++] & 0xFF) << 24)
+       | ((long) (in[offset++] & 0xFF) << 32)
+       | ((long) (in[offset++] & 0xFF) << 40)
+       | ((long) (in[offset++] & 0xFF) << 48)
+       | ((long) (in[offset  ] & 0xFF) << 56);
     // save_abc ::=
     long aa = a, bb = b, cc = c;
-
     // pass(aa, bb, cc, 5) ::=
     cc ^= x0;
-    aa -= T1[(int) cc & 0xff] ^ T2[(int) (cc >> 16) & 0xff]
-          ^ T3[(int) (cc >> 32) & 0xff] ^ T4[(int) (cc >> 48) & 0xff];
-    bb += T4[(int) (cc >> 8) & 0xff] ^ T3[(int) (cc >> 24) & 0xff]
-          ^ T2[(int) (cc >> 40) & 0xff] ^ T1[(int) (cc >> 56) & 0xff];
+    aa -= T1[(int) cc        & 0xff]
+        ^ T2[(int)(cc >> 16) & 0xff]
+        ^ T3[(int)(cc >> 32) & 0xff]
+        ^ T4[(int)(cc >> 48) & 0xff];
+    bb += T4[(int)(cc >>  8) & 0xff]
+        ^ T3[(int)(cc >> 24) & 0xff]
+        ^ T2[(int)(cc >> 40) & 0xff]
+        ^ T1[(int)(cc >> 56) & 0xff];
     bb *= 5;
     aa ^= x1;
-    bb -= T1[(int) aa & 0xff] ^ T2[(int) (aa >> 16) & 0xff]
-          ^ T3[(int) (aa >> 32) & 0xff] ^ T4[(int) (aa >> 48) & 0xff];
-    cc += T4[(int) (aa >> 8) & 0xff] ^ T3[(int) (aa >> 24) & 0xff]
-          ^ T2[(int) (aa >> 40) & 0xff] ^ T1[(int) (aa >> 56) & 0xff];
+    bb -= T1[(int) aa        & 0xff]
+        ^ T2[(int)(aa >> 16) & 0xff]
+        ^ T3[(int)(aa >> 32) & 0xff]
+        ^ T4[(int)(aa >> 48) & 0xff];
+    cc += T4[(int)(aa >>  8) & 0xff]
+        ^ T3[(int)(aa >> 24) & 0xff]
+        ^ T2[(int)(aa >> 40) & 0xff]
+        ^ T1[(int)(aa >> 56) & 0xff];
     cc *= 5;
     bb ^= x2;
-    cc -= T1[(int) bb & 0xff] ^ T2[(int) (bb >> 16) & 0xff]
-          ^ T3[(int) (bb >> 32) & 0xff] ^ T4[(int) (bb >> 48) & 0xff];
-    aa += T4[(int) (bb >> 8) & 0xff] ^ T3[(int) (bb >> 24) & 0xff]
-          ^ T2[(int) (bb >> 40) & 0xff] ^ T1[(int) (bb >> 56) & 0xff];
+    cc -= T1[(int) bb        & 0xff]
+        ^ T2[(int)(bb >> 16) & 0xff]
+        ^ T3[(int)(bb >> 32) & 0xff]
+        ^ T4[(int)(bb >> 48) & 0xff];
+    aa += T4[(int)(bb >>  8) & 0xff]
+        ^ T3[(int)(bb >> 24) & 0xff]
+        ^ T2[(int)(bb >> 40) & 0xff]
+        ^ T1[(int)(bb >> 56) & 0xff];
     aa *= 5;
     cc ^= x3;
-    aa -= T1[(int) cc & 0xff] ^ T2[(int) (cc >> 16) & 0xff]
-          ^ T3[(int) (cc >> 32) & 0xff] ^ T4[(int) (cc >> 48) & 0xff];
-    bb += T4[(int) (cc >> 8) & 0xff] ^ T3[(int) (cc >> 24) & 0xff]
-          ^ T2[(int) (cc >> 40) & 0xff] ^ T1[(int) (cc >> 56) & 0xff];
+    aa -= T1[(int) cc        & 0xff]
+        ^ T2[(int)(cc >> 16) & 0xff]
+        ^ T3[(int)(cc >> 32) & 0xff]
+        ^ T4[(int)(cc >> 48) & 0xff];
+    bb += T4[(int)(cc >>  8) & 0xff]
+        ^ T3[(int)(cc >> 24) & 0xff]
+        ^ T2[(int)(cc >> 40) & 0xff]
+        ^ T1[(int)(cc >> 56) & 0xff];
     bb *= 5;
     aa ^= x4;
-    bb -= T1[(int) aa & 0xff] ^ T2[(int) (aa >> 16) & 0xff]
-          ^ T3[(int) (aa >> 32) & 0xff] ^ T4[(int) (aa >> 48) & 0xff];
-    cc += T4[(int) (aa >> 8) & 0xff] ^ T3[(int) (aa >> 24) & 0xff]
-          ^ T2[(int) (aa >> 40) & 0xff] ^ T1[(int) (aa >> 56) & 0xff];
+    bb -= T1[(int) aa        & 0xff]
+        ^ T2[(int)(aa >> 16) & 0xff]
+        ^ T3[(int)(aa >> 32) & 0xff]
+        ^ T4[(int)(aa >> 48) & 0xff];
+    cc += T4[(int)(aa >>  8) & 0xff]
+        ^ T3[(int)(aa >> 24) & 0xff]
+        ^ T2[(int)(aa >> 40) & 0xff]
+        ^ T1[(int)(aa >> 56) & 0xff];
     cc *= 5;
     bb ^= x5;
-    cc -= T1[(int) bb & 0xff] ^ T2[(int) (bb >> 16) & 0xff]
-          ^ T3[(int) (bb >> 32) & 0xff] ^ T4[(int) (bb >> 48) & 0xff];
-    aa += T4[(int) (bb >> 8) & 0xff] ^ T3[(int) (bb >> 24) & 0xff]
-          ^ T2[(int) (bb >> 40) & 0xff] ^ T1[(int) (bb >> 56) & 0xff];
+    cc -= T1[(int) bb        & 0xff]
+        ^ T2[(int)(bb >> 16) & 0xff]
+        ^ T3[(int)(bb >> 32) & 0xff]
+        ^ T4[(int)(bb >> 48) & 0xff];
+    aa += T4[(int)(bb >>  8) & 0xff]
+        ^ T3[(int)(bb >> 24) & 0xff]
+        ^ T2[(int)(bb >> 40) & 0xff]
+        ^ T1[(int)(bb >> 56) & 0xff];
     aa *= 5;
     cc ^= x6;
-    aa -= T1[(int) cc & 0xff] ^ T2[(int) (cc >> 16) & 0xff]
-          ^ T3[(int) (cc >> 32) & 0xff] ^ T4[(int) (cc >> 48) & 0xff];
-    bb += T4[(int) (cc >> 8) & 0xff] ^ T3[(int) (cc >> 24) & 0xff]
-          ^ T2[(int) (cc >> 40) & 0xff] ^ T1[(int) (cc >> 56) & 0xff];
+    aa -= T1[(int) cc        & 0xff]
+        ^ T2[(int)(cc >> 16) & 0xff]
+        ^ T3[(int)(cc >> 32) & 0xff]
+        ^ T4[(int)(cc >> 48) & 0xff];
+    bb += T4[(int)(cc >>  8) & 0xff]
+        ^ T3[(int)(cc >> 24) & 0xff]
+        ^ T2[(int)(cc >> 40) & 0xff]
+        ^ T1[(int)(cc >> 56) & 0xff];
     bb *= 5;
     aa ^= x7;
-    bb -= T1[(int) aa & 0xff] ^ T2[(int) (aa >> 16) & 0xff]
-          ^ T3[(int) (aa >> 32) & 0xff] ^ T4[(int) (aa >> 48) & 0xff];
-    cc += T4[(int) (aa >> 8) & 0xff] ^ T3[(int) (aa >> 24) & 0xff]
-          ^ T2[(int) (aa >> 40) & 0xff] ^ T1[(int) (aa >> 56) & 0xff];
+    bb -= T1[(int) aa        & 0xff]
+        ^ T2[(int)(aa >> 16) & 0xff]
+        ^ T3[(int)(aa >> 32) & 0xff]
+        ^ T4[(int)(aa >> 48) & 0xff];
+    cc += T4[(int)(aa >>  8) & 0xff]
+        ^ T3[(int)(aa >> 24) & 0xff]
+        ^ T2[(int)(aa >> 40) & 0xff]
+        ^ T1[(int)(aa >> 56) & 0xff];
     cc *= 5;
-
     // key_schedule ::=
     x0 -= x7 ^ 0xA5A5A5A5A5A5A5A5L;
     x1 ^= x0;
@@ -816,57 +677,87 @@ public class Tiger extends BaseHash
     x5 ^= x4;
     x6 += x5;
     x7 -= x6 ^ 0x0123456789ABCDEFL;
-
     // pass(cc, aa, bb, 7) ::=
     bb ^= x0;
-    cc -= T1[(int) bb & 0xff] ^ T2[(int) (bb >> 16) & 0xff]
-          ^ T3[(int) (bb >> 32) & 0xff] ^ T4[(int) (bb >> 48) & 0xff];
-    aa += T4[(int) (bb >> 8) & 0xff] ^ T3[(int) (bb >> 24) & 0xff]
-          ^ T2[(int) (bb >> 40) & 0xff] ^ T1[(int) (bb >> 56) & 0xff];
+    cc -= T1[(int) bb        & 0xff]
+        ^ T2[(int)(bb >> 16) & 0xff]
+        ^ T3[(int)(bb >> 32) & 0xff]
+        ^ T4[(int)(bb >> 48) & 0xff];
+    aa += T4[(int)(bb >>  8) & 0xff]
+        ^ T3[(int)(bb >> 24) & 0xff]
+        ^ T2[(int)(bb >> 40) & 0xff]
+        ^ T1[(int)(bb >> 56) & 0xff];
     aa *= 7;
     cc ^= x1;
-    aa -= T1[(int) cc & 0xff] ^ T2[(int) (cc >> 16) & 0xff]
-          ^ T3[(int) (cc >> 32) & 0xff] ^ T4[(int) (cc >> 48) & 0xff];
-    bb += T4[(int) (cc >> 8) & 0xff] ^ T3[(int) (cc >> 24) & 0xff]
-          ^ T2[(int) (cc >> 40) & 0xff] ^ T1[(int) (cc >> 56) & 0xff];
+    aa -= T1[(int) cc        & 0xff]
+        ^ T2[(int)(cc >> 16) & 0xff]
+        ^ T3[(int)(cc >> 32) & 0xff]
+        ^ T4[(int)(cc >> 48) & 0xff];
+    bb += T4[(int)(cc >>  8) & 0xff]
+        ^ T3[(int)(cc >> 24) & 0xff]
+        ^ T2[(int)(cc >> 40) & 0xff]
+        ^ T1[(int)(cc >> 56) & 0xff];
     bb *= 7;
     aa ^= x2;
-    bb -= T1[(int) aa & 0xff] ^ T2[(int) (aa >> 16) & 0xff]
-          ^ T3[(int) (aa >> 32) & 0xff] ^ T4[(int) (aa >> 48) & 0xff];
-    cc += T4[(int) (aa >> 8) & 0xff] ^ T3[(int) (aa >> 24) & 0xff]
-          ^ T2[(int) (aa >> 40) & 0xff] ^ T1[(int) (aa >> 56) & 0xff];
+    bb -= T1[(int) aa        & 0xff]
+        ^ T2[(int)(aa >> 16) & 0xff]
+        ^ T3[(int)(aa >> 32) & 0xff]
+        ^ T4[(int)(aa >> 48) & 0xff];
+    cc += T4[(int)(aa >>  8) & 0xff]
+        ^ T3[(int)(aa >> 24) & 0xff]
+        ^ T2[(int)(aa >> 40) & 0xff]
+        ^ T1[(int)(aa >> 56) & 0xff];
     cc *= 7;
     bb ^= x3;
-    cc -= T1[(int) bb & 0xff] ^ T2[(int) (bb >> 16) & 0xff]
-          ^ T3[(int) (bb >> 32) & 0xff] ^ T4[(int) (bb >> 48) & 0xff];
-    aa += T4[(int) (bb >> 8) & 0xff] ^ T3[(int) (bb >> 24) & 0xff]
-          ^ T2[(int) (bb >> 40) & 0xff] ^ T1[(int) (bb >> 56) & 0xff];
+    cc -= T1[(int) bb        & 0xff]
+        ^ T2[(int)(bb >> 16) & 0xff]
+        ^ T3[(int)(bb >> 32) & 0xff]
+        ^ T4[(int)(bb >> 48) & 0xff];
+    aa += T4[(int)(bb >>  8) & 0xff]
+        ^ T3[(int)(bb >> 24) & 0xff]
+        ^ T2[(int)(bb >> 40) & 0xff]
+        ^ T1[(int)(bb >> 56) & 0xff];
     aa *= 7;
     cc ^= x4;
-    aa -= T1[(int) cc & 0xff] ^ T2[(int) (cc >> 16) & 0xff]
-          ^ T3[(int) (cc >> 32) & 0xff] ^ T4[(int) (cc >> 48) & 0xff];
-    bb += T4[(int) (cc >> 8) & 0xff] ^ T3[(int) (cc >> 24) & 0xff]
-          ^ T2[(int) (cc >> 40) & 0xff] ^ T1[(int) (cc >> 56) & 0xff];
+    aa -= T1[(int) cc        & 0xff]
+        ^ T2[(int)(cc >> 16) & 0xff]
+        ^ T3[(int)(cc >> 32) & 0xff]
+        ^ T4[(int)(cc >> 48) & 0xff];
+    bb += T4[(int)(cc >>  8) & 0xff]
+        ^ T3[(int)(cc >> 24) & 0xff]
+        ^ T2[(int)(cc >> 40) & 0xff]
+        ^ T1[(int)(cc >> 56) & 0xff];
     bb *= 7;
     aa ^= x5;
-    bb -= T1[(int) aa & 0xff] ^ T2[(int) (aa >> 16) & 0xff]
-          ^ T3[(int) (aa >> 32) & 0xff] ^ T4[(int) (aa >> 48) & 0xff];
-    cc += T4[(int) (aa >> 8) & 0xff] ^ T3[(int) (aa >> 24) & 0xff]
-          ^ T2[(int) (aa >> 40) & 0xff] ^ T1[(int) (aa >> 56) & 0xff];
+    bb -= T1[(int) aa        & 0xff]
+        ^ T2[(int)(aa >> 16) & 0xff]
+        ^ T3[(int)(aa >> 32) & 0xff]
+        ^ T4[(int)(aa >> 48) & 0xff];
+    cc += T4[(int)(aa >>  8) & 0xff]
+        ^ T3[(int)(aa >> 24) & 0xff]
+        ^ T2[(int)(aa >> 40) & 0xff]
+        ^ T1[(int)(aa >> 56) & 0xff];
     cc *= 7;
     bb ^= x6;
-    cc -= T1[(int) bb & 0xff] ^ T2[(int) (bb >> 16) & 0xff]
-          ^ T3[(int) (bb >> 32) & 0xff] ^ T4[(int) (bb >> 48) & 0xff];
-    aa += T4[(int) (bb >> 8) & 0xff] ^ T3[(int) (bb >> 24) & 0xff]
-          ^ T2[(int) (bb >> 40) & 0xff] ^ T1[(int) (bb >> 56) & 0xff];
+    cc -= T1[(int) bb        & 0xff]
+        ^ T2[(int)(bb >> 16) & 0xff]
+        ^ T3[(int)(bb >> 32) & 0xff]
+        ^ T4[(int)(bb >> 48) & 0xff];
+    aa += T4[(int)(bb >>  8) & 0xff]
+        ^ T3[(int)(bb >> 24) & 0xff]
+        ^ T2[(int)(bb >> 40) & 0xff]
+        ^ T1[(int)(bb >> 56) & 0xff];
     aa *= 7;
     cc ^= x7;
-    aa -= T1[(int) cc & 0xff] ^ T2[(int) (cc >> 16) & 0xff]
-          ^ T3[(int) (cc >> 32) & 0xff] ^ T4[(int) (cc >> 48) & 0xff];
-    bb += T4[(int) (cc >> 8) & 0xff] ^ T3[(int) (cc >> 24) & 0xff]
-          ^ T2[(int) (cc >> 40) & 0xff] ^ T1[(int) (cc >> 56) & 0xff];
+    aa -= T1[(int) cc        & 0xff]
+        ^ T2[(int)(cc >> 16) & 0xff]
+        ^ T3[(int)(cc >> 32) & 0xff]
+        ^ T4[(int)(cc >> 48) & 0xff];
+    bb += T4[(int)(cc >>  8) & 0xff]
+        ^ T3[(int)(cc >> 24) & 0xff]
+        ^ T2[(int)(cc >> 40) & 0xff]
+        ^ T1[(int)(cc >> 56) & 0xff];
     bb *= 7;
-
     // key_schedule ::=
     x0 -= x7 ^ 0xA5A5A5A5A5A5A5A5L;
     x1 ^= x0;
@@ -884,57 +775,87 @@ public class Tiger extends BaseHash
     x5 ^= x4;
     x6 += x5;
     x7 -= x6 ^ 0x0123456789ABCDEFL;
-
     // pass(bb,cc,aa,9) ::=
     aa ^= x0;
-    bb -= T1[(int) aa & 0xff] ^ T2[(int) (aa >> 16) & 0xff]
-          ^ T3[(int) (aa >> 32) & 0xff] ^ T4[(int) (aa >> 48) & 0xff];
-    cc += T4[(int) (aa >> 8) & 0xff] ^ T3[(int) (aa >> 24) & 0xff]
-          ^ T2[(int) (aa >> 40) & 0xff] ^ T1[(int) (aa >> 56) & 0xff];
+    bb -= T1[(int) aa        & 0xff]
+        ^ T2[(int)(aa >> 16) & 0xff]
+        ^ T3[(int)(aa >> 32) & 0xff]
+        ^ T4[(int)(aa >> 48) & 0xff];
+    cc += T4[(int)(aa >>  8) & 0xff]
+        ^ T3[(int)(aa >> 24) & 0xff]
+        ^ T2[(int)(aa >> 40) & 0xff]
+        ^ T1[(int)(aa >> 56) & 0xff];
     cc *= 9;
     bb ^= x1;
-    cc -= T1[(int) bb & 0xff] ^ T2[(int) (bb >> 16) & 0xff]
-          ^ T3[(int) (bb >> 32) & 0xff] ^ T4[(int) (bb >> 48) & 0xff];
-    aa += T4[(int) (bb >> 8) & 0xff] ^ T3[(int) (bb >> 24) & 0xff]
-          ^ T2[(int) (bb >> 40) & 0xff] ^ T1[(int) (bb >> 56) & 0xff];
+    cc -= T1[(int) bb        & 0xff]
+        ^ T2[(int)(bb >> 16) & 0xff]
+        ^ T3[(int)(bb >> 32) & 0xff]
+        ^ T4[(int)(bb >> 48) & 0xff];
+    aa += T4[(int)(bb >>  8) & 0xff]
+        ^ T3[(int)(bb >> 24) & 0xff]
+        ^ T2[(int)(bb >> 40) & 0xff]
+        ^ T1[(int)(bb >> 56) & 0xff];
     aa *= 9;
     cc ^= x2;
-    aa -= T1[(int) cc & 0xff] ^ T2[(int) (cc >> 16) & 0xff]
-          ^ T3[(int) (cc >> 32) & 0xff] ^ T4[(int) (cc >> 48) & 0xff];
-    bb += T4[(int) (cc >> 8) & 0xff] ^ T3[(int) (cc >> 24) & 0xff]
-          ^ T2[(int) (cc >> 40) & 0xff] ^ T1[(int) (cc >> 56) & 0xff];
+    aa -= T1[(int) cc        & 0xff]
+        ^ T2[(int)(cc >> 16) & 0xff]
+        ^ T3[(int)(cc >> 32) & 0xff]
+        ^ T4[(int)(cc >> 48) & 0xff];
+    bb += T4[(int)(cc >>  8) & 0xff]
+        ^ T3[(int)(cc >> 24) & 0xff]
+        ^ T2[(int)(cc >> 40) & 0xff]
+        ^ T1[(int)(cc >> 56) & 0xff];
     bb *= 9;
     aa ^= x3;
-    bb -= T1[(int) aa & 0xff] ^ T2[(int) (aa >> 16) & 0xff]
-          ^ T3[(int) (aa >> 32) & 0xff] ^ T4[(int) (aa >> 48) & 0xff];
-    cc += T4[(int) (aa >> 8) & 0xff] ^ T3[(int) (aa >> 24) & 0xff]
-          ^ T2[(int) (aa >> 40) & 0xff] ^ T1[(int) (aa >> 56) & 0xff];
+    bb -= T1[(int) aa        & 0xff]
+        ^ T2[(int)(aa >> 16) & 0xff]
+        ^ T3[(int)(aa >> 32) & 0xff]
+        ^ T4[(int)(aa >> 48) & 0xff];
+    cc += T4[(int)(aa >>  8) & 0xff]
+        ^ T3[(int)(aa >> 24) & 0xff]
+        ^ T2[(int)(aa >> 40) & 0xff]
+        ^ T1[(int)(aa >> 56) & 0xff];
     cc *= 9;
     bb ^= x4;
-    cc -= T1[(int) bb & 0xff] ^ T2[(int) (bb >> 16) & 0xff]
-          ^ T3[(int) (bb >> 32) & 0xff] ^ T4[(int) (bb >> 48) & 0xff];
-    aa += T4[(int) (bb >> 8) & 0xff] ^ T3[(int) (bb >> 24) & 0xff]
-          ^ T2[(int) (bb >> 40) & 0xff] ^ T1[(int) (bb >> 56) & 0xff];
+    cc -= T1[(int) bb        & 0xff]
+        ^ T2[(int)(bb >> 16) & 0xff]
+        ^ T3[(int)(bb >> 32) & 0xff]
+        ^ T4[(int)(bb >> 48) & 0xff];
+    aa += T4[(int)(bb >>  8) & 0xff]
+        ^ T3[(int)(bb >> 24) & 0xff]
+        ^ T2[(int)(bb >> 40) & 0xff]
+        ^ T1[(int)(bb >> 56) & 0xff];
     aa *= 9;
     cc ^= x5;
-    aa -= T1[(int) cc & 0xff] ^ T2[(int) (cc >> 16) & 0xff]
-          ^ T3[(int) (cc >> 32) & 0xff] ^ T4[(int) (cc >> 48) & 0xff];
-    bb += T4[(int) (cc >> 8) & 0xff] ^ T3[(int) (cc >> 24) & 0xff]
-          ^ T2[(int) (cc >> 40) & 0xff] ^ T1[(int) (cc >> 56) & 0xff];
+    aa -= T1[(int) cc        & 0xff]
+        ^ T2[(int)(cc >> 16) & 0xff]
+        ^ T3[(int)(cc >> 32) & 0xff]
+        ^ T4[(int)(cc >> 48) & 0xff];
+    bb += T4[(int)(cc >>  8) & 0xff]
+        ^ T3[(int)(cc >> 24) & 0xff]
+        ^ T2[(int)(cc >> 40) & 0xff]
+        ^ T1[(int)(cc >> 56) & 0xff];
     bb *= 9;
     aa ^= x6;
-    bb -= T1[(int) aa & 0xff] ^ T2[(int) (aa >> 16) & 0xff]
-          ^ T3[(int) (aa >> 32) & 0xff] ^ T4[(int) (aa >> 48) & 0xff];
-    cc += T4[(int) (aa >> 8) & 0xff] ^ T3[(int) (aa >> 24) & 0xff]
-          ^ T2[(int) (aa >> 40) & 0xff] ^ T1[(int) (aa >> 56) & 0xff];
+    bb -= T1[(int) aa        & 0xff]
+        ^ T2[(int)(aa >> 16) & 0xff]
+        ^ T3[(int)(aa >> 32) & 0xff]
+        ^ T4[(int)(aa >> 48) & 0xff];
+    cc += T4[(int)(aa >>  8) & 0xff]
+        ^ T3[(int)(aa >> 24) & 0xff]
+        ^ T2[(int)(aa >> 40) & 0xff]
+        ^ T1[(int)(aa >> 56) & 0xff];
     cc *= 9;
     bb ^= x7;
-    cc -= T1[(int) bb & 0xff] ^ T2[(int) (bb >> 16) & 0xff]
-          ^ T3[(int) (bb >> 32) & 0xff] ^ T4[(int) (bb >> 48) & 0xff];
-    aa += T4[(int) (bb >> 8) & 0xff] ^ T3[(int) (bb >> 24) & 0xff]
-          ^ T2[(int) (bb >> 40) & 0xff] ^ T1[(int) (bb >> 56) & 0xff];
+    cc -= T1[(int) bb        & 0xff]
+        ^ T2[(int)(bb >> 16) & 0xff]
+        ^ T3[(int)(bb >> 32) & 0xff]
+        ^ T4[(int)(bb >> 48) & 0xff];
+    aa += T4[(int)(bb >>  8) & 0xff]
+        ^ T3[(int)(bb >> 24) & 0xff]
+        ^ T2[(int)(bb >> 40) & 0xff]
+        ^ T1[(int)(bb >> 56) & 0xff];
     aa *= 9;
-
     // feedforward ::=
     a ^= aa;
     b = bb - b;
diff --git a/libjava/classpath/gnu/java/security/hash/Whirlpool.java b/libjava/classpath/gnu/java/security/hash/Whirlpool.java
index b10fa53cd7f..89df5c51bf3 100644
--- a/libjava/classpath/gnu/java/security/hash/Whirlpool.java
+++ b/libjava/classpath/gnu/java/security/hash/Whirlpool.java
@@ -38,9 +38,12 @@ exception statement from your version.  */
 
 package gnu.java.security.hash;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.Registry;
 import gnu.java.security.util.Util;
 
+import java.util.logging.Logger;
+
 /**
  * Whirlpool, a new 512-bit hashing function operating on messages less than
  * 2 ** 256 bits in length. The function structure is designed according to the
@@ -59,18 +62,10 @@ import gnu.java.security.util.Util;
  *    <a href="mailto:vincent.rijmen@iaik.tugraz.at">Vincent Rijmen</a>.</li>
  * </ol>
  */
-public final class Whirlpool extends BaseHash
+public final class Whirlpool
+    extends BaseHash
 {
-  // Debugging methods and variables
-  // -------------------------------------------------------------------------
-
-  private static final boolean DEBUG = false;
-
-  private static final int debuglevel = 3;
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
+  private static final Logger log = Logger.getLogger(Whirlpool.class.getName());
   private static final int BLOCK_SIZE = 64; // inner block size in bytes
 
   /** The digest of the 0-bit long message. */
@@ -83,22 +78,22 @@ public final class Whirlpool extends BaseHash
 
   /** Whirlpool S-box; p. 19. */
   private static final String S_box = // p. 19 [WHIRLPOOL]
-      "\u1823\uc6E8\u87B8\u014F\u36A6\ud2F5\u796F\u9152" +
-      "\u60Bc\u9B8E\uA30c\u7B35\u1dE0\ud7c2\u2E4B\uFE57" +
-      "\u1577\u37E5\u9FF0\u4AdA\u58c9\u290A\uB1A0\u6B85" +
-      "\uBd5d\u10F4\ucB3E\u0567\uE427\u418B\uA77d\u95d8" +
-      "\uFBEE\u7c66\udd17\u479E\ucA2d\uBF07\uAd5A\u8333" +
-      "\u6302\uAA71\uc819\u49d9\uF2E3\u5B88\u9A26\u32B0" +
-      "\uE90F\ud580\uBEcd\u3448\uFF7A\u905F\u2068\u1AAE" +
-      "\uB454\u9322\u64F1\u7312\u4008\uc3Ec\udBA1\u8d3d" +
-      "\u9700\ucF2B\u7682\ud61B\uB5AF\u6A50\u45F3\u30EF" +
-      "\u3F55\uA2EA\u65BA\u2Fc0\udE1c\uFd4d\u9275\u068A" +
-      "\uB2E6\u0E1F\u62d4\uA896\uF9c5\u2559\u8472\u394c" +
-      "\u5E78\u388c\ud1A5\uE261\uB321\u9c1E\u43c7\uFc04" +
-      "\u5199\u6d0d\uFAdF\u7E24\u3BAB\ucE11\u8F4E\uB7EB" +
-      "\u3c81\u94F7\uB913\u2cd3\uE76E\uc403\u5644\u7FA9" +
-      "\u2ABB\uc153\udc0B\u9d6c\u3174\uF646\uAc89\u14E1" +
-      "\u163A\u6909\u70B6\ud0Ed\ucc42\u98A4\u285c\uF886";
+      "\u1823\uc6E8\u87B8\u014F\u36A6\ud2F5\u796F\u9152"
+    + "\u60Bc\u9B8E\uA30c\u7B35\u1dE0\ud7c2\u2E4B\uFE57"
+    + "\u1577\u37E5\u9FF0\u4AdA\u58c9\u290A\uB1A0\u6B85"
+    + "\uBd5d\u10F4\ucB3E\u0567\uE427\u418B\uA77d\u95d8"
+    + "\uFBEE\u7c66\udd17\u479E\ucA2d\uBF07\uAd5A\u8333"
+    + "\u6302\uAA71\uc819\u49d9\uF2E3\u5B88\u9A26\u32B0"
+    + "\uE90F\ud580\uBEcd\u3448\uFF7A\u905F\u2068\u1AAE"
+    + "\uB454\u9322\u64F1\u7312\u4008\uc3Ec\udBA1\u8d3d"
+    + "\u9700\ucF2B\u7682\ud61B\uB5AF\u6A50\u45F3\u30EF"
+    + "\u3F55\uA2EA\u65BA\u2Fc0\udE1c\uFd4d\u9275\u068A"
+    + "\uB2E6\u0E1F\u62d4\uA896\uF9c5\u2559\u8472\u394c"
+    + "\u5E78\u388c\ud1A5\uE261\uB321\u9c1E\u43c7\uFc04"
+    + "\u5199\u6d0d\uFAdF\u7E24\u3BAB\ucE11\u8F4E\uB7EB"
+    + "\u3c81\u94F7\uB913\u2cd3\uE76E\uc403\u5644\u7FA9"
+    + "\u2ABB\uc153\udc0B\u9d6c\u3174\uF646\uAc89\u14E1"
+    + "\u163A\u6909\u70B6\ud0Ed\ucc42\u98A4\u285c\uF886";
 
   /** The 64-bit lookup tables; section 7.1 p. 13. */
   private static final long[] T0 = new long[256];
@@ -130,12 +125,9 @@ public final class Whirlpool extends BaseHash
   /** work area for holding block cipher's intermediate values. */
   private long w0, w1, w2, w3, w4, w5, w6, w7;
 
-  // Static code - to intialise lookup tables --------------------------------
-
   static
     {
       long time = System.currentTimeMillis();
-
       int ROOT = 0x11D; // para. 2.1 [WHIRLPOOL]
       int i, r, j;
       long s1, s2, s4, s5, s8, s9, t;
@@ -171,7 +163,6 @@ public final class Whirlpool extends BaseHash
           T6[i] = t >>> 48 | t << 16;
           T7[i] = t >>> 56 | t <<  8;
         }
-
       for (r = 0, i = 0; r < R; )
         rc[r++] = (T0[i++] & 0xFF00000000000000L)
                 ^ (T1[i++] & 0x00FF000000000000L)
@@ -181,103 +172,91 @@ public final class Whirlpool extends BaseHash
                 ^ (T5[i++] & 0x0000000000FF0000L)
                 ^ (T6[i++] & 0x000000000000FF00L)
                 ^ (T7[i++] & 0x00000000000000FFL);
-
       time = System.currentTimeMillis() - time;
-      if (DEBUG && debuglevel > 8)
+      if (Configuration.DEBUG)
         {
-          System.out.println("==========");
-          System.out.println();
-          System.out.println("Static data");
-          System.out.println();
-          
-          System.out.println();
-          System.out.println("T0[]:");
+          log.fine("Static data");
+          log.fine("T0[]:");
+          StringBuilder sb;
           for (i = 0; i < 64; i++)
             {
+              sb = new StringBuilder();
               for (j = 0; j < 4; j++)
-                System.out.print("0x" + Util.toString(T0[i * 4 + j]) + ", ");
+                sb.append("0x").append(Util.toString(T0[i * 4 + j])).append(", ");
 
-              System.out.println();
+              log.fine(sb.toString());
             }
-          System.out.println();
-          System.out.println("T1[]:");
+          log.fine("T1[]:");
           for (i = 0; i < 64; i++)
             {
+              sb = new StringBuilder();
               for (j = 0; j < 4; j++)
-                System.out.print("0x" + Util.toString(T1[i * 4 + j]) + ", ");
+                sb.append("0x").append(Util.toString(T1[i * 4 + j])).append(", ");
 
-              System.out.println();
+              log.fine(sb.toString());
             }
-          System.out.println();
-          System.out.println("T2[]:");
+          log.fine("T2[]:");
           for (i = 0; i < 64; i++)
             {
+              sb = new StringBuilder();
               for (j = 0; j < 4; j++)
-                System.out.print("0x" + Util.toString(T2[i * 4 + j]) + ", ");
+                sb.append("0x").append(Util.toString(T2[i * 4 + j])).append(", ");
 
-              System.out.println();
+              log.fine(sb.toString());
             }
-          System.out.println();
-          System.out.println("T3[]:");
+          log.fine("T3[]:");
           for (i = 0; i < 64; i++)
             {
+              sb = new StringBuilder();
               for (j = 0; j < 4; j++)
-                System.out.print("0x" + Util.toString(T3[i * 4 + j]) + ", ");
+                sb.append("0x").append(Util.toString(T3[i * 4 + j])).append(", ");
 
-              System.out.println();
+              log.fine(sb.toString());
             }
-          System.out.println();
-          System.out.println("T4[]:");
+          log.fine("\nT4[]:");
           for (i = 0; i < 64; i++)
             {
+              sb = new StringBuilder();
               for (j = 0; j < 4; j++)
-                System.out.print("0x" + Util.toString(T4[i * 4 + j]) + ", ");
+                sb.append("0x").append(Util.toString(T4[i * 4 + j])).append(", ");
 
-              System.out.println();
+              log.fine(sb.toString());
             }
-          System.out.println();
-          System.out.println("T5[]:");
+          log.fine("T5[]:");
           for (i = 0; i < 64; i++)
             {
+              sb = new StringBuilder();
               for (j = 0; j < 4; j++)
-                System.out.print("0x" + Util.toString(T5[i * 4 + j]) + ", ");
+                sb.append("0x").append(Util.toString(T5[i * 4 + j])).append(", ");
 
-              System.out.println();
+              log.fine(sb.toString());
             }
-          System.out.println();
-          System.out.println("T6[]:");
+          log.fine("T6[]:");
           for (i = 0; i < 64; i++)
             {
+              sb = new StringBuilder();
               for (j = 0; j < 4; j++)
-                System.out.print("0x" + Util.toString(T5[i * 4 + j]) + ", ");
+                sb.append("0x").append(Util.toString(T5[i * 4 + j])).append(", ");
 
-              System.out.println();
+              log.fine(sb.toString());
             }
-          System.out.println();
-          System.out.println("T7[]:");
+          log.fine("T7[]:");
           for (i = 0; i < 64; i++)
             {
+              sb = new StringBuilder();
               for (j = 0; j < 4; j++)
-                System.out.print("0x" + Util.toString(T5[i * 4 + j]) + ", ");
+                sb.append("0x").append(Util.toString(T5[i * 4 + j])).append(", ");
 
-              System.out.println();
+              log.fine(sb.toString());
             }
-          System.out.println();
-          System.out.println("rc[]:");
+          log.fine("rc[]:");
           for (i = 0; i < R; i++)
-            System.out.println("0x" + Util.toString(rc[i]));
-
-          System.out.println();
+            log.fine("0x" + Util.toString(rc[i]));
 
-          System.out.println();
-          System.out.println("Total initialization time: " + time + " ms.");
-          System.out.println();
+          log.fine("Total initialization time: " + time + " ms.");
         }
     }
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial 0-arguments constructor. */
   public Whirlpool()
   {
@@ -285,7 +264,7 @@ public final class Whirlpool extends BaseHash
   }
 
   /**
-   * <p>Private constructor for cloning purposes.</p>
+   * Private constructor for cloning purposes.
    *
    * @param md the instance to clone.
    */
@@ -305,21 +284,11 @@ public final class Whirlpool extends BaseHash
     this.buffer = (byte[]) md.buffer.clone();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.lang.Cloneable interface implementation ----------------------------
-
   public Object clone()
   {
     return (new Whirlpool(this));
   }
 
-  // Implementation of concrete methods in BaseHash --------------------------
-
   protected void transform(byte[] in, int offset)
   {
     // apply mu to the input
@@ -387,7 +356,6 @@ public final class Whirlpool extends BaseHash
        | (in[offset++] & 0xFFL) << 16
        | (in[offset++] & 0xFFL) <<  8
        | (in[offset++] & 0xFFL);
-
     // transform K into the key schedule Kr; 0 <= r <= R
     k00 = H0;
     k01 = H1;
@@ -397,7 +365,6 @@ public final class Whirlpool extends BaseHash
     k05 = H5;
     k06 = H6;
     k07 = H7;
-
     nn0 = n0 ^ k00;
     nn1 = n1 ^ k01;
     nn2 = n2 ^ k02;
@@ -406,10 +373,8 @@ public final class Whirlpool extends BaseHash
     nn5 = n5 ^ k05;
     nn6 = n6 ^ k06;
     nn7 = n7 ^ k07;
-
     // intermediate cipher output
     w0 = w1 = w2 = w3 = w4 = w5 = w6 = w7 = 0L;
-
     for (int r = 0; r < R; r++)
       {
         // 1. compute intermediate round key schedule by applying ro[rc]
@@ -478,7 +443,6 @@ public final class Whirlpool extends BaseHash
             ^ T5[(int)((k02 >> 16) & 0xFFL)]
             ^ T6[(int)((k01 >>  8) & 0xFFL)]
             ^ T7[(int)( k00        & 0xFFL)];
-
         k00 = Kr0;
         k01 = Kr1;
         k02 = Kr2;
@@ -487,7 +451,6 @@ public final class Whirlpool extends BaseHash
         k05 = Kr5;
         k06 = Kr6;
         k07 = Kr7;
-
         // 2. incrementally compute the cipher output
         w0 = T0[(int)((nn0 >> 56) & 0xFFL)]
            ^ T1[(int)((nn7 >> 48) & 0xFFL)]
@@ -553,7 +516,6 @@ public final class Whirlpool extends BaseHash
            ^ T5[(int)((nn2 >> 16) & 0xFFL)]
            ^ T6[(int)((nn1 >>  8) & 0xFFL)]
            ^ T7[(int)( nn0        & 0xFFL)] ^ Kr7;
-
         nn0 = w0;
         nn1 = w1;
         nn2 = w2;
@@ -563,7 +525,6 @@ public final class Whirlpool extends BaseHash
         nn6 = w6;
         nn7 = w7;
       }
-
     // apply the Miyaguchi-Preneel hash scheme
     H0 ^= w0 ^ n0;
     H1 ^= w1 ^ n1;
@@ -588,12 +549,9 @@ public final class Whirlpool extends BaseHash
     //		count + 33 + padding = 0 (mod BLOCK_SIZE)
     int n = (int)((count + 33) % BLOCK_SIZE);
     int padding = n == 0 ? 33 : BLOCK_SIZE - n + 33;
-
     byte[] result = new byte[padding];
-
     // padding is always binary 1 followed by binary 0s
     result[0] = (byte) 0x80;
-
     // save (right justified) the number of bits hashed
     long bits = count * 8;
     int i = padding - 8;
@@ -605,14 +563,13 @@ public final class Whirlpool extends BaseHash
     result[i++] = (byte)(bits >>> 16);
     result[i++] = (byte)(bits >>>  8);
     result[i  ] = (byte) bits;
-
     return result;
   }
 
   protected byte[] getResult()
   {
     // apply inverse mu to the context
-    byte[] result = new byte[] {
+    return new byte[] {
       (byte)(H0 >>> 56), (byte)(H0 >>> 48), (byte)(H0 >>> 40), (byte)(H0 >>> 32),
       (byte)(H0 >>> 24), (byte)(H0 >>> 16), (byte)(H0 >>>  8), (byte) H0,
       (byte)(H1 >>> 56), (byte)(H1 >>> 48), (byte)(H1 >>> 40), (byte)(H1 >>> 32),
@@ -628,10 +585,8 @@ public final class Whirlpool extends BaseHash
       (byte)(H6 >>> 56), (byte)(H6 >>> 48), (byte)(H6 >>> 40), (byte)(H6 >>> 32),
       (byte)(H6 >>> 24), (byte)(H6 >>> 16), (byte)(H6 >>>  8), (byte) H6,
       (byte)(H7 >>> 56), (byte)(H7 >>> 48), (byte)(H7 >>> 40), (byte)(H7 >>> 32),
-      (byte)(H7 >>> 24), (byte)(H7 >>> 16), (byte)(H7 >>>  8), (byte) H7
-    };
+      (byte)(H7 >>> 24), (byte)(H7 >>> 16), (byte)(H7 >>>  8), (byte) H7 };
 
-    return result;
   }
 
   protected void resetContext()
@@ -642,8 +597,10 @@ public final class Whirlpool extends BaseHash
   public boolean selfTest()
   {
     if (valid == null)
-      valid = Boolean.valueOf(DIGEST0.equals(Util.toString(new Whirlpool().digest())));
-
+      {
+        String d = Util.toString(new Whirlpool().digest());
+        valid = Boolean.valueOf(DIGEST0.equals(d));
+      }
     return valid.booleanValue();
   }
 }
diff --git a/libjava/classpath/gnu/java/security/jce/hash/HavalSpi.java b/libjava/classpath/gnu/java/security/jce/hash/HavalSpi.java
index 05595edeae8..159ba3dd8ff 100644
--- a/libjava/classpath/gnu/java/security/jce/hash/HavalSpi.java
+++ b/libjava/classpath/gnu/java/security/jce/hash/HavalSpi.java
@@ -41,26 +41,14 @@ package gnu.java.security.jce.hash;
 import gnu.java.security.Registry;
 
 /**
- * The implementation of the <code>HAVAL</code> <i>Service Provider Interface</i>
- * (<b>SPI</b>) Adapter.<p>
+ * The implementation of the HAVAL <i>Service Provider Interface</i>
+ * (<b>SPI</b>) adapter.
  */
-public class HavalSpi extends MessageDigestAdapter
+public class HavalSpi
+    extends MessageDigestAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public HavalSpi()
   {
     super(Registry.HAVAL_HASH);
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/java/security/jce/hash/MD2Spi.java b/libjava/classpath/gnu/java/security/jce/hash/MD2Spi.java
index 001cbaf3c8e..268f2fa6941 100644
--- a/libjava/classpath/gnu/java/security/jce/hash/MD2Spi.java
+++ b/libjava/classpath/gnu/java/security/jce/hash/MD2Spi.java
@@ -41,27 +41,15 @@ package gnu.java.security.jce.hash;
 import gnu.java.security.Registry;
 
 /**
- * <p>The implementation of the MD2 <i>Service Provider Interface</i>
- * (<b>SPI</b>) adapter.</p>
+ * The implementation of the MD2 <i>Service Provider Interface</i> (<b>SPI</b>)
+ * adapter.
  */
-public class MD2Spi extends MessageDigestAdapter
+public class MD2Spi
+    extends MessageDigestAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial 0-arguments constructor. */
   public MD2Spi()
   {
     super(Registry.MD2_HASH);
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/java/security/jce/hash/MD4Spi.java b/libjava/classpath/gnu/java/security/jce/hash/MD4Spi.java
index 41fef87bf38..c050ef2df7f 100644
--- a/libjava/classpath/gnu/java/security/jce/hash/MD4Spi.java
+++ b/libjava/classpath/gnu/java/security/jce/hash/MD4Spi.java
@@ -41,27 +41,15 @@ package gnu.java.security.jce.hash;
 import gnu.java.security.Registry;
 
 /**
- * <p>The implementation of the MD4 <i>Service Provider Interface</i>
- * (<b>SPI</b>) adapter.</p>
+ * The implementation of the MD4 <i>Service Provider Interface</i> (<b>SPI</b>)
+ * adapter.
  */
-public class MD4Spi extends MessageDigestAdapter
+public class MD4Spi
+    extends MessageDigestAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial 0-arguments constructor. */
   public MD4Spi()
   {
     super(Registry.MD4_HASH);
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/java/security/jce/hash/MD5Spi.java b/libjava/classpath/gnu/java/security/jce/hash/MD5Spi.java
index aa1a8844e36..6297416940e 100644
--- a/libjava/classpath/gnu/java/security/jce/hash/MD5Spi.java
+++ b/libjava/classpath/gnu/java/security/jce/hash/MD5Spi.java
@@ -42,25 +42,13 @@ import gnu.java.security.Registry;
 
 /**
  * The implementation of the MD5 <i>Service Provider Interface</i> (<b>SPI</b>)
- * adapter.<p>
+ * adapter.
  */
-public class MD5Spi extends MessageDigestAdapter
+public class MD5Spi
+    extends MessageDigestAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public MD5Spi()
   {
     super(Registry.MD5_HASH);
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/java/security/jce/hash/MessageDigestAdapter.java b/libjava/classpath/gnu/java/security/jce/hash/MessageDigestAdapter.java
index e30beca3df3..7342ee55123 100644
--- a/libjava/classpath/gnu/java/security/jce/hash/MessageDigestAdapter.java
+++ b/libjava/classpath/gnu/java/security/jce/hash/MessageDigestAdapter.java
@@ -46,35 +46,30 @@ import java.security.MessageDigestSpi;
 
 /**
  * The implementation of a generic {@link java.security.MessageDigest} adapter
- * class to wrap gnu.crypto hash instances.<p>
- *
- * This class defines the <i>Service Provider Interface</i> (<b>SPI</b>) for the
- * {@link java.security.MessageDigest} class, which provides the functionality
- * of a message digest algorithm, such as MD5 or SHA. Message digests are secure
- * one-way hash functions that take arbitrary-sized data and output a fixed-
- * length hash value.<p>
- *
- * All the abstract methods in the {@link java.security.MessageDigestSpi} class
- * are implemented by this class and all its sub-classes.<p>
- *
+ * class to wrap GNU hash instances.
+ * <p>
+ * This class defines the <i>Service Provider Interface</i> (<b>SPI</b>) for
+ * the {@link java.security.MessageDigest} class, which provides the
+ * functionality of a message digest algorithm, such as MD5 or SHA. Message
+ * digests are secure one-way hash functions that take arbitrary-sized data and
+ * output a fixed-length hash value.
+ * <p>
+ * All the abstract methods in the {@link MessageDigestSpi} class are
+ * implemented by this class and all its sub-classes.
+ * <p>
  * All the implementations which subclass this object, and which are serviced by
- * the GNU Crypto provider implement the {@link java.lang.Cloneable} interface.<p>
+ * the GNU provider implement the {@link Cloneable} interface.
  */
-class MessageDigestAdapter extends MessageDigestSpi implements Cloneable
+class MessageDigestAdapter
+    extends MessageDigestSpi
+    implements Cloneable
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** Our underlying hash instance. */
   private IMessageDigest adaptee;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
    * Trivial protected constructor.
-   *
+   * 
    * @param mdName the canonical name of the hash algorithm.
    */
   protected MessageDigestAdapter(String mdName)
@@ -84,7 +79,7 @@ class MessageDigestAdapter extends MessageDigestSpi implements Cloneable
 
   /**
    * Private constructor for cloning purposes.
-   *
+   * 
    * @param adaptee a clone of the underlying hash algorithm instance.
    */
   private MessageDigestAdapter(IMessageDigest adaptee)
@@ -94,12 +89,6 @@ class MessageDigestAdapter extends MessageDigestSpi implements Cloneable
     this.adaptee = adaptee;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // java.security.MessageDigestSpi interface implementation
-  // -------------------------------------------------------------------------
-
   public Object clone()
   {
     return new MessageDigestAdapter((IMessageDigest) adaptee.clone());
@@ -130,9 +119,8 @@ class MessageDigestAdapter extends MessageDigestSpi implements Cloneable
   {
     int result = adaptee.hashSize();
     if (len < result)
-      {
-        throw new DigestException();
-      }
+      throw new DigestException();
+
     byte[] md = adaptee.digest();
     System.arraycopy(md, 0, buf, offset, result);
     return result;
diff --git a/libjava/classpath/gnu/java/security/jce/hash/RipeMD128Spi.java b/libjava/classpath/gnu/java/security/jce/hash/RipeMD128Spi.java
index 404214d91ba..159a1173c15 100644
--- a/libjava/classpath/gnu/java/security/jce/hash/RipeMD128Spi.java
+++ b/libjava/classpath/gnu/java/security/jce/hash/RipeMD128Spi.java
@@ -42,25 +42,13 @@ import gnu.java.security.Registry;
 
 /**
  * The implementation of the RIPEMD-128 <i>Service Provider Interface</i>
- * (<b>SPI</b>) adapter.<p>
+ * (<b>SPI</b>) adapter.
  */
-public class RipeMD128Spi extends MessageDigestAdapter
+public class RipeMD128Spi
+    extends MessageDigestAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public RipeMD128Spi()
   {
     super(Registry.RIPEMD128_HASH);
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/java/security/jce/hash/RipeMD160Spi.java b/libjava/classpath/gnu/java/security/jce/hash/RipeMD160Spi.java
index 841f46b3bc2..579ccb26f14 100644
--- a/libjava/classpath/gnu/java/security/jce/hash/RipeMD160Spi.java
+++ b/libjava/classpath/gnu/java/security/jce/hash/RipeMD160Spi.java
@@ -42,25 +42,13 @@ import gnu.java.security.Registry;
 
 /**
  * The implementation of the RIPEMD-160 <i>Service Provider Interface</i>
- * (<b>SPI</b>) adapter.<p>
+ * (<b>SPI</b>) adapter.
  */
-public class RipeMD160Spi extends MessageDigestAdapter
+public class RipeMD160Spi
+    extends MessageDigestAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public RipeMD160Spi()
   {
     super(Registry.RIPEMD160_HASH);
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/java/security/jce/hash/Sha160Spi.java b/libjava/classpath/gnu/java/security/jce/hash/Sha160Spi.java
index 41988438270..901cac19158 100644
--- a/libjava/classpath/gnu/java/security/jce/hash/Sha160Spi.java
+++ b/libjava/classpath/gnu/java/security/jce/hash/Sha160Spi.java
@@ -42,25 +42,13 @@ import gnu.java.security.Registry;
 
 /**
  * The implementation of the SHA-1 (160-bit) <i>Service Provider Interface</i>
- * (<b>SPI</b>) adapter.<p>
+ * (<b>SPI</b>) adapter.
  */
-public class Sha160Spi extends MessageDigestAdapter
+public class Sha160Spi
+    extends MessageDigestAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public Sha160Spi()
   {
     super(Registry.SHA160_HASH);
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/java/security/jce/hash/Sha256Spi.java b/libjava/classpath/gnu/java/security/jce/hash/Sha256Spi.java
index f07e1894115..9d471e65a66 100644
--- a/libjava/classpath/gnu/java/security/jce/hash/Sha256Spi.java
+++ b/libjava/classpath/gnu/java/security/jce/hash/Sha256Spi.java
@@ -41,26 +41,14 @@ package gnu.java.security.jce.hash;
 import gnu.java.security.Registry;
 
 /**
- * <p>The implementation of the SHA-2-1 (256-bit) <i>Service Provider Interface</i>
- * (<b>SPI</b>) adapter.</p>
+ * The implementation of the SHA-2-1 (256-bit) <i>Service Provider Interface</i>
+ * (<b>SPI</b>) adapter.
  */
-public class Sha256Spi extends MessageDigestAdapter
+public class Sha256Spi
+    extends MessageDigestAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public Sha256Spi()
   {
     super(Registry.SHA256_HASH);
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/java/security/jce/hash/Sha384Spi.java b/libjava/classpath/gnu/java/security/jce/hash/Sha384Spi.java
index fc17077e831..30d5fce09bc 100644
--- a/libjava/classpath/gnu/java/security/jce/hash/Sha384Spi.java
+++ b/libjava/classpath/gnu/java/security/jce/hash/Sha384Spi.java
@@ -41,26 +41,14 @@ package gnu.java.security.jce.hash;
 import gnu.java.security.Registry;
 
 /**
- * <p>The implementation of the SHA-2-2 (384-bit) <i>Service Provider Interface</i>
- * (<b>SPI</b>) adapter.</p>
+ * The implementation of the SHA-2-2 (384-bit) <i>Service Provider Interface</i>
+ * (<b>SPI</b>) adapter.
  */
-public class Sha384Spi extends MessageDigestAdapter
+public class Sha384Spi
+    extends MessageDigestAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public Sha384Spi()
   {
     super(Registry.SHA384_HASH);
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/java/security/jce/hash/Sha512Spi.java b/libjava/classpath/gnu/java/security/jce/hash/Sha512Spi.java
index 0b4c3d62c65..a2d44ab2461 100644
--- a/libjava/classpath/gnu/java/security/jce/hash/Sha512Spi.java
+++ b/libjava/classpath/gnu/java/security/jce/hash/Sha512Spi.java
@@ -41,26 +41,14 @@ package gnu.java.security.jce.hash;
 import gnu.java.security.Registry;
 
 /**
- * <p>The implementation of the SHA-2-3 (512-bit) <i>Service Provider Interface</i>
- * (<b>SPI</b>) adapter.</p>
+ * The implementation of the SHA-2-3 (512-bit) <i>Service Provider Interface</i>
+ * (<b>SPI</b>) adapter.
  */
-public class Sha512Spi extends MessageDigestAdapter
+public class Sha512Spi
+    extends MessageDigestAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public Sha512Spi()
   {
     super(Registry.SHA512_HASH);
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/java/security/jce/hash/TigerSpi.java b/libjava/classpath/gnu/java/security/jce/hash/TigerSpi.java
index 599437410e6..a21e5fe1081 100644
--- a/libjava/classpath/gnu/java/security/jce/hash/TigerSpi.java
+++ b/libjava/classpath/gnu/java/security/jce/hash/TigerSpi.java
@@ -41,27 +41,15 @@ package gnu.java.security.jce.hash;
 import gnu.java.security.Registry;
 
 /**
- * <p>The implementation of the Tiger <i>Service Provider Interface</i>
- * (<b>SPI</b>) adapter.</p>
+ * The implementation of the Tiger <i>Service Provider Interface</i>
+ * (<b>SPI</b>) adapter.
  */
-public class TigerSpi extends MessageDigestAdapter
+public class TigerSpi
+    extends MessageDigestAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial 0-arguments constructor. */
   public TigerSpi()
   {
     super(Registry.TIGER_HASH);
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/java/security/jce/hash/WhirlpoolSpi.java b/libjava/classpath/gnu/java/security/jce/hash/WhirlpoolSpi.java
index d1864bc7cd4..d7a7a4504d4 100644
--- a/libjava/classpath/gnu/java/security/jce/hash/WhirlpoolSpi.java
+++ b/libjava/classpath/gnu/java/security/jce/hash/WhirlpoolSpi.java
@@ -42,25 +42,13 @@ import gnu.java.security.Registry;
 
 /**
  * The implementation of the Whirlpool <i>Service Provider Interface</i>
- * (<b>SPI</b>) adapter.<p>
+ * (<b>SPI</b>) adapter.
  */
-public class WhirlpoolSpi extends MessageDigestAdapter
+public class WhirlpoolSpi
+    extends MessageDigestAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public WhirlpoolSpi()
   {
     super(Registry.WHIRLPOOL_HASH);
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/java/security/jce/prng/HavalRandomSpi.java b/libjava/classpath/gnu/java/security/jce/prng/HavalRandomSpi.java
index 0c39a37fd1b..c3d4b941261 100644
--- a/libjava/classpath/gnu/java/security/jce/prng/HavalRandomSpi.java
+++ b/libjava/classpath/gnu/java/security/jce/prng/HavalRandomSpi.java
@@ -42,25 +42,13 @@ import gnu.java.security.Registry;
 
 /**
  * The implementation of the HAVAL-based SecureRandom <i>Service Provider
- * Interface</i> (<b>SPI</b>) Adapter.<p>
+ * Interface</i> (<b>SPI</b>) adapter.
  */
-public class HavalRandomSpi extends SecureRandomAdapter
+public class HavalRandomSpi
+    extends SecureRandomAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public HavalRandomSpi()
   {
     super(Registry.HAVAL_HASH);
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/java/security/jce/prng/MD2RandomSpi.java b/libjava/classpath/gnu/java/security/jce/prng/MD2RandomSpi.java
index 72a7f4873e4..8ba286804e6 100644
--- a/libjava/classpath/gnu/java/security/jce/prng/MD2RandomSpi.java
+++ b/libjava/classpath/gnu/java/security/jce/prng/MD2RandomSpi.java
@@ -42,25 +42,13 @@ import gnu.java.security.Registry;
 
 /**
  * The implementation of the MD2-based SecureRandom <i>Service Provider
- * Interface</i> (<b>SPI</b>) adapter.<p>
+ * Interface</i> (<b>SPI</b>) adapter.
  */
-public class MD2RandomSpi extends SecureRandomAdapter
+public class MD2RandomSpi
+    extends SecureRandomAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public MD2RandomSpi()
   {
     super(Registry.MD2_HASH);
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/java/security/jce/prng/MD4RandomSpi.java b/libjava/classpath/gnu/java/security/jce/prng/MD4RandomSpi.java
index f5f98f8f39b..d4d182970c7 100644
--- a/libjava/classpath/gnu/java/security/jce/prng/MD4RandomSpi.java
+++ b/libjava/classpath/gnu/java/security/jce/prng/MD4RandomSpi.java
@@ -42,25 +42,13 @@ import gnu.java.security.Registry;
 
 /**
  * The implementation of the MD4-based SecureRandom <i>Service Provider
- * Interface</i> (<b>SPI</b>) adapter.<p>
+ * Interface</i> (<b>SPI</b>) adapter.
  */
-public class MD4RandomSpi extends SecureRandomAdapter
+public class MD4RandomSpi
+    extends SecureRandomAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public MD4RandomSpi()
   {
     super(Registry.MD4_HASH);
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/java/security/jce/prng/MD5RandomSpi.java b/libjava/classpath/gnu/java/security/jce/prng/MD5RandomSpi.java
index 0181247bc5e..be38add0a0d 100644
--- a/libjava/classpath/gnu/java/security/jce/prng/MD5RandomSpi.java
+++ b/libjava/classpath/gnu/java/security/jce/prng/MD5RandomSpi.java
@@ -42,25 +42,13 @@ import gnu.java.security.Registry;
 
 /**
  * The implementation of the MD5-based SecureRandom <i>Service Provider
- * Interface</i> (<b>SPI</b>) adapter.<p>
+ * Interface</i> (<b>SPI</b>) adapter.
  */
-public class MD5RandomSpi extends SecureRandomAdapter
+public class MD5RandomSpi
+    extends SecureRandomAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public MD5RandomSpi()
   {
     super(Registry.MD5_HASH);
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/java/security/jce/prng/RipeMD128RandomSpi.java b/libjava/classpath/gnu/java/security/jce/prng/RipeMD128RandomSpi.java
index 5580716a491..530c3ec2141 100644
--- a/libjava/classpath/gnu/java/security/jce/prng/RipeMD128RandomSpi.java
+++ b/libjava/classpath/gnu/java/security/jce/prng/RipeMD128RandomSpi.java
@@ -41,26 +41,14 @@ package gnu.java.security.jce.prng;
 import gnu.java.security.Registry;
 
 /**
- * <p>The implementation of the RIPEMD128-based SecureRandom <i>Service Provider
- * Interface</i> (<b>SPI</b>) adapter.<p>
+ * The implementation of the RIPEMD128-based SecureRandom <i>Service Provider
+ * Interface</i> (<b>SPI</b>) adapter.
  */
-public class RipeMD128RandomSpi extends SecureRandomAdapter
+public class RipeMD128RandomSpi
+    extends SecureRandomAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public RipeMD128RandomSpi()
   {
     super(Registry.RIPEMD128_HASH);
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/java/security/jce/prng/RipeMD160RandomSpi.java b/libjava/classpath/gnu/java/security/jce/prng/RipeMD160RandomSpi.java
index 734fe824a4c..6875cdfa91a 100644
--- a/libjava/classpath/gnu/java/security/jce/prng/RipeMD160RandomSpi.java
+++ b/libjava/classpath/gnu/java/security/jce/prng/RipeMD160RandomSpi.java
@@ -42,25 +42,13 @@ import gnu.java.security.Registry;
 
 /**
  * The implementation of the RIPEMD160-based SecureRandom <i>Service Provider
- * Interface</i> (<b>SPI</b>) adapter.<p>
+ * Interface</i> (<b>SPI</b>) adapter.
  */
-public class RipeMD160RandomSpi extends SecureRandomAdapter
+public class RipeMD160RandomSpi
+    extends SecureRandomAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public RipeMD160RandomSpi()
   {
     super(Registry.RIPEMD160_HASH);
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/java/security/jce/prng/SecureRandomAdapter.java b/libjava/classpath/gnu/java/security/jce/prng/SecureRandomAdapter.java
index 70d30f15301..5be402ff005 100644
--- a/libjava/classpath/gnu/java/security/jce/prng/SecureRandomAdapter.java
+++ b/libjava/classpath/gnu/java/security/jce/prng/SecureRandomAdapter.java
@@ -45,34 +45,28 @@ import java.security.SecureRandomSpi;
 import java.util.Collections;
 
 /**
- * <p>The implementation of a generic {@link java.security.SecureRandom} adapter
- * class to wrap gnu.crypto prng instances based on Message Digest algorithms.</p>
- *
- * <p>This class defines the <i>Service Provider Interface</i> (<b>SPI</b>) for
+ * The implementation of a generic {@link java.security.SecureRandom} adapter
+ * class to wrap GNU PRNG instances based on Message Digest algorithms.
+ * <p>
+ * This class defines the <i>Service Provider Interface</i> (<b>SPI</b>) for
  * the {@link java.security.SecureRandom} class, which provides the
- * functionality of a cryptographically strong pseudo-random number generator.</p>
- *
- * <p>All the abstract methods in the {@link SecureRandomSpi} class are
- * implemented by this class and all its sub-classes.</p>
+ * functionality of a cryptographically strong pseudo-random number generator.
+ * <p>
+ * All the abstract methods in the {@link SecureRandomSpi} class are implemented
+ * by this class and all its sub-classes.
  */
-abstract class SecureRandomAdapter extends SecureRandomSpi
+abstract class SecureRandomAdapter
+    extends SecureRandomSpi
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** Our underlying prng instance. */
   private MDGenerator adaptee = new MDGenerator();
 
   /** The name of the message digest algorithm used by the adaptee. */
   private String mdName;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Trivial protected constructor.</p>
-   *
+   * Trivial protected constructor.
+   * 
    * @param mdName the canonical name of the underlying hash algorithm.
    */
   protected SecureRandomAdapter(String mdName)
@@ -80,23 +74,14 @@ abstract class SecureRandomAdapter extends SecureRandomSpi
     super();
 
     this.mdName = mdName;
-    adaptee.init (Collections.singletonMap (MDGenerator.MD_NAME, mdName));
+    adaptee.init(Collections.singletonMap(MDGenerator.MD_NAME, mdName));
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.security.SecureRandomSpi interface implementation ------------------
-
   public byte[] engineGenerateSeed(int numBytes)
   {
     if (numBytes < 1)
-      {
-        return new byte[0];
-      }
+      return new byte[0];
+
     byte[] result = new byte[numBytes];
     this.engineNextBytes(result);
     return result;
@@ -104,10 +89,8 @@ abstract class SecureRandomAdapter extends SecureRandomSpi
 
   public void engineNextBytes(byte[] bytes)
   {
-    if (!adaptee.isInitialised())
-      {
-        this.engineSetSeed(new byte[0]);
-      }
+    if (! adaptee.isInitialised())
+      this.engineSetSeed(new byte[0]);
     try
       {
         adaptee.nextBytes(bytes, 0, bytes.length);
@@ -119,6 +102,6 @@ abstract class SecureRandomAdapter extends SecureRandomSpi
 
   public void engineSetSeed(byte[] seed)
   {
-    adaptee.addRandomBytes (seed);
+    adaptee.addRandomBytes(seed);
   }
 }
diff --git a/libjava/classpath/gnu/java/security/jce/prng/Sha160RandomSpi.java b/libjava/classpath/gnu/java/security/jce/prng/Sha160RandomSpi.java
index c93b02d3fb8..9fded67e0ce 100644
--- a/libjava/classpath/gnu/java/security/jce/prng/Sha160RandomSpi.java
+++ b/libjava/classpath/gnu/java/security/jce/prng/Sha160RandomSpi.java
@@ -42,25 +42,13 @@ import gnu.java.security.Registry;
 
 /**
  * The implementation of the SHA1-based SecureRandom <i>Service Provider
- * Interface</i> (<b>SPI</b>) adapter.<p>
+ * Interface</i> (<b>SPI</b>) adapter.
  */
-public class Sha160RandomSpi extends SecureRandomAdapter
+public class Sha160RandomSpi
+    extends SecureRandomAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public Sha160RandomSpi()
   {
     super(Registry.SHA160_HASH);
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/java/security/jce/prng/Sha256RandomSpi.java b/libjava/classpath/gnu/java/security/jce/prng/Sha256RandomSpi.java
index 736996430e1..e3999ffe6e9 100644
--- a/libjava/classpath/gnu/java/security/jce/prng/Sha256RandomSpi.java
+++ b/libjava/classpath/gnu/java/security/jce/prng/Sha256RandomSpi.java
@@ -41,26 +41,14 @@ package gnu.java.security.jce.prng;
 import gnu.java.security.Registry;
 
 /**
- * <p>The implementation of the SHA-256 based SecureRandom <i>Service Provider
- * Interface</i> (<b>SPI</b>) adapter.</p>
+ * The implementation of the SHA-256 based SecureRandom <i>Service Provider
+ * Interface</i> (<b>SPI</b>) adapter.
  */
-public class Sha256RandomSpi extends SecureRandomAdapter
+public class Sha256RandomSpi
+    extends SecureRandomAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public Sha256RandomSpi()
   {
     super(Registry.SHA256_HASH);
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/java/security/jce/prng/Sha384RandomSpi.java b/libjava/classpath/gnu/java/security/jce/prng/Sha384RandomSpi.java
index afbf19303c8..978c8fe38b2 100644
--- a/libjava/classpath/gnu/java/security/jce/prng/Sha384RandomSpi.java
+++ b/libjava/classpath/gnu/java/security/jce/prng/Sha384RandomSpi.java
@@ -41,26 +41,14 @@ package gnu.java.security.jce.prng;
 import gnu.java.security.Registry;
 
 /**
- * <p>The implementation of the SHA-384 based SecureRandom <i>Service Provider
- * Interface</i> (<b>SPI</b>) adapter.</p>
+ * The implementation of the SHA-384 based SecureRandom <i>Service Provider
+ * Interface</i> (<b>SPI</b>) adapter.
  */
-public class Sha384RandomSpi extends SecureRandomAdapter
+public class Sha384RandomSpi
+    extends SecureRandomAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public Sha384RandomSpi()
   {
     super(Registry.SHA384_HASH);
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/java/security/jce/prng/Sha512RandomSpi.java b/libjava/classpath/gnu/java/security/jce/prng/Sha512RandomSpi.java
index b2b33776008..a89e26f004e 100644
--- a/libjava/classpath/gnu/java/security/jce/prng/Sha512RandomSpi.java
+++ b/libjava/classpath/gnu/java/security/jce/prng/Sha512RandomSpi.java
@@ -41,26 +41,14 @@ package gnu.java.security.jce.prng;
 import gnu.java.security.Registry;
 
 /**
- * <p>The implementation of the SHA-512 based SecureRandom <i>Service Provider
- * Interface</i> (<b>SPI</b>) adapter.</p>
+ * The implementation of the SHA-512 based SecureRandom <i>Service Provider
+ * Interface</i> (<b>SPI</b>) adapter.
  */
-public class Sha512RandomSpi extends SecureRandomAdapter
+public class Sha512RandomSpi
+    extends SecureRandomAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public Sha512RandomSpi()
   {
     super(Registry.SHA512_HASH);
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/java/security/jce/prng/TigerRandomSpi.java b/libjava/classpath/gnu/java/security/jce/prng/TigerRandomSpi.java
index b4795b98ecc..ba4b22fb892 100644
--- a/libjava/classpath/gnu/java/security/jce/prng/TigerRandomSpi.java
+++ b/libjava/classpath/gnu/java/security/jce/prng/TigerRandomSpi.java
@@ -42,25 +42,13 @@ import gnu.java.security.Registry;
 
 /**
  * The implementation of the Tiger based SecureRandom <i>Service Provider
- * Interface</i> (<b>SPI</b>) adapter.<p>
+ * Interface</i> (<b>SPI</b>) adapter.
  */
-public class TigerRandomSpi extends SecureRandomAdapter
+public class TigerRandomSpi
+    extends SecureRandomAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public TigerRandomSpi()
   {
     super(Registry.TIGER_HASH);
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/java/security/jce/prng/WhirlpoolRandomSpi.java b/libjava/classpath/gnu/java/security/jce/prng/WhirlpoolRandomSpi.java
index f327f9df2c7..9d937e65f3e 100644
--- a/libjava/classpath/gnu/java/security/jce/prng/WhirlpoolRandomSpi.java
+++ b/libjava/classpath/gnu/java/security/jce/prng/WhirlpoolRandomSpi.java
@@ -42,25 +42,13 @@ import gnu.java.security.Registry;
 
 /**
  * The implementation of the Whirlpool-based SecureRandom <i>Service Provider
- * Interface</i> (<b>SPI</b>) adapter.<p>
+ * Interface</i> (<b>SPI</b>) adapter.
  */
-public class WhirlpoolRandomSpi extends SecureRandomAdapter
+public class WhirlpoolRandomSpi
+    extends SecureRandomAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public WhirlpoolRandomSpi()
   {
     super(Registry.WHIRLPOOL_HASH);
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/java/security/jce/sig/DSSKeyFactory.java b/libjava/classpath/gnu/java/security/jce/sig/DSSKeyFactory.java
index bb4d85c899d..7b57dba70a5 100644
--- a/libjava/classpath/gnu/java/security/jce/sig/DSSKeyFactory.java
+++ b/libjava/classpath/gnu/java/security/jce/sig/DSSKeyFactory.java
@@ -61,10 +61,11 @@ import java.security.spec.X509EncodedKeySpec;
 
 /**
  * DSA key factory.
- *
+ * 
  * @author Casey Marshall (rsdio@metastatic.org)
  */
-public class DSSKeyFactory extends KeyFactorySpi
+public class DSSKeyFactory
+    extends KeyFactorySpi
 {
   // implicit 0-arguments constructor
 
@@ -80,7 +81,6 @@ public class DSSKeyFactory extends KeyFactorySpi
         BigInteger y = spec.getY();
         return new DSSPublicKey(Registry.X509_ENCODING_ID, p, q, g, y);
       }
-
     if (keySpec instanceof X509EncodedKeySpec)
       {
         X509EncodedKeySpec spec = (X509EncodedKeySpec) keySpec;
@@ -93,12 +93,9 @@ public class DSSKeyFactory extends KeyFactorySpi
           }
         catch (RuntimeException x)
           {
-            InvalidKeySpecException y = new InvalidKeySpecException();
-            y.initCause(x);
-            throw y;
+            throw new InvalidKeySpecException(x.getMessage(), x);
           }
       }
-
     throw new InvalidKeySpecException("Unsupported (public) key specification");
   }
 
@@ -114,7 +111,6 @@ public class DSSKeyFactory extends KeyFactorySpi
         BigInteger x = spec.getX();
         return new DSSPrivateKey(Registry.PKCS8_ENCODING_ID, p, q, g, x);
       }
-
     if (keySpec instanceof PKCS8EncodedKeySpec)
       {
         PKCS8EncodedKeySpec spec = (PKCS8EncodedKeySpec) keySpec;
@@ -127,12 +123,9 @@ public class DSSKeyFactory extends KeyFactorySpi
           }
         catch (RuntimeException x)
           {
-            InvalidKeySpecException y = new InvalidKeySpecException();
-            y.initCause(x);
-            throw y;
+            throw new InvalidKeySpecException(x.getMessage(), x);
           }
       }
-
     throw new InvalidKeySpecException("Unsupported (private) key specification");
   }
 
@@ -150,7 +143,6 @@ public class DSSKeyFactory extends KeyFactorySpi
             BigInteger y = dsaKey.getY();
             return new DSAPublicKeySpec(y, p, q, g);
           }
-
         if (keySpec.isAssignableFrom(X509EncodedKeySpec.class))
           {
             if (key instanceof DSSPublicKey)
@@ -159,19 +151,16 @@ public class DSSKeyFactory extends KeyFactorySpi
                 byte[] encoded = dssKey.getEncoded(Registry.X509_ENCODING_ID);
                 return new X509EncodedKeySpec(encoded);
               }
-
             if (Registry.X509_ENCODING_SORT_NAME.equalsIgnoreCase(key.getFormat()))
               {
                 byte[] encoded = key.getEncoded();
                 return new X509EncodedKeySpec(encoded);
               }
-
-            throw new InvalidKeySpecException("Wrong key type or unsupported (public) key specification");
+            throw new InvalidKeySpecException(
+                "Wrong key type or unsupported (public) key specification");
           }
-
         throw new InvalidKeySpecException("Unsupported (public) key specification");
       }
-
     if (key instanceof DSAPrivateKey)
       {
         if (keySpec.isAssignableFrom(DSAPrivateKeySpec.class))
@@ -183,7 +172,6 @@ public class DSSKeyFactory extends KeyFactorySpi
             BigInteger x = dsaKey.getX();
             return new DSAPrivateKeySpec(x, p, q, g);
           }
-
         if (keySpec.isAssignableFrom(PKCS8EncodedKeySpec.class))
           {
             if (key instanceof DSSPrivateKey)
@@ -192,19 +180,16 @@ public class DSSKeyFactory extends KeyFactorySpi
                 byte[] encoded = dssKey.getEncoded(Registry.PKCS8_ENCODING_ID);
                 return new PKCS8EncodedKeySpec(encoded);
               }
-
             if (Registry.PKCS8_ENCODING_SHORT_NAME.equalsIgnoreCase(key.getFormat()))
               {
                 byte[] encoded = key.getEncoded();
                 return new PKCS8EncodedKeySpec(encoded);
               }
-
-            throw new InvalidKeySpecException("Wrong key type or unsupported (private) key specification");
+            throw new InvalidKeySpecException(
+                "Wrong key type or unsupported (private) key specification");
           }
-
         throw new InvalidKeySpecException("Unsupported (private) key specification");
       }
-
     throw new InvalidKeySpecException("Wrong key type or unsupported key specification");
   }
 
@@ -222,7 +207,6 @@ public class DSSKeyFactory extends KeyFactorySpi
         BigInteger y = dsaKey.getY();
         return new DSSPublicKey(Registry.X509_ENCODING_ID, p, q, g, y);
       }
-
     if (key instanceof DSAPrivateKey)
       {
         DSAPrivateKey dsaKey = (DSAPrivateKey) key;
@@ -232,7 +216,6 @@ public class DSSKeyFactory extends KeyFactorySpi
         BigInteger x = dsaKey.getX();
         return new DSSPrivateKey(Registry.PKCS8_ENCODING_ID, p, q, g, x);
       }
-
     throw new InvalidKeyException("Wrong key type");
   }
 }
diff --git a/libjava/classpath/gnu/java/security/jce/sig/DSSKeyPairGeneratorSpi.java b/libjava/classpath/gnu/java/security/jce/sig/DSSKeyPairGeneratorSpi.java
index 44503b26b9a..c4453810653 100644
--- a/libjava/classpath/gnu/java/security/jce/sig/DSSKeyPairGeneratorSpi.java
+++ b/libjava/classpath/gnu/java/security/jce/sig/DSSKeyPairGeneratorSpi.java
@@ -52,33 +52,21 @@ import java.util.HashMap;
 
 /**
  * The implementation of a {@link java.security.KeyPairGenerator} adapter class
- * to wrap gnu.crypto DSS keypair generator instances.<p>
- *
- * In case the client does not explicitly initialize the KeyPairGenerator (via
- * a call to an <code>initialize()</code> method), the GNU Crypto provider
- * uses a default <i>modulus</i> size (keysize) of 1024 bits.<p>
+ * to wrap GNU DSS keypair generator instances.
+ * <p>
+ * In case the client does not explicitly initialize the KeyPairGenerator (via a
+ * call to an <code>initialize()</code> method), the GNU provider uses a
+ * default <i>modulus</i> size (keysize) of 1024 bits.
  */
-public class DSSKeyPairGeneratorSpi extends KeyPairGeneratorAdapter implements
-    DSAKeyPairGenerator
+public class DSSKeyPairGeneratorSpi
+    extends KeyPairGeneratorAdapter
+    implements DSAKeyPairGenerator
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public DSSKeyPairGeneratorSpi()
   {
     super(Registry.DSS_KPG);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   public void initialize(int keysize, SecureRandom random)
   {
     this.initialize(keysize, false, random);
@@ -90,43 +78,34 @@ public class DSSKeyPairGeneratorSpi extends KeyPairGeneratorAdapter implements
     HashMap attributes = new HashMap();
     if (params != null)
       {
-        if (!(params instanceof DSAParameterSpec))
+        if (! (params instanceof DSAParameterSpec))
           throw new InvalidAlgorithmParameterException(
-              "Parameters argument is not a non-null instance, or " +
-              "sub-instance, of java.security.spec.DSAParameterSpec");
-
+              "Parameters argument is not a non-null instance, or "
+              + "sub-instance, of java.security.spec.DSAParameterSpec");
         attributes.put(DSSKeyPairGenerator.DSS_PARAMETERS, params);
       }
-
     if (random != null)
-      {
-        attributes.put(DSSKeyPairGenerator.SOURCE_OF_RANDOMNESS, random);
-      }
+      attributes.put(DSSKeyPairGenerator.SOURCE_OF_RANDOMNESS, random);
 
     attributes.put(DSSKeyPairGenerator.PREFERRED_ENCODING_FORMAT,
-                   new Integer(Registry.ASN1_ENCODING_ID));
+                   Integer.valueOf(Registry.ASN1_ENCODING_ID));
     try
       {
         adaptee.setup(attributes);
       }
     catch (IllegalArgumentException x)
       {
-        InvalidAlgorithmParameterException y =
-            new InvalidAlgorithmParameterException();
-        y.initCause(x);
-        throw y;
+        throw new InvalidAlgorithmParameterException(x.getMessage(), x);
       }
   }
 
-  // java.security.interfaces.DSAKeyPairGenerator interface implementation -----
-
   public void initialize(DSAParams params, SecureRandom random)
       throws InvalidParameterException
   {
     if (params == null || !(params instanceof DSAParameterSpec))
       throw new InvalidParameterException(
-          "Parameters argument is either null or is not an instance, or " +
-          "sub-instance, of java.security.spec.DSAParameterSpec");
+          "Parameters argument is either null or is not an instance, or "
+          + "sub-instance, of java.security.spec.DSAParameterSpec");
     DSAParameterSpec spec = (DSAParameterSpec) params;
     try
       {
@@ -134,7 +113,7 @@ public class DSSKeyPairGeneratorSpi extends KeyPairGeneratorAdapter implements
       }
     catch (InvalidAlgorithmParameterException x)
       {
-        InvalidParameterException y = new InvalidParameterException();
+        InvalidParameterException y = new InvalidParameterException(x.getMessage());
         y.initCause(x);
         throw y;
       }
@@ -144,22 +123,22 @@ public class DSSKeyPairGeneratorSpi extends KeyPairGeneratorAdapter implements
       throws InvalidParameterException
   {
     HashMap attributes = new HashMap();
-    attributes.put(DSSKeyPairGenerator.MODULUS_LENGTH, new Integer(modlen));
+    attributes.put(DSSKeyPairGenerator.MODULUS_LENGTH, Integer.valueOf(modlen));
     if (random != null)
       attributes.put(DSSKeyPairGenerator.SOURCE_OF_RANDOMNESS, random);
 
     attributes.put(DSSKeyPairGenerator.USE_DEFAULTS,
-                   Boolean.valueOf(!genParams));
+                   Boolean.valueOf(! genParams));
     attributes.put(DSSKeyPairGenerator.STRICT_DEFAULTS, Boolean.TRUE);
     attributes.put(DSSKeyPairGenerator.PREFERRED_ENCODING_FORMAT,
-                   new Integer(Registry.ASN1_ENCODING_ID));
+                   Integer.valueOf(Registry.ASN1_ENCODING_ID));
     try
       {
         adaptee.setup(attributes);
       }
     catch (IllegalArgumentException x)
       {
-        InvalidParameterException y = new InvalidParameterException();
+        InvalidParameterException y = new InvalidParameterException(x.getMessage());
         y.initCause(x);
         throw y;
       }
diff --git a/libjava/classpath/gnu/java/security/jce/sig/DSSParameters.java b/libjava/classpath/gnu/java/security/jce/sig/DSSParameters.java
index ba1f414faea..eaccb009551 100644
--- a/libjava/classpath/gnu/java/security/jce/sig/DSSParameters.java
+++ b/libjava/classpath/gnu/java/security/jce/sig/DSSParameters.java
@@ -136,7 +136,6 @@ public class DSSParameters
         if (! format.equalsIgnoreCase(Registry.ASN1_ENCODING_SHORT_NAME))
           throw new IOException("Unknown or unsupported format: " + format);
       }
-
     engineInit(params);
   }
 
@@ -191,7 +190,6 @@ public class DSSParameters
         if (! format.equalsIgnoreCase(Registry.ASN1_ENCODING_SHORT_NAME))
           throw new IOException("Unknown or unsupported format: " + format);
       }
-
     return engineGetEncoded();
   }
 
diff --git a/libjava/classpath/gnu/java/security/jce/sig/DSSRawSignatureSpi.java b/libjava/classpath/gnu/java/security/jce/sig/DSSRawSignatureSpi.java
index a63c51afab8..9b20c03b110 100644
--- a/libjava/classpath/gnu/java/security/jce/sig/DSSRawSignatureSpi.java
+++ b/libjava/classpath/gnu/java/security/jce/sig/DSSRawSignatureSpi.java
@@ -42,27 +42,15 @@ import gnu.java.security.Registry;
 import gnu.java.security.sig.dss.DSSSignatureRawCodec;
 
 /**
- * The implementation of <i>Service Provider Interface</i> (<b>SPI</b>) adapter
- * for the DSS (Digital Signature Standard) signature scheme, encoded and/or
- * decoded in RAW format.<p>
+ * The implementation of <i>Service Provider Interface</i> (<b>SPI</b>)
+ * adapter for the DSS (Digital Signature Standard) signature scheme, encoded
+ * and/or decoded in RAW format.
  */
-public class DSSRawSignatureSpi extends SignatureAdapter
+public class DSSRawSignatureSpi
+    extends SignatureAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public DSSRawSignatureSpi()
   {
     super(Registry.DSS_SIG, new DSSSignatureRawCodec());
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/java/security/jce/sig/EncodedKeyFactory.java b/libjava/classpath/gnu/java/security/jce/sig/EncodedKeyFactory.java
index 60152c279fa..19ec088c555 100644
--- a/libjava/classpath/gnu/java/security/jce/sig/EncodedKeyFactory.java
+++ b/libjava/classpath/gnu/java/security/jce/sig/EncodedKeyFactory.java
@@ -38,6 +38,7 @@ exception statement from your version. */
 
 package gnu.java.security.jce.sig;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.Registry;
 import gnu.java.security.key.dss.DSSPrivateKey;
 import gnu.java.security.key.dss.DSSPublicKey;
@@ -79,11 +80,6 @@ public class EncodedKeyFactory
 {
   private static final Logger log = Logger.getLogger(EncodedKeyFactory.class.getName());
 
-  // implicit 0-arguments constructor
-
-  // Class methods
-  // --------------------------------------------------------------------------
-
   private static Object invokeConstructor(String className, Object[] params)
       throws InvalidKeySpecException
   {
@@ -96,21 +92,15 @@ public class EncodedKeyFactory
       }
     catch (InstantiationException x)
       {
-        InvalidKeySpecException y = new InvalidKeySpecException();
-        y.initCause(x);
-        throw y;
+        throw new InvalidKeySpecException(x.getMessage(), x);
       }
     catch (IllegalAccessException x)
       {
-        InvalidKeySpecException y = new InvalidKeySpecException();
-        y.initCause(y);
-        throw y;
+        throw new InvalidKeySpecException(x.getMessage(), x);
       }
     catch (InvocationTargetException x)
       {
-        InvalidKeySpecException y = new InvalidKeySpecException();
-        y.initCause(x);
-        throw y;
+        throw new InvalidKeySpecException(x.getMessage(), x);
       }
   }
 
@@ -124,9 +114,7 @@ public class EncodedKeyFactory
       }
     catch (ClassNotFoundException x)
       {
-        InvalidKeySpecException y = new InvalidKeySpecException();
-        y.initCause(x);
-        throw y;
+        throw new InvalidKeySpecException(x.getMessage(), x);
       }
   }
 
@@ -144,9 +132,7 @@ public class EncodedKeyFactory
       }
     catch (NoSuchMethodException x)
       {
-        InvalidKeySpecException y = new InvalidKeySpecException();
-        y.initCause(x);
-        throw y;
+        throw new InvalidKeySpecException(x.getMessage(), x);
       }
   }
 
@@ -162,15 +148,11 @@ public class EncodedKeyFactory
       }
     catch (IllegalAccessException x)
       {
-        InvalidKeySpecException y = new InvalidKeySpecException();
-        y.initCause(x);
-        throw y;
+        throw new InvalidKeySpecException(x.getMessage(), x);
       }
     catch (InvocationTargetException x)
       {
-        InvalidKeySpecException y = new InvalidKeySpecException();
-        y.initCause(x);
-        throw y;
+        throw new InvalidKeySpecException(x.getMessage(), x);
       }
   }
 
@@ -184,20 +166,15 @@ public class EncodedKeyFactory
       }
     catch (NoSuchMethodException x)
       {
-        InvalidKeySpecException y = new InvalidKeySpecException();
-        y.initCause(x);
-        throw y;
+        throw new InvalidKeySpecException(x.getMessage(), x);
       }
   }
 
-  // Instance methods
-  // --------------------------------------------------------------------------
-
   protected PublicKey engineGeneratePublic(KeySpec keySpec)
       throws InvalidKeySpecException
   {
-    log.entering(this.getClass().getName(), "engineGeneratePublic()", keySpec);
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "engineGeneratePublic()", keySpec);
     PublicKey result = null;
     if (keySpec instanceof DSAPublicKeySpec)
       result = decodeDSSPublicKey((DSAPublicKeySpec) keySpec);
@@ -220,10 +197,10 @@ public class EncodedKeyFactory
           }
         catch (InvalidParameterException ignored)
           {
-            log.log(Level.FINE, "Exception in DSSPublicKey.valueOf(). Ignore",
-                    ignored);
+            if (Configuration.DEBUG)
+              log.log(Level.FINE, "Exception in DSSPublicKey.valueOf(). Ignore",
+                      ignored);
           }
-
         if (! ok) // try RSA
           try
             {
@@ -232,24 +209,24 @@ public class EncodedKeyFactory
             }
           catch (InvalidParameterException ignored)
             {
-              log.log(Level.FINE,
-                      "Exception in GnuRSAPublicKey.valueOf(). Ignore",
-                      ignored);
+              if (Configuration.DEBUG)
+                log.log(Level.FINE,
+                        "Exception in GnuRSAPublicKey.valueOf(). Ignore",
+                        ignored);
             }
-
           if (! ok) // try DH
             result = decodeDHPublicKey(input);
       }
-
-    log.exiting(this.getClass().getName(), "engineGeneratePublic()", result);
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "engineGeneratePublic()", result);
     return result;
   }
 
   protected PrivateKey engineGeneratePrivate(KeySpec keySpec)
       throws InvalidKeySpecException
   {
-    log.entering(this.getClass().getName(), "engineGeneratePrivate()", keySpec);
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "engineGeneratePrivate()", keySpec);
     PrivateKey result = null;
     if (keySpec instanceof DSAPrivateKeySpec)
       result = decodeDSSPrivateKey((DSAPrivateKeySpec) keySpec);
@@ -272,10 +249,10 @@ public class EncodedKeyFactory
           }
         catch (InvalidParameterException ignored)
           {
-            log.log(Level.FINE, "Exception in DSSPrivateKey.valueOf(). Ignore",
-                    ignored);
+            if (Configuration.DEBUG)
+              log.log(Level.FINE, "Exception in DSSPrivateKey.valueOf(). Ignore",
+                      ignored);
           }
-
         if (! ok) // try RSA
           try
             {
@@ -284,16 +261,16 @@ public class EncodedKeyFactory
             }
           catch (InvalidParameterException ignored)
             {
-              log.log(Level.FINE,
-                      "Exception in GnuRSAPrivateKey.valueOf(). Ignore",
-                      ignored);
+              if (Configuration.DEBUG)
+                log.log(Level.FINE,
+                        "Exception in GnuRSAPrivateKey.valueOf(). Ignore",
+                        ignored);
             }
-
         if (! ok) // try DH
           result = decodeDHPrivateKey(input);
       }
-
-    log.exiting(this.getClass().getName(), "engineGeneratePrivate()", result);
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "engineGeneratePrivate()", result);
     return result;
   }
 
@@ -321,7 +298,7 @@ public class EncodedKeyFactory
   /**
    * @param spec an instance of {@link DSAPublicKeySpec} to decode.
    * @return an instance of {@link DSSPublicKey} constructed from the
-   * information in the designated key-specification.
+   *         information in the designated key-specification.
    */
   private DSSPublicKey decodeDSSPublicKey(DSAPublicKeySpec spec)
   {
@@ -335,7 +312,7 @@ public class EncodedKeyFactory
   /**
    * @param spec an instance of {@link RSAPublicKeySpec} to decode.
    * @return an instance of {@link GnuRSAPublicKey} constructed from the
-   * information in the designated key-specification.
+   *         information in the designated key-specification.
    */
   private GnuRSAPublicKey decodeRSAPublicKey(RSAPublicKeySpec spec)
   {
@@ -358,7 +335,7 @@ public class EncodedKeyFactory
     BigInteger p = spec.getP();
     BigInteger g = spec.getG();
     BigInteger y = spec.getY();
-    Object[] params = new Object[] {new Integer(Registry.X509_ENCODING_ID),
+    Object[] params = new Object[] {Integer.valueOf(Registry.X509_ENCODING_ID),
                                     null, p, g, y};
     Object obj = invokeConstructor("gnu.javax.crypto.key.dh.GnuDHPublicKey",
                                    params);
@@ -384,7 +361,7 @@ public class EncodedKeyFactory
   /**
    * @param spec an instance of {@link DSAPrivateKeySpec} to decode.
    * @return an instance of {@link DSSPrivateKey} constructed from the
-   * information in the designated key-specification. 
+   *         information in the designated key-specification.
    */
   private PrivateKey decodeDSSPrivateKey(DSAPrivateKeySpec spec)
   {
@@ -398,7 +375,7 @@ public class EncodedKeyFactory
   /**
    * @param spec an instance of {@link RSAPrivateCrtKeySpec} to decode.
    * @return an instance of {@link GnuRSAPrivateKey} constructed from the
-   * information in the designated key-specification.
+   *         information in the designated key-specification.
    */
   private PrivateKey decodeRSAPrivateKey(RSAPrivateCrtKeySpec spec)
   {
@@ -428,7 +405,7 @@ public class EncodedKeyFactory
     BigInteger p = spec.getP();
     BigInteger g = spec.getG();
     BigInteger x = spec.getX();
-    Object[] params = new Object[] {new Integer(Registry.PKCS8_ENCODING_ID),
+    Object[] params = new Object[] {Integer.valueOf(Registry.PKCS8_ENCODING_ID),
                                     null, p, g, x};
     Object obj = invokeConstructor("gnu.javax.crypto.key.dh.GnuDHPrivateKey",
                                    params);
diff --git a/libjava/classpath/gnu/java/security/jce/sig/KeyPairGeneratorAdapter.java b/libjava/classpath/gnu/java/security/jce/sig/KeyPairGeneratorAdapter.java
index edf19f627e0..bcbbe477d1e 100644
--- a/libjava/classpath/gnu/java/security/jce/sig/KeyPairGeneratorAdapter.java
+++ b/libjava/classpath/gnu/java/security/jce/sig/KeyPairGeneratorAdapter.java
@@ -49,36 +49,30 @@ import java.security.spec.AlgorithmParameterSpec;
 
 /**
  * The implementation of a generic {@link java.security.KeyPairGenerator}
- * adapter class to wrap gnu.crypto keypair generator instances.<p>
- *
- * This class defines the <i>Service Provider Interface</i> (<b>SPI</b>) for the
- * {@link java.security.KeyPairGenerator} class, which is used to generate pairs
- * of public and private keys.<p>
- *
+ * adapter class to wrap GNU keypair generator instances.
+ * <p>
+ * This class defines the <i>Service Provider Interface</i> (<b>SPI</b>) for
+ * the {@link java.security.KeyPairGenerator} class, which is used to generate
+ * pairs of public and private keys.
+ * <p>
  * All the abstract methods in the {@link java.security.KeyPairGeneratorSpi}
- * class are implemented by this class and all its sub-classes.<p>
- *
- * In case the client does not explicitly initialize the KeyPairGenerator (via
- * a call to an <code>initialize()</code> method), the GNU Crypto provider
- * supplies (and document) default values to be used. For example, the GNU
- * Crypto provider uses a default <i>modulus</i> size (keysize) of 1024 bits for
- * the DSS (Digital Signature Standard) a.k.a <i>DSA</i>.<p>
+ * class are implemented by this class and all its sub-classes.
+ * <p>
+ * In case the client does not explicitly initialize the KeyPairGenerator (via a
+ * call to an <code>initialize()</code> method), the GNU provider supplies
+ * (and document) default values to be used. For example, the GNU provider uses
+ * a default <i>modulus</i> size (keysize) of 1024 bits for the DSS (Digital
+ * Signature Standard) a.k.a <i>DSA</i>.
  */
-public abstract class KeyPairGeneratorAdapter extends KeyPairGenerator
+public abstract class KeyPairGeneratorAdapter
+    extends KeyPairGenerator
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** Our underlying keypair instance. */
   protected IKeyPairGenerator adaptee;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
    * Trivial protected constructor.
-   *
+   * 
    * @param kpgName the canonical name of the keypair generator algorithm.
    */
   protected KeyPairGeneratorAdapter(String kpgName)
@@ -88,12 +82,6 @@ public abstract class KeyPairGeneratorAdapter extends KeyPairGenerator
     this.adaptee = KeyPairGeneratorFactory.getInstance(kpgName);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // java.security.KeyPairGeneratorSpi interface implementation
-  // -------------------------------------------------------------------------
-
   public abstract void initialize(int keysize, SecureRandom random);
 
   public abstract void initialize(AlgorithmParameterSpec params,
diff --git a/libjava/classpath/gnu/java/security/jce/sig/RSAKeyFactory.java b/libjava/classpath/gnu/java/security/jce/sig/RSAKeyFactory.java
index 674e2afb6a5..3ba49edc256 100644
--- a/libjava/classpath/gnu/java/security/jce/sig/RSAKeyFactory.java
+++ b/libjava/classpath/gnu/java/security/jce/sig/RSAKeyFactory.java
@@ -76,7 +76,6 @@ public class RSAKeyFactory
         BigInteger e = spec.getPublicExponent();
         return new GnuRSAPublicKey(Registry.X509_ENCODING_ID, n, e);
       }
-
     if (keySpec instanceof X509EncodedKeySpec)
       {
         X509EncodedKeySpec spec = (X509EncodedKeySpec) keySpec;
@@ -88,12 +87,9 @@ public class RSAKeyFactory
           }
         catch (RuntimeException x)
           {
-            InvalidKeySpecException y = new InvalidKeySpecException();
-            y.initCause(x);
-            throw y;
+            throw new InvalidKeySpecException(x.getMessage(), x);
           }
       }
-
     throw new InvalidKeySpecException("Unsupported (public) key specification");
   }
 
@@ -114,16 +110,6 @@ public class RSAKeyFactory
         return new GnuRSAPrivateKey(Registry.PKCS8_ENCODING_ID,
                                     n, e, d, p, q, dP, dQ, qInv);
       }
-
-//    if (keySpec instanceof RSAPrivateKeySpec)
-//      {
-//        RSAPrivateKeySpec spec = (RSAPrivateKeySpec) keySpec;
-//        BigInteger n = spec.getModulus();
-//        BigInteger d = spec.getPrivateExponent();
-//        return new GnuRSAPrivateKey(Registry.PKCS8_ENCODING_ID,
-//                                    n, null, d, null, null, null, null, null);
-//      }
-
     if (keySpec instanceof PKCS8EncodedKeySpec)
       {
         PKCS8EncodedKeySpec spec = (PKCS8EncodedKeySpec) keySpec;
@@ -135,12 +121,9 @@ public class RSAKeyFactory
           }
         catch (RuntimeException x)
           {
-            InvalidKeySpecException y = new InvalidKeySpecException();
-            y.initCause(x);
-            throw y;
+            throw new InvalidKeySpecException(x.getMessage(), x);
           }
       }
-
     throw new InvalidKeySpecException("Unsupported (private) key specification");
   }
 
@@ -156,7 +139,6 @@ public class RSAKeyFactory
           BigInteger e = rsaKey.getPublicExponent();
           return new RSAPublicKeySpec(n, e);
         }
-
         if (keySpec.isAssignableFrom(X509EncodedKeySpec.class))
           {
             if (key instanceof GnuRSAPublicKey)
@@ -171,13 +153,11 @@ public class RSAKeyFactory
                 byte[] encoded = key.getEncoded();
                 return new X509EncodedKeySpec(encoded);
               }
-
-            throw new InvalidKeySpecException("Wrong key type or unsupported (public) key specification");
+            throw new InvalidKeySpecException(
+                "Wrong key type or unsupported (public) key specification");
           }
-
         throw new InvalidKeySpecException("Unsupported (public) key specification");
       }
-
     if ((key instanceof RSAPrivateCrtKey)
         && keySpec.isAssignableFrom(RSAPrivateCrtKeySpec.class))
       {
@@ -192,7 +172,6 @@ public class RSAKeyFactory
         BigInteger qInv = rsaKey.getCrtCoefficient();
         return new RSAPrivateCrtKeySpec(n, e, d, p, q, dP, dQ, qInv);
       }
-
     if ((key instanceof RSAPrivateKey)
         && keySpec.isAssignableFrom(RSAPrivateKeySpec.class))
       {
@@ -201,7 +180,6 @@ public class RSAKeyFactory
         BigInteger d = rsaKey.getPrivateExponent();
         return new RSAPrivateKeySpec(n, d);
       }
-
     if (keySpec.isAssignableFrom(PKCS8EncodedKeySpec.class))
       {
         if (key instanceof GnuRSAPrivateKey)
@@ -210,17 +188,16 @@ public class RSAKeyFactory
             byte[] encoded = rsaKey.getEncoded(Registry.PKCS8_ENCODING_ID);
             return new PKCS8EncodedKeySpec(encoded);
           }
-
         if (Registry.PKCS8_ENCODING_SHORT_NAME.equalsIgnoreCase(key.getFormat()))
           {
             byte[] encoded = key.getEncoded();
             return new PKCS8EncodedKeySpec(encoded);
           }
-
-        throw new InvalidKeySpecException("Wrong key type or unsupported (private) key specification");
+        throw new InvalidKeySpecException(
+            "Wrong key type or unsupported (private) key specification");
       }
-
-    throw new InvalidKeySpecException("Wrong key type or unsupported key specification");
+    throw new InvalidKeySpecException(
+        "Wrong key type or unsupported key specification");
   }
 
   protected Key engineTranslateKey(Key key) throws InvalidKeyException
@@ -235,7 +212,6 @@ public class RSAKeyFactory
         BigInteger e = rsaKey.getPublicExponent();
         return new GnuRSAPublicKey(Registry.X509_ENCODING_ID, n, e);
       }
-
     if (key instanceof RSAPrivateCrtKey)
       {
         RSAPrivateCrtKey rsaKey = (RSAPrivateCrtKey) key;
@@ -250,16 +226,6 @@ public class RSAKeyFactory
         return new GnuRSAPrivateKey(Registry.PKCS8_ENCODING_ID,
                                     n, e, d, p, q, dP, dQ, qInv);
       }
-
-//    if (key instanceof RSAPrivateKey)
-//      {
-//        RSAPrivateKey rsaKey = (RSAPrivateKey) key;
-//        BigInteger n = rsaKey.getModulus();
-//        BigInteger d = rsaKey.getPrivateExponent();
-//        return new GnuRSAPrivateKey(Registry.PKCS8_ENCODING_ID,
-//                                    n, null, d, null, null, null, null, null);
-//      }
-
     throw new InvalidKeyException("Unsupported key type");
   }
 }
diff --git a/libjava/classpath/gnu/java/security/jce/sig/RSAKeyPairGeneratorSpi.java b/libjava/classpath/gnu/java/security/jce/sig/RSAKeyPairGeneratorSpi.java
index 24dc7c50177..ef53b81159c 100644
--- a/libjava/classpath/gnu/java/security/jce/sig/RSAKeyPairGeneratorSpi.java
+++ b/libjava/classpath/gnu/java/security/jce/sig/RSAKeyPairGeneratorSpi.java
@@ -49,43 +49,29 @@ import java.util.HashMap;
 
 /**
  * The implementation of a {@link java.security.KeyPairGenerator} adapter class
- * to wrap gnu.crypto RSA keypair generator instances.<p>
- *
- * In case the client does not explicitly initialize the KeyPairGenerator (via
- * a call to an <code>initialize()</code> method), the GNU Crypto provider
- * uses a default <i>modulus</i> size (keysize) of 1024 bits.<p>
+ * to wrap GNU RSA keypair generator instances.
+ * <p>
+ * In case the client does not explicitly initialize the KeyPairGenerator (via a
+ * call to an <code>initialize()</code> method), the GNU provider uses a
+ * default <i>modulus</i> size (keysize) of 1024 bits.
  */
-public class RSAKeyPairGeneratorSpi extends KeyPairGeneratorAdapter
+public class RSAKeyPairGeneratorSpi
+    extends KeyPairGeneratorAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public RSAKeyPairGeneratorSpi()
   {
     super(Registry.RSA_KPG);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   public void initialize(int keysize, SecureRandom random)
   {
     HashMap attributes = new HashMap();
-    attributes.put(RSAKeyPairGenerator.MODULUS_LENGTH, new Integer(keysize));
+    attributes.put(RSAKeyPairGenerator.MODULUS_LENGTH, Integer.valueOf(keysize));
     if (random != null)
-      {
-        attributes.put(RSAKeyPairGenerator.SOURCE_OF_RANDOMNESS, random);
-      }
+      attributes.put(RSAKeyPairGenerator.SOURCE_OF_RANDOMNESS, random);
 
     attributes.put(RSAKeyPairGenerator.PREFERRED_ENCODING_FORMAT,
-                   new Integer(Registry.ASN1_ENCODING_ID));
+                   Integer.valueOf(Registry.ASN1_ENCODING_ID));
     adaptee.setup(attributes);
   }
 
@@ -95,21 +81,16 @@ public class RSAKeyPairGeneratorSpi extends KeyPairGeneratorAdapter
     HashMap attributes = new HashMap();
     if (params != null)
       {
-        if (!(params instanceof RSAKeyGenParameterSpec))
-          {
-            throw new InvalidAlgorithmParameterException("params");
-          }
+        if (! (params instanceof RSAKeyGenParameterSpec))
+          throw new InvalidAlgorithmParameterException("params");
 
         attributes.put(RSAKeyPairGenerator.RSA_PARAMETERS, params);
       }
-
     if (random != null)
-      {
-        attributes.put(RSAKeyPairGenerator.SOURCE_OF_RANDOMNESS, random);
-      }
+      attributes.put(RSAKeyPairGenerator.SOURCE_OF_RANDOMNESS, random);
 
     attributes.put(RSAKeyPairGenerator.PREFERRED_ENCODING_FORMAT,
-                   new Integer(Registry.ASN1_ENCODING_ID));
+                   Integer.valueOf(Registry.ASN1_ENCODING_ID));
     adaptee.setup(attributes);
   }
 }
diff --git a/libjava/classpath/gnu/java/security/jce/sig/RSAPSSRawSignatureSpi.java b/libjava/classpath/gnu/java/security/jce/sig/RSAPSSRawSignatureSpi.java
index f3548d884d6..f1ccbde4dc2 100644
--- a/libjava/classpath/gnu/java/security/jce/sig/RSAPSSRawSignatureSpi.java
+++ b/libjava/classpath/gnu/java/security/jce/sig/RSAPSSRawSignatureSpi.java
@@ -42,26 +42,15 @@ import gnu.java.security.Registry;
 import gnu.java.security.sig.rsa.RSAPSSSignatureRawCodec;
 
 /**
- * The implementation of <i>Service Provider Interface</i> (<b>SPI</b>) adapter
- * for the RSA-PSS signature scheme, encoded and/or decoded in RAW format.<p>
+ * The implementation of <i>Service Provider Interface</i> (<b>SPI</b>)
+ * adapter for the RSA-PSS signature scheme, encoded and/or decoded in RAW
+ * format.
  */
-public class RSAPSSRawSignatureSpi extends SignatureAdapter
+public class RSAPSSRawSignatureSpi
+    extends SignatureAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public RSAPSSRawSignatureSpi()
   {
     super(Registry.RSA_PSS_SIG, new RSAPSSSignatureRawCodec());
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/java/security/jce/sig/SignatureAdapter.java b/libjava/classpath/gnu/java/security/jce/sig/SignatureAdapter.java
index 4dcbe78e570..a65d727eed3 100644
--- a/libjava/classpath/gnu/java/security/jce/sig/SignatureAdapter.java
+++ b/libjava/classpath/gnu/java/security/jce/sig/SignatureAdapter.java
@@ -38,6 +38,7 @@ exception statement from your version.  */
 
 package gnu.java.security.jce.sig;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.sig.BaseSignature;
 import gnu.java.security.sig.ISignature;
 import gnu.java.security.sig.ISignatureCodec;
@@ -57,38 +58,34 @@ import java.util.logging.Logger;
 
 /**
  * The implementation of a generic {@link java.security.Signature} adapter class
- * to wrap gnu.crypto signature instances.<p>
- *
- * This class defines the <i>Service Provider Interface</i> (<b>SPI</b>) for the
- * {@link java.security.Signature} class, which provides the functionality of a
- * digital signature algorithm. Digital signatures are used for authentication
- * and integrity assurance of digital data.<p>
- *
- * All the abstract methods in the {@link java.security.SignatureSpi} class are
- * implemented by this class and all its sub-classes.<p>
- *
+ * to wrap GNU signature instances.
+ * <p>
+ * This class defines the <i>Service Provider Interface</i> (<b>SPI</b>) for
+ * the {@link java.security.Signature} class, which provides the functionality
+ * of a digital signature algorithm. Digital signatures are used for
+ * authentication and integrity assurance of digital data.
+ * <p>
+ * All the abstract methods in the {@link SignatureSpi} class are implemented by
+ * this class and all its sub-classes.
+ * <p>
  * All the implementations which subclass this object, and which are serviced by
- * the GNU Crypto provider implement the {@link java.lang.Cloneable} interface.<p>
+ * the GNU provider implement the {@link Cloneable} interface.
  */
-class SignatureAdapter extends SignatureSpi implements Cloneable
+class SignatureAdapter
+    extends SignatureSpi
+    implements Cloneable
 {
   private static final Logger log = Logger.getLogger(SignatureAdapter.class.getName());
 
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** Our underlying signature instance. */
   private ISignature adaptee;
 
   /** Our underlying signature encoder/decoder engine. */
   private ISignatureCodec codec;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
-   * Trivial protected constructor.<p>
-   *
+   * Trivial protected constructor.
+   * 
    * @param sigName the canonical name of the signature scheme.
    * @param codec the signature codec engine to use with this scheme.
    */
@@ -98,8 +95,8 @@ class SignatureAdapter extends SignatureSpi implements Cloneable
   }
 
   /**
-   * Private constructor for cloning purposes.<p>
-   *
+   * Private constructor for cloning purposes.
+   * 
    * @param adaptee a clone of the underlying signature scheme instance.
    * @param codec the signature codec engine to use with this scheme.
    */
@@ -111,12 +108,6 @@ class SignatureAdapter extends SignatureSpi implements Cloneable
     this.codec = codec;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // java.security.SignatureSpi interface implementation
-  // -------------------------------------------------------------------------
-
   public Object clone()
   {
     return new SignatureAdapter((ISignature) adaptee.clone(), codec);
@@ -132,7 +123,7 @@ class SignatureAdapter extends SignatureSpi implements Cloneable
       }
     catch (IllegalArgumentException x)
       {
-        throw new InvalidKeyException(String.valueOf(x));
+        throw new InvalidKeyException(x.getMessage(), x);
       }
   }
 
@@ -146,7 +137,7 @@ class SignatureAdapter extends SignatureSpi implements Cloneable
       }
     catch (IllegalArgumentException x)
       {
-        throw new InvalidKeyException(String.valueOf(x));
+        throw new InvalidKeyException(x.getMessage(), x);
       }
   }
 
@@ -162,7 +153,7 @@ class SignatureAdapter extends SignatureSpi implements Cloneable
       }
     catch (IllegalArgumentException x)
       {
-        throw new InvalidKeyException(String.valueOf(x));
+        throw new InvalidKeyException(x.getMessage(), x);
       }
   }
 
@@ -174,7 +165,7 @@ class SignatureAdapter extends SignatureSpi implements Cloneable
       }
     catch (IllegalStateException x)
       {
-        throw new SignatureException(String.valueOf(x));
+        throw new SignatureException(x.getMessage(), x);
       }
   }
 
@@ -187,7 +178,7 @@ class SignatureAdapter extends SignatureSpi implements Cloneable
       }
     catch (IllegalStateException x)
       {
-        throw new SignatureException(String.valueOf(x));
+        throw new SignatureException(x.getMessage(), x);
       }
   }
 
@@ -200,9 +191,8 @@ class SignatureAdapter extends SignatureSpi implements Cloneable
       }
     catch (IllegalStateException x)
       {
-        throw new SignatureException(String.valueOf(x));
+        throw new SignatureException(x.getMessage(), x);
       }
-
     byte[] result = codec.encodeSignature(signature);
     return result;
   }
@@ -213,9 +203,7 @@ class SignatureAdapter extends SignatureSpi implements Cloneable
     byte[] signature = this.engineSign();
     int result = signature.length;
     if (result > len)
-      {
-        throw new SignatureException("len");
-      }
+      throw new SignatureException("Not enough room to store signature");
 
     System.arraycopy(signature, 0, outbuf, offset, result);
     return result;
@@ -223,8 +211,8 @@ class SignatureAdapter extends SignatureSpi implements Cloneable
 
   public boolean engineVerify(byte[] sigBytes) throws SignatureException
   {
-    log.entering("SignatureAdapter", "engineVerify");
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "engineVerify");
     Object signature = codec.decodeSignature(sigBytes);
     boolean result = false;
     try
@@ -233,10 +221,11 @@ class SignatureAdapter extends SignatureSpi implements Cloneable
       }
     catch (IllegalStateException x)
       {
-        throw new SignatureException(String.valueOf(x));
+        throw new SignatureException(x.getMessage(), x);
       }
-
-    log.exiting("SignatureAdapter", "engineVerify", new Boolean(result));
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "engineVerify",
+                  Boolean.valueOf(result));
     return result;
   }
 
diff --git a/libjava/classpath/gnu/java/security/key/IKeyPairCodec.java b/libjava/classpath/gnu/java/security/key/IKeyPairCodec.java
index 965a317d4ff..f09743d2b60 100644
--- a/libjava/classpath/gnu/java/security/key/IKeyPairCodec.java
+++ b/libjava/classpath/gnu/java/security/key/IKeyPairCodec.java
@@ -44,16 +44,13 @@ import java.security.PrivateKey;
 import java.security.PublicKey;
 
 /**
- * <p>The visible methods of an object that knows how to encode and decode
+ * The visible methods of an object that knows how to encode and decode
  * cryptographic asymmetric keypairs. Codecs are useful for (a) externalising
  * public and private keys for storage and on-the-wire transmission, as well as
- * (b) re-creating their internal Java representation from external sources.</p>
+ * (b) re-creating their internal Java representation from external sources.
  */
 public interface IKeyPairCodec
 {
-  // Constants
-  // -------------------------------------------------------------------------
-
   /** Constant identifying the <i>Raw</i> encoding format. */
   int RAW_FORMAT = Registry.RAW_ENCODING_ID;
 
@@ -69,62 +66,59 @@ public interface IKeyPairCodec
    */
   int ASN1_FORMAT = Registry.ASN1_ENCODING_ID;
 
-  // Method(s)
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns the unique identifier (within this library) of the format used
-   * to externalise public and private keys.</p>
-   *
+   * Returns the unique identifier (within this library) of the format used to
+   * externalise public and private keys.
+   * 
    * @return the identifier of the format, the object supports.
    */
   int getFormatID();
 
   /**
-   * <p>Encodes an instance of a public key for storage or transmission purposes.</p>
-   *
+   * Encodes an instance of a public key for storage or transmission purposes.
+   * 
    * @param key the non-null key to encode.
    * @return a byte sequence representing the encoding of the designated key
-   * according to the format supported by this codec.
+   *         according to the format supported by this codec.
    * @exception IllegalArgumentException if the designated key is not supported
-   * by this codec.
+   *              by this codec.
    */
   byte[] encodePublicKey(PublicKey key);
 
   /**
-   * <p>Encodes an instance of a private key for storage or transmission purposes.</p>
-   *
+   * Encodes an instance of a private key for storage or transmission purposes.
+   * 
    * @param key the non-null key to encode.
    * @return a byte sequence representing the encoding of the designated key
-   * according to the format supported by this codec.
+   *         according to the format supported by this codec.
    * @exception IllegalArgumentException if the designated key is not supported
-   * by this codec.
+   *              by this codec.
    */
   byte[] encodePrivateKey(PrivateKey key);
 
   /**
-   * <p>Decodes an instance of an external public key into its native Java
-   * representation.</p>
-   *
+   * Decodes an instance of an external public key into its native Java
+   * representation.
+   * 
    * @param input the source of the externalised key to decode.
    * @return a concrete instance of a public key, reconstructed from the
-   * designated input.
+   *         designated input.
    * @exception IllegalArgumentException if the designated input does not
-   * contain a known representation of a public key for the format supported by
-   * the concrete codec.
+   *              contain a known representation of a public key for the format
+   *              supported by the concrete codec.
    */
   PublicKey decodePublicKey(byte[] input);
 
   /**
-   * <p>Decodes an instance of an external private key into its native Java
-   * representation.</p>
-   *
+   * Decodes an instance of an external private key into its native Java
+   * representation.
+   * 
    * @param input the source of the externalised key to decode.
    * @return a concrete instance of a private key, reconstructed from the
-   * designated input.
+   *         designated input.
    * @exception IllegalArgumentException if the designated input does not
-   * contain a known representation of a private key for the format supported
-   * by the concrete codec.
+   *              contain a known representation of a private key for the format
+   *              supported by the concrete codec.
    */
   PrivateKey decodePrivateKey(byte[] input);
 }
diff --git a/libjava/classpath/gnu/java/security/key/IKeyPairGenerator.java b/libjava/classpath/gnu/java/security/key/IKeyPairGenerator.java
index 2e0b299286b..8d7842e935f 100644
--- a/libjava/classpath/gnu/java/security/key/IKeyPairGenerator.java
+++ b/libjava/classpath/gnu/java/security/key/IKeyPairGenerator.java
@@ -42,38 +42,31 @@ import java.security.KeyPair;
 import java.util.Map;
 
 /**
- * The visible methods of every asymmetric keypair generator.<p>
+ * The visible methods of every asymmetric keypair generator.
  */
 public interface IKeyPairGenerator
 {
-
-  // Constants
-  // -------------------------------------------------------------------------
-
-  // Methods
-  // -------------------------------------------------------------------------
-
   /**
-   * Returns the canonical name of this keypair generator.<p>
-   *
+   * Returns the canonical name of this keypair generator.
+   * 
    * @return the canonical name of this instance.
    */
   String name();
 
   /**
-   * [Re]-initialises this instance for use with a given set of attributes.<p>
-   *
+   * [Re]-initialises this instance for use with a given set of attributes.
+   * 
    * @param attributes a map of name/value pairs to use for setting up the
-   * instance.
+   *          instance.
    * @exception IllegalArgumentException if at least one of the mandatory
-   * attributes is missing or an invalid value was specified.
+   *              attributes is missing or an invalid value was specified.
    */
   void setup(Map attributes);
 
   /**
    * Generates a new keypair based on the attributes used to configure the
    * instance.
-   *
+   * 
    * @return a new keypair.
    */
   KeyPair generate();
diff --git a/libjava/classpath/gnu/java/security/key/KeyPairCodecFactory.java b/libjava/classpath/gnu/java/security/key/KeyPairCodecFactory.java
index 1a8b8aa0388..e68a7d65c3a 100644
--- a/libjava/classpath/gnu/java/security/key/KeyPairCodecFactory.java
+++ b/libjava/classpath/gnu/java/security/key/KeyPairCodecFactory.java
@@ -207,10 +207,8 @@ public class KeyPairCodecFactory
         hs.add(Registry.RSA_KPG + "/" + Registry.PKCS8_ENCODING_SHORT_NAME);
         hs.add(Registry.DH_KPG + "/" + Registry.RAW_ENCODING_SHORT_NAME);
         hs.add(Registry.SRP_KPG + "/" + Registry.RAW_ENCODING_SHORT_NAME);
-
         names = Collections.unmodifiableSet(hs);
       }
-
     return names;
   }
 
diff --git a/libjava/classpath/gnu/java/security/key/KeyPairGeneratorFactory.java b/libjava/classpath/gnu/java/security/key/KeyPairGeneratorFactory.java
index 8c2f348c9c7..4872fc3d1a1 100644
--- a/libjava/classpath/gnu/java/security/key/KeyPairGeneratorFactory.java
+++ b/libjava/classpath/gnu/java/security/key/KeyPairGeneratorFactory.java
@@ -48,68 +48,48 @@ import java.util.HashSet;
 import java.util.Set;
 
 /**
- * <p>A Factory to instantiate asymmetric keypair generators.</p>
+ * A Factory to instantiate asymmetric keypair generators.
  */
 public class KeyPairGeneratorFactory
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial constructor to enforce Singleton pattern. */
   private KeyPairGeneratorFactory()
   {
     super();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns an instance of a keypair generator given its name.</p>
-   *
+   * Returns an instance of a keypair generator given its name.
+   * 
    * @param name the case-insensitive key generator name.
-   * @return an instance of the keypair generator, or <code>null</code> if none
-   * found.
+   * @return an instance of the keypair generator, or <code>null</code> if
+   *         none found.
    */
   public static IKeyPairGenerator getInstance(String name)
   {
     if (name == null)
-      {
-        return null;
-      }
+      return null;
 
     name = name.trim();
     IKeyPairGenerator result = null;
     if (name.equalsIgnoreCase(Registry.DSA_KPG)
         || name.equalsIgnoreCase(Registry.DSS_KPG))
-      {
-        result = new DSSKeyPairGenerator();
-      }
+      result = new DSSKeyPairGenerator();
     else if (name.equalsIgnoreCase(Registry.RSA_KPG))
-      {
-        result = new RSAKeyPairGenerator();
-      }
+      result = new RSAKeyPairGenerator();
     else if (name.equalsIgnoreCase(Registry.DH_KPG))
-      {
-        result = makeInstance ("gnu.javax.crypto.key.dh.GnuDHKeyPairGenerator");
-      }
+      result = makeInstance("gnu.javax.crypto.key.dh.GnuDHKeyPairGenerator");
     else if (name.equalsIgnoreCase(Registry.SRP_KPG))
-      {
-        result = makeInstance ("gnu.javax.crypto.key.srp6.SRPKeyPairGenerator");
-      }
+      result = makeInstance("gnu.javax.crypto.key.srp6.SRPKeyPairGenerator");
 
     return result;
   }
 
   /**
-   * <p>Returns a {@link Set} of keypair generator names supported by this
+   * Returns a {@link Set} of keypair generator names supported by this
    * <i>Factory</i>. Those keypair generators may be used in conjunction with
-   * the digital signature schemes with appendix supported by this library.</p>
-   *
+   * the digital signature schemes with appendix supported by this library.
+   * 
    * @return a {@link Set} of keypair generator names (Strings).
    */
   public static final Set getNames()
@@ -120,26 +100,21 @@ public class KeyPairGeneratorFactory
     hs.add(Registry.RSA_KPG);
     hs.add(Registry.DH_KPG);
     hs.add(Registry.SRP_KPG);
-
     return Collections.unmodifiableSet(hs);
   }
 
-  private static IKeyPairGenerator makeInstance (String clazz)
+  private static IKeyPairGenerator makeInstance(String clazz)
   {
     try
       {
-        Class c = Class.forName (clazz);
-        Constructor ctor = c.getConstructor (new Class[0]);
-        return (IKeyPairGenerator) ctor.newInstance (new Object[0]);
+        Class c = Class.forName(clazz);
+        Constructor ctor = c.getConstructor(new Class[0]);
+        return (IKeyPairGenerator) ctor.newInstance(new Object[0]);
       }
     catch (Exception x)
       {
         throw new IllegalArgumentException(
-            "strong crypto key pair generator not available: " + clazz,
-            x);
+            "strong crypto key pair generator not available: " + clazz, x);
       }
   }
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/java/security/key/dss/DSSKey.java b/libjava/classpath/gnu/java/security/key/dss/DSSKey.java
index 40aaea89352..657de8dd02d 100644
--- a/libjava/classpath/gnu/java/security/key/dss/DSSKey.java
+++ b/libjava/classpath/gnu/java/security/key/dss/DSSKey.java
@@ -38,74 +38,77 @@ exception statement from your version.  */
 
 package gnu.java.security.key.dss;
 
-import gnu.classpath.SystemProperties;
 import gnu.java.security.Registry;
+import gnu.java.security.action.GetPropertyAction;
 import gnu.java.security.util.FormatUtil;
 
 import java.math.BigInteger;
+import java.security.AccessController;
 import java.security.Key;
 import java.security.interfaces.DSAKey;
 import java.security.interfaces.DSAParams;
 import java.security.spec.DSAParameterSpec;
 
 /**
- * <p>A base asbtract class for both public and private DSS (Digital Signature
+ * A base asbtract class for both public and private DSS (Digital Signature
  * Standard) keys. It encapsulates the three DSS numbers: <code>p</code>,
- * <code>q</code> and <code>g</code>.</p>
- *
- * <p>According to the JDK, cryptographic <i>Keys</i> all have a <i>format</i>.
+ * <code>q</code> and <code>g</code>.
+ * <p>
+ * According to the JDK, cryptographic <i>Keys</i> all have a <i>format</i>.
  * The format used in this implementation is called <i>Raw</i>, and basically
  * consists of the raw byte sequences of algorithm parameters. The exact order
- * of the byte sequences and the implementation details are given in each of
- * the relevant <code>getEncoded()</code> methods of each of the private and
- * public keys.</p>
- *
+ * of the byte sequences and the implementation details are given in each of the
+ * relevant <code>getEncoded()</code> methods of each of the private and
+ * public keys.
+ * <p>
+ * <b>IMPORTANT</b>: Under certain circumstances (e.g. in an X.509 certificate
+ * with inherited AlgorithmIdentifier's parameters of a SubjectPublicKeyInfo
+ * element) these three MPIs may be <code>null</code>.
+ * 
  * @see DSSPrivateKey#getEncoded
  * @see DSSPublicKey#getEncoded
  */
-public abstract class DSSKey implements Key, DSAKey
+public abstract class DSSKey
+    implements Key, DSAKey
 {
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /**
-   * A prime modulus, where <code>2<sup>L-1</sup> &lt; p &lt; 2<sup>L</sup></code>
-   * for <code>512 &lt;= L &lt;= 1024</code> and <code>L</code> a multiple of
+   * A prime modulus, where
+   * <code>2<sup>L-1</sup> &lt; p &lt; 2<sup>L</sup></code> for
+   * <code>512 &lt;= L &lt;= 1024</code> and <code>L</code> a multiple of
    * <code>64</code>.
    */
   protected final BigInteger p;
 
   /**
-   * A prime divisor of <code>p - 1</code>, where <code>2<sup>159</sup> &lt; q
+   * A prime divisor of <code>p - 1</code>, where
+   * <code>2<sup>159</sup> &lt; q
    * &lt; 2<sup>160</sup></code>.
    */
   protected final BigInteger q;
 
   /**
-   * <code>g = h<sup>(p-1)</sup>/q mod p</code>, where <code>h</code> is any
-   * integer with <code>1 &lt; h &lt; p - 1</code> such that <code>h<sup>
-   * (p-1)</sup>/q mod p > 1</code> (<code>g</code> has order <code>q mod p
+   * <code>g = h<sup>(p-1)</sup>/q mod p</code>, where <code>h</code> is
+   * any integer with <code>1 &lt; h &lt; p - 1</code> such that <code>h<sup>
+   * (p-1)</sup>/q mod p > 1</code> (<code>g</code>
+   * has order <code>q mod p
    * </code>).
    */
   protected final BigInteger g;
 
   /**
-   * Identifier of the default encoding format to use when externalizing the
-   * key material.
+   * Identifier of the default encoding format to use when externalizing the key
+   * material.
    */
   protected final int defaultFormat;
 
   /** String representation of this key. Cached for speed. */
   private transient String str;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
    * Trivial protected constructor.
    * 
    * @param defaultFormat the identifier of the encoding format to use by
-   * default when externalizing the key.
+   *          default when externalizing the key.
    * @param p the DSS parameter <code>p</code>.
    * @param q the DSS parameter <code>q</code>.
    * @param g the DSS parameter <code>g</code>.
@@ -121,21 +124,11 @@ public abstract class DSSKey implements Key, DSAKey
     this.g = g;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.security.interfaces.DSAKey interface implementation ----------------
-
   public DSAParams getParams()
   {
     return new DSAParameterSpec(p, q, g);
   }
 
-  // java.security.Key interface implementation ------------------------------
-
   public String getAlgorithm()
   {
     return Registry.DSS_KPG;
@@ -152,27 +145,31 @@ public abstract class DSSKey implements Key, DSAKey
     return FormatUtil.getEncodingShortName(defaultFormat);
   }
 
-  // Other instance methods --------------------------------------------------
-
   /**
-   * <p>Returns <code>true</code> if the designated object is an instance of
+   * Returns <code>true</code> if the designated object is an instance of
    * {@link DSAKey} and has the same DSS (Digital Signature Standard) parameter
-   * values as this one.</p>
-   *
+   * values as this one.
+   * <p>
+   * Always returns <code>false</code> if the MPIs of this key are
+   * <i>inherited</i>. This may be the case when the key is re-constructed from
+   * an X.509 certificate with absent or NULL AlgorithmIdentifier's parameters
+   * field.
+   * 
    * @param obj the other non-null DSS key to compare to.
-   * @return <code>true</code> if the designated object is of the same type and
-   * value as this one.
+   * @return <code>true</code> if the designated object is of the same type
+   *         and value as this one.
    */
   public boolean equals(Object obj)
   {
+    if (hasInheritedParameters())
+      return false;
+
     if (obj == null)
-      {
-        return false;
-      }
-    if (!(obj instanceof DSAKey))
-      {
-        return false;
-      }
+      return false;
+
+    if (! (obj instanceof DSAKey))
+      return false;
+
     DSAKey that = (DSAKey) obj;
     return p.equals(that.getParams().getP())
            && q.equals(that.getParams().getQ())
@@ -183,19 +180,32 @@ public abstract class DSSKey implements Key, DSAKey
   {
     if (str == null)
       {
-        String ls = SystemProperties.getProperty("line.separator");
-        str = new StringBuilder().append(ls)
-        .append("defaultFormat=").append(defaultFormat).append(",").append(ls)
-        .append("p=0x").append(p.toString(16)).append(",").append(ls)
-        .append("q=0x").append(q.toString(16)).append(",").append(ls)
-        .append("g=0x").append(g.toString(16))
-        .toString();
+        String ls = (String) AccessController.doPrivileged(new GetPropertyAction("line.separator"));
+        StringBuilder sb = new StringBuilder(ls)
+            .append("defaultFormat=").append(defaultFormat).append(",")
+            .append(ls);
+        if (hasInheritedParameters())
+          sb.append("p=inherited,").append(ls)
+              .append("q=inherited,").append(ls)
+              .append("g=inherited");
+        else
+          sb.append("p=0x").append(p.toString(16)).append(",").append(ls)
+              .append("q=0x").append(q.toString(16)).append(",").append(ls)
+              .append("g=0x").append(g.toString(16));
+        str = sb.toString();
       }
-
     return str;
   }
 
-  // abstract methods to be implemented by subclasses ------------------------
-
   public abstract byte[] getEncoded(int format);
+
+  /**
+   * @return <code>true</code> if <code>p</code>, <code>q</code> and
+   *         <code>g</code> are all <code>null</code>. Returns
+   *         <code>false</code> otherwise.
+   */
+  public boolean hasInheritedParameters()
+  {
+    return p == null && q == null && g == null;
+  }
 }
diff --git a/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairGenerator.java b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairGenerator.java
index 5aa746147eb..1bad0b62ed6 100644
--- a/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairGenerator.java
+++ b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairGenerator.java
@@ -38,12 +38,12 @@ exception statement from your version.  */
 
 package gnu.java.security.key.dss;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.Registry;
 import gnu.java.security.hash.Sha160;
 import gnu.java.security.key.IKeyPairGenerator;
 import gnu.java.security.util.PRNG;
 
-import java.io.PrintWriter;
 import java.math.BigInteger;
 import java.security.KeyPair;
 import java.security.PrivateKey;
@@ -51,76 +51,57 @@ import java.security.PublicKey;
 import java.security.SecureRandom;
 import java.security.spec.DSAParameterSpec;
 import java.util.Map;
+import java.util.logging.Logger;
 
 /**
- * <p>A key-pair generator for asymetric keys to use in conjunction with the DSS
- * (Digital Signature Standard).</p>
- *
- * References:<br>
+ * A key-pair generator for asymetric keys to use in conjunction with the DSS
+ * (Digital Signature Standard).
+ * <p>
+ * References:
+ * <p>
  * <a href="http://www.itl.nist.gov/fipspubs/fip186.htm">Digital Signature
- * Standard (DSS)</a>, Federal Information Processing Standards Publication 186.
- * National Institute of Standards and Technology.
+ * Standard (DSS)</a>, Federal Information Processing Standards Publication
+ * 186. National Institute of Standards and Technology.
  */
-public class DSSKeyPairGenerator implements IKeyPairGenerator
+public class DSSKeyPairGenerator
+    implements IKeyPairGenerator
 {
-
-  // Debugging methods and variables
-  // -------------------------------------------------------------------------
-
-  private static final String NAME = "dss";
-
-  private static final boolean DEBUG = false;
-
-  private static final int debuglevel = 5;
-
-  private static final PrintWriter err = new PrintWriter(System.out, true);
-
-  private static void debug(String s)
-  {
-    err.println(">>> " + NAME + ": " + s);
-  }
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
+  private static final Logger log = Logger.getLogger(DSSKeyPairGenerator.class.getName());
 
   /** The BigInteger constant 2. */
-  private static final BigInteger TWO = new BigInteger("2");
+  private static final BigInteger TWO = BigInteger.valueOf(2L);
 
   /** Property name of the length (Integer) of the modulus (p) of a DSS key. */
   public static final String MODULUS_LENGTH = "gnu.crypto.dss.L";
 
   /**
    * Property name of the Boolean indicating wether or not to use default pre-
-   * computed values of <code>p</code>, <code>q</code> and <code>g</code> for
-   * a given modulus length. The ultimate behaviour of this generator with
+   * computed values of <code>p</code>, <code>q</code> and <code>g</code>
+   * for a given modulus length. The ultimate behaviour of this generator with
    * regard to using pre-computed parameter sets will depend on the value of
    * this property and of the following one {@link #STRICT_DEFAULTS}:
-   * 
    * <ol>
-   *   <li>If this property is {@link Boolean#FALSE} then this generator
-   *   will accept being setup for generating parameters for any modulus length
-   *   provided the modulus length is between <code>512</code> and
-   *   <code>1024</code>, and is of the form <code>512 + 64 * n</code>. In
-   *   addition, a new paramter set will always be generated; i.e. no pre-
-   *   computed values are used.</li>
-   *   
-   *   <li>If this property is {@link Boolean#TRUE} and the value of
-   *   {@link #STRICT_DEFAULTS} is also {@link Boolean#TRUE} then this generator
-   *   will only accept being setup for generating parameters for modulus
-   *   lengths of <code>512</code>, <code>768</code> and <code>1024</code>. Any
-   *   other value, of the modulus length, even if between <code>512</code> and
-   *   <code>1024</code>, and of the form <code>512 + 64 * n</code>, will cause
-   *   an {@link IllegalArgumentException} to be thrown. When those modulus
-   *   length (<code>512</code>, <code>768</code>, and <code>1024</code>) are
-   *   specified, the paramter set is always the same.</li>
-   *   
-   *   <li>Finally, if this property is {@link Boolean#TRUE} and the value of
-   *   {@link #STRICT_DEFAULTS} is {@link Boolean#FALSE} then this generator
-   *   will behave as in point 1 above, except that it will use pre-computed
-   *   values when possible; i.e. the modulus length is one of <code>512</code>,
-   *   <code>768</code>, or <code>1024</code>.</li>
+   * <li>If this property is {@link Boolean#FALSE} then this generator will
+   * accept being setup for generating parameters for any modulus length
+   * provided the modulus length is between <code>512</code> and
+   * <code>1024</code>, and is of the form <code>512 + 64 * n</code>. In
+   * addition, a new paramter set will always be generated; i.e. no pre-
+   * computed values are used.</li>
+   * <li>If this property is {@link Boolean#TRUE} and the value of
+   * {@link #STRICT_DEFAULTS} is also {@link Boolean#TRUE} then this generator
+   * will only accept being setup for generating parameters for modulus lengths
+   * of <code>512</code>, <code>768</code> and <code>1024</code>. Any
+   * other value, of the modulus length, even if between <code>512</code> and
+   * <code>1024</code>, and of the form <code>512 + 64 * n</code>, will
+   * cause an {@link IllegalArgumentException} to be thrown. When those modulus
+   * length (<code>512</code>, <code>768</code>, and <code>1024</code>)
+   * are specified, the paramter set is always the same.</li>
+   * <li>Finally, if this property is {@link Boolean#TRUE} and the value of
+   * {@link #STRICT_DEFAULTS} is {@link Boolean#FALSE} then this generator will
+   * behave as in point 1 above, except that it will use pre-computed values
+   * when possible; i.e. the modulus length is one of <code>512</code>,
+   * <code>768</code>, or <code>1024</code>.</li>
    * </ol>
-   * 
    * The default value of this property is {@link Boolean#TRUE}.
    */
   public static final String USE_DEFAULTS = "gnu.crypto.dss.use.defaults";
@@ -145,8 +126,8 @@ public class DSSKeyPairGenerator implements IKeyPairGenerator
 
   /**
    * Property name of an optional {@link DSAParameterSpec} instance to use for
-   * this generator's <code>p</code>, <code>q</code>, and <code>g</code> values.
-   * The default is to generate these values or use pre-computed ones,
+   * this generator's <code>p</code>, <code>q</code>, and <code>g</code>
+   * values. The default is to generate these values or use pre-computed ones,
    * depending on the value of the <code>USE_DEFAULTS</code> attribute.
    */
   public static final String DSS_PARAMETERS = "gnu.crypto.dss.params";
@@ -165,55 +146,41 @@ public class DSSKeyPairGenerator implements IKeyPairGenerator
   private static final int DEFAULT_ENCODING_FORMAT = Registry.RAW_ENCODING_ID;
 
   /** Initial SHS context. */
-  private static final int[] T_SHS = new int[] { 0x67452301, 0xEFCDAB89,
-                                                0x98BADCFE, 0x10325476,
-                                                0xC3D2E1F0 };
+  private static final int[] T_SHS = new int[] {
+      0x67452301, 0xEFCDAB89, 0x98BADCFE, 0x10325476, 0xC3D2E1F0
+  };
 
   // from jdk1.3.1/docs/guide/security/CryptoSpec.html#AppB
   public static final DSAParameterSpec KEY_PARAMS_512 = new DSAParameterSpec(
-                                                                             new BigInteger(
-                                                                                            "fca682ce8e12caba26efccf7110e526db078b05edecbcd1eb4a208f3ae1617ae"
-                                                                                                + "01f35b91a47e6df63413c5e12ed0899bcd132acd50d99151bdc43ee737592e17",
-                                                                                            16),
-                                                                             new BigInteger(
-                                                                                            "962eddcc369cba8ebb260ee6b6a126d9346e38c5",
-                                                                                            16),
-                                                                             new BigInteger(
-                                                                                            "678471b27a9cf44ee91a49c5147db1a9aaf244f05a434d6486931d2d14271b9e"
-                                                                                                + "35030b71fd73da179069b32e2935630e1c2062354d0da20a6c416e50be794ca4",
-                                                                                            16));
-
+      new BigInteger(
+          "fca682ce8e12caba26efccf7110e526db078b05edecbcd1eb4a208f3ae1617ae"
+        + "01f35b91a47e6df63413c5e12ed0899bcd132acd50d99151bdc43ee737592e17", 16),
+      new BigInteger("962eddcc369cba8ebb260ee6b6a126d9346e38c5", 16),
+      new BigInteger(
+          "678471b27a9cf44ee91a49c5147db1a9aaf244f05a434d6486931d2d14271b9e"
+        + "35030b71fd73da179069b32e2935630e1c2062354d0da20a6c416e50be794ca4", 16));
   public static final DSAParameterSpec KEY_PARAMS_768 = new DSAParameterSpec(
-                                                                             new BigInteger(
-                                                                                            "e9e642599d355f37c97ffd3567120b8e25c9cd43e927b3a9670fbec5d8901419"
-                                                                                                + "22d2c3b3ad2480093799869d1e846aab49fab0ad26d2ce6a22219d470bce7d77"
-                                                                                                + "7d4a21fbe9c270b57f607002f3cef8393694cf45ee3688c11a8c56ab127a3daf",
-                                                                                            16),
-                                                                             new BigInteger(
-                                                                                            "9cdbd84c9f1ac2f38d0f80f42ab952e7338bf511",
-                                                                                            16),
-                                                                             new BigInteger(
-                                                                                            "30470ad5a005fb14ce2d9dcd87e38bc7d1b1c5facbaecbe95f190aa7a31d23c4"
-                                                                                                + "dbbcbe06174544401a5b2c020965d8c2bd2171d3668445771f74ba084d2029d8"
-                                                                                                + "3c1c158547f3a9f1a2715be23d51ae4d3e5a1f6a7064f316933a346d3f529252",
-                                                                                            16));
-
+      new BigInteger(
+          "e9e642599d355f37c97ffd3567120b8e25c9cd43e927b3a9670fbec5d8901419"
+        + "22d2c3b3ad2480093799869d1e846aab49fab0ad26d2ce6a22219d470bce7d77"
+        + "7d4a21fbe9c270b57f607002f3cef8393694cf45ee3688c11a8c56ab127a3daf", 16),
+      new BigInteger("9cdbd84c9f1ac2f38d0f80f42ab952e7338bf511", 16),
+      new BigInteger(
+          "30470ad5a005fb14ce2d9dcd87e38bc7d1b1c5facbaecbe95f190aa7a31d23c4"
+        + "dbbcbe06174544401a5b2c020965d8c2bd2171d3668445771f74ba084d2029d8"
+        + "3c1c158547f3a9f1a2715be23d51ae4d3e5a1f6a7064f316933a346d3f529252", 16));
   public static final DSAParameterSpec KEY_PARAMS_1024 = new DSAParameterSpec(
-                                                                              new BigInteger(
-                                                                                             "fd7f53811d75122952df4a9c2eece4e7f611b7523cef4400c31e3f80b6512669"
-                                                                                                 + "455d402251fb593d8d58fabfc5f5ba30f6cb9b556cd7813b801d346ff26660b7"
-                                                                                                 + "6b9950a5a49f9fe8047b1022c24fbba9d7feb7c61bf83b57e7c6a8a6150f04fb"
-                                                                                                 + "83f6d3c51ec3023554135a169132f675f3ae2b61d72aeff22203199dd14801c7",
-                                                                                             16),
-                                                                              new BigInteger(
-                                                                                             "9760508f15230bccb292b982a2eb840bf0581cf5",
-                                                                                             16),
-                                                                              new BigInteger(
-                                                                                             "f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa3aea82f9574c0b3d078267"
-                                                                                                 + "5159578ebad4594fe67107108180b449167123e84c281613b7cf09328cc8a6e1"
-                                                                                                 + "3c167a8b547c8d28e0a3ae1e2bb3a675916ea37f0bfa213562f1fb627a01243b"
-                                                                                                 + "cca4f1bea8519089a883dfe15ae59f06928b665e807b552564014c3bfecf492a",
-                                                                                             16));
+      new BigInteger(
+          "fd7f53811d75122952df4a9c2eece4e7f611b7523cef4400c31e3f80b6512669"
+        + "455d402251fb593d8d58fabfc5f5ba30f6cb9b556cd7813b801d346ff26660b7"
+        + "6b9950a5a49f9fe8047b1022c24fbba9d7feb7c61bf83b57e7c6a8a6150f04fb"
+        + "83f6d3c51ec3023554135a169132f675f3ae2b61d72aeff22203199dd14801c7", 16),
+      new BigInteger("9760508f15230bccb292b982a2eb840bf0581cf5", 16),
+      new BigInteger(
+          "f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa3aea82f9574c0b3d078267"
+        + "5159578ebad4594fe67107108180b449167123e84c281613b7cf09328cc8a6e1"
+        + "3c167a8b547c8d28e0a3ae1e2bb3a675916ea37f0bfa213562f1fb627a01243b"
+        + "cca4f1bea8519089a883dfe15ae59f06928b665e807b552564014c3bfecf492a", 16));
 
   private static final BigInteger TWO_POW_160 = TWO.pow(160);
 
@@ -243,31 +210,18 @@ public class DSSKeyPairGenerator implements IKeyPairGenerator
   /** Preferred encoding format of generated keys. */
   private int preferredFormat;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
-  // implicit 0-arguments constructor
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // gnu.crypto.key.IKeyPairGenerator interface implementation ---------------
-
   public String name()
   {
     return Registry.DSS_KPG;
   }
 
   /**
-   * <p>Configures this instance.</p>
-   *
+   * Configures this instance.
+   * 
    * @param attributes the map of name/value pairs to use.
-   * @exception IllegalArgumentException if the designated MODULUS_LENGTH
-   * value is not greater than 512, less than 1024 and not of the form
-   * <code>512 + 64j</code>.
+   * @exception IllegalArgumentException if the designated MODULUS_LENGTH value
+   *              is not greater than 512, less than 1024 and not of the form
+   *              <code>512 + 64j</code>.
    */
   public void setup(Map attributes)
   {
@@ -280,9 +234,7 @@ public class DSSKeyPairGenerator implements IKeyPairGenerator
     // should we use the default pre-computed params?
     Boolean useDefaults = (Boolean) attributes.get(USE_DEFAULTS);
     if (useDefaults == null)
-      {
-        useDefaults = Boolean.TRUE;
-      }
+      useDefaults = Boolean.TRUE;
 
     Boolean strictDefaults = (Boolean) attributes.get(STRICT_DEFAULTS);
     if (strictDefaults == null)
@@ -334,16 +286,12 @@ public class DSSKeyPairGenerator implements IKeyPairGenerator
         q = null;
         g = null;
       }
-
     // do we have a SecureRandom, or should we use our own?
     rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS);
-
     // what is the preferred encoding format
     Integer formatID = (Integer) attributes.get(PREFERRED_ENCODING_FORMAT);
-    preferredFormat = formatID == null
-        ? DEFAULT_ENCODING_FORMAT
-        : formatID.intValue();
-
+    preferredFormat = formatID == null ? DEFAULT_ENCODING_FORMAT
+                                       : formatID.intValue();
     // set the seed-key
     byte[] kb = new byte[20]; // we need 160 bits of randomness
     nextRandomBytes(kb);
@@ -361,76 +309,65 @@ public class DSSKeyPairGenerator implements IKeyPairGenerator
         p = params[FIPS186.DSA_PARAMS_P];
         e = params[FIPS186.DSA_PARAMS_E];
         g = params[FIPS186.DSA_PARAMS_G];
-        if (DEBUG && debuglevel > 0)
+        if (Configuration.DEBUG)
           {
-            debug("seed: " + seed.toString(16));
-            debug("counter: " + counter.intValue());
-            debug("q: " + q.toString(16));
-            debug("p: " + p.toString(16));
-            debug("e: " + e.toString(16));
-            debug("g: " + g.toString(16));
+            log.fine("seed: " + seed.toString(16));
+            log.fine("counter: " + counter.intValue());
+            log.fine("q: " + q.toString(16));
+            log.fine("p: " + p.toString(16));
+            log.fine("e: " + e.toString(16));
+            log.fine("g: " + g.toString(16));
           }
       }
-
     BigInteger x = nextX();
     BigInteger y = g.modPow(x, p);
-
     PublicKey pubK = new DSSPublicKey(preferredFormat, p, q, g, y);
     PrivateKey secK = new DSSPrivateKey(preferredFormat, p, q, g, x);
-
     return new KeyPair(pubK, secK);
   }
 
-  // Other instance methods --------------------------------------------------
-
   /**
-   * <p>This method applies the following algorithm described in 3.1 of
-   * FIPS-186:</p>
-   *
+   * This method applies the following algorithm described in 3.1 of FIPS-186:
    * <ol>
-   *    <li>XSEED = optional user input.</li>
-   *    <li>XVAL = (XKEY + XSEED) mod 2<sup>b</sup>.</li>
-   *    <li>x = G(t, XVAL) mod q.</li>
-   *    <li>XKEY = (1 + XKEY + x) mod 2<sup>b</sup>.</li>
+   * <li>XSEED = optional user input.</li>
+   * <li>XVAL = (XKEY + XSEED) mod 2<sup>b</sup>.</li>
+   * <li>x = G(t, XVAL) mod q.</li>
+   * <li>XKEY = (1 + XKEY + x) mod 2<sup>b</sup>.</li>
    * </ol>
-   *
-   * <p>Where <code>b</code> is the length of a secret b-bit seed-key (XKEY).</p>
-   *
-   * <p>Note that in this implementation, XSEED, the optional user input, is
-   * always zero.</p>
+   * <p>
+   * Where <code>b</code> is the length of a secret b-bit seed-key (XKEY).
+   * <p>
+   * Note that in this implementation, XSEED, the optional user input, is always
+   * zero.
    */
   private synchronized BigInteger nextX()
   {
     byte[] xk = XKEY.toByteArray();
     byte[] in = new byte[64]; // 512-bit block for SHS
     System.arraycopy(xk, 0, in, 0, xk.length);
-
     int[] H = Sha160.G(T_SHS[0], T_SHS[1], T_SHS[2], T_SHS[3], T_SHS[4], in, 0);
     byte[] h = new byte[20];
     for (int i = 0, j = 0; i < 5; i++)
       {
-        h[j++] = (byte) (H[i] >>> 24);
-        h[j++] = (byte) (H[i] >>> 16);
-        h[j++] = (byte) (H[i] >>> 8);
+        h[j++] = (byte)(H[i] >>> 24);
+        h[j++] = (byte)(H[i] >>> 16);
+        h[j++] = (byte)(H[i] >>> 8);
         h[j++] = (byte) H[i];
       }
     BigInteger result = new BigInteger(1, h).mod(q);
     XKEY = XKEY.add(result).add(BigInteger.ONE).mod(TWO_POW_160);
-
     return result;
   }
 
   /**
-   * <p>Fills the designated byte array with random data.</p>
-   *
+   * Fills the designated byte array with random data.
+   * 
    * @param buffer the byte array to fill with random data.
    */
   private void nextRandomBytes(byte[] buffer)
   {
     if (rnd != null)
-      {
-        rnd.nextBytes(buffer);
-      }
+      rnd.nextBytes(buffer);
     else
       getDefaultPRNG().nextBytes(buffer);
   }
diff --git a/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairPKCS8Codec.java b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairPKCS8Codec.java
index 3a115b96378..06b8e849a50 100644
--- a/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairPKCS8Codec.java
+++ b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairPKCS8Codec.java
@@ -38,6 +38,7 @@ exception statement from your version. */
 
 package gnu.java.security.key.dss;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.OID;
 import gnu.java.security.Registry;
 import gnu.java.security.der.DER;
@@ -158,11 +159,10 @@ public class DSSKeyPairPKCS8Codec
       }
     catch (IOException e)
       {
-        InvalidParameterException y = new InvalidParameterException();
+        InvalidParameterException y = new InvalidParameterException(e.getMessage());
         y.initCause(e);
         throw y;
       }
-
     return result;
   }
 
@@ -184,8 +184,8 @@ public class DSSKeyPairPKCS8Codec
    */
   public PrivateKey decodePrivateKey(byte[] input)
   {
-    log.entering("DSSKeyPairPKCS8Codec", "decodePrivateKey");
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "decodePrivateKey");
     if (input == null)
       throw new InvalidParameterException("Input bytes MUST NOT be null");
 
@@ -226,9 +226,11 @@ public class DSSKeyPairPKCS8Codec
         g = (BigInteger) val.getValue();
 
         val = der.read();
-        log.finest("val = " + val);
+        if (Configuration.DEBUG)
+          log.fine("val = " + val);
         byte[] xBytes = (byte[]) val.getValue();
-        log.finest(Util.dumpString(xBytes, "xBytes: "));
+        if (Configuration.DEBUG)
+          log.fine(Util.dumpString(xBytes, "xBytes: "));
         DERReader der2 = new DERReader(xBytes);
         val = der2.read();
         DerUtil.checkIsBigInteger(val, "Wrong X field");
@@ -236,12 +238,12 @@ public class DSSKeyPairPKCS8Codec
       }
     catch (IOException e)
       {
-        InvalidParameterException y = new InvalidParameterException();
+        InvalidParameterException y = new InvalidParameterException(e.getMessage());
         y.initCause(e);
         throw y;
       }
-
-    log.exiting("DSSKeyPairPKCS8Codec", "decodePrivateKey");
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "decodePrivateKey");
     return new DSSPrivateKey(Registry.PKCS8_ENCODING_ID, p, q, g, x);
   }
 }
diff --git a/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairRawCodec.java b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairRawCodec.java
index 7c5491d6f37..b1135b75f1f 100644
--- a/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairRawCodec.java
+++ b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairRawCodec.java
@@ -47,91 +47,72 @@ import java.security.PrivateKey;
 import java.security.PublicKey;
 
 /**
- * <p>An object that implements the {@link IKeyPairCodec} operations for the
- * <i>Raw</i> format to use with DSS keypairs.</p>
+ * An object that implements the {@link IKeyPairCodec} operations for the
+ * <i>Raw</i> format to use with DSS keypairs.
  */
-public class DSSKeyPairRawCodec implements IKeyPairCodec
+public class DSSKeyPairRawCodec
+    implements IKeyPairCodec
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   // implicit 0-arguments constructor
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // gnu.crypto.keys.IKeyPairCodec interface implementation ------------------
-
   public int getFormatID()
   {
     return RAW_FORMAT;
   }
 
   /**
-   * <p>Returns the encoded form of the designated DSS (Digital Signature
-   * Standard) public key according to the <i>Raw</i> format supported by
-   * this library.</p>
-   *
-   * <p>The <i>Raw</i> format for a DSA public key, in this implementation, is
-   * a byte sequence consisting of the following:</p>
+   * Returns the encoded form of the designated DSS (Digital Signature Standard)
+   * public key according to the <i>Raw</i> format supported by this library.
+   * <p>
+   * The <i>Raw</i> format for a DSA public key, in this implementation, is a
+   * byte sequence consisting of the following:
    * <ol>
-   *    <li>4-byte magic consisting of the value of the literal
-   *    {@link Registry#MAGIC_RAW_DSS_PUBLIC_KEY},<li>
-   *    <li>1-byte version consisting of the constant: 0x01,</li>
-   *    <li>4-byte count of following bytes representing the DSA parameter
-   *    <code>p</code> in internet order,</li>
-   *    <li>n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the <code>toByteArray()</code> method on the DSA parameter
-   *    <code>p</code>,</li>
-   *    <li>4-byte count of following bytes representing the DSA parameter
-   *    <code>q</code>,</li>
-   *    <li>n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the <code>toByteArray()</code> method on the DSA parameter
-   *    <code>q</code>,</li>
-   *    <li>4-byte count of following bytes representing the DSA parameter
-   *    <code>g</code>,</li>
-   *    <li>n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the <code>toByteArray()</code> method on the DSA parameter
-   *    <code>g</code>,</li>
-   *    <li>4-byte count of following bytes representing the DSA parameter
-   *    <code>y</code>,</li>
-   *    <li>n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the <code>toByteArray()</code> method on the DSA parameter
-   *    <code>y</code>,</li>
+   * <li>4-byte magic consisting of the value of the literal
+   * {@link Registry#MAGIC_RAW_DSS_PUBLIC_KEY},
+   * <li>
+   * <li>1-byte version consisting of the constant: 0x01,</li>
+   * <li>4-byte count of following bytes representing the DSA parameter
+   * <code>p</code> in internet order,</li>
+   * <li>n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the <code>toByteArray()</code> method on the DSA parameter <code>p</code>,
+   * </li>
+   * <li>4-byte count of following bytes representing the DSA parameter
+   * <code>q</code>,</li>
+   * <li>n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the <code>toByteArray()</code> method on the DSA parameter <code>q</code>,
+   * </li>
+   * <li>4-byte count of following bytes representing the DSA parameter
+   * <code>g</code>,</li>
+   * <li>n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the <code>toByteArray()</code> method on the DSA parameter <code>g</code>,
+   * </li>
+   * <li>4-byte count of following bytes representing the DSA parameter
+   * <code>y</code>,</li>
+   * <li>n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the <code>toByteArray()</code> method on the DSA parameter <code>y</code>,
+   * </li>
    * </ol>
-   *
+   * 
    * @param key the key to encode.
    * @return the <i>Raw</i> format encoding of the designated key.
    * @throws IllegalArgumentException if the designated key is not a DSS
-   * (Digital Signature Standard) one.
+   *           (Digital Signature Standard) one.
    * @see Registry#MAGIC_RAW_DSS_PUBLIC_KEY
    */
   public byte[] encodePublicKey(PublicKey key)
   {
-    if (!(key instanceof DSSPublicKey))
-      {
-        throw new IllegalArgumentException("key");
-      }
+    if (! (key instanceof DSSPublicKey))
+      throw new IllegalArgumentException("key");
 
     DSSPublicKey dssKey = (DSSPublicKey) key;
     ByteArrayOutputStream baos = new ByteArrayOutputStream();
-
     // magic
     baos.write(Registry.MAGIC_RAW_DSS_PUBLIC_KEY[0]);
     baos.write(Registry.MAGIC_RAW_DSS_PUBLIC_KEY[1]);
     baos.write(Registry.MAGIC_RAW_DSS_PUBLIC_KEY[2]);
     baos.write(Registry.MAGIC_RAW_DSS_PUBLIC_KEY[3]);
-
     // version
     baos.write(0x01);
-
     // p
     byte[] buffer = dssKey.getParams().getP().toByteArray();
     int length = buffer.length;
@@ -140,7 +121,6 @@ public class DSSKeyPairRawCodec implements IKeyPairCodec
     baos.write((length >>> 8) & 0xFF);
     baos.write(length & 0xFF);
     baos.write(buffer, 0, length);
-
     // q
     buffer = dssKey.getParams().getQ().toByteArray();
     length = buffer.length;
@@ -149,7 +129,6 @@ public class DSSKeyPairRawCodec implements IKeyPairCodec
     baos.write((length >>> 8) & 0xFF);
     baos.write(length & 0xFF);
     baos.write(buffer, 0, length);
-
     // g
     buffer = dssKey.getParams().getG().toByteArray();
     length = buffer.length;
@@ -158,7 +137,6 @@ public class DSSKeyPairRawCodec implements IKeyPairCodec
     baos.write((length >>> 8) & 0xFF);
     baos.write(length & 0xFF);
     baos.write(buffer, 0, length);
-
     // y
     buffer = dssKey.getY().toByteArray();
     length = buffer.length;
@@ -167,7 +145,6 @@ public class DSSKeyPairRawCodec implements IKeyPairCodec
     baos.write((length >>> 8) & 0xFF);
     baos.write(length & 0xFF);
     baos.write(buffer, 0, length);
-
     return baos.toByteArray();
   }
 
@@ -178,112 +155,106 @@ public class DSSKeyPairRawCodec implements IKeyPairCodec
         || k[1] != Registry.MAGIC_RAW_DSS_PUBLIC_KEY[1]
         || k[2] != Registry.MAGIC_RAW_DSS_PUBLIC_KEY[2]
         || k[3] != Registry.MAGIC_RAW_DSS_PUBLIC_KEY[3])
-      {
-        throw new IllegalArgumentException("magic");
-      }
+      throw new IllegalArgumentException("magic");
 
     // version
     if (k[4] != 0x01)
-      {
-        throw new IllegalArgumentException("version");
-      }
-    int i = 5;
+      throw new IllegalArgumentException("version");
 
+    int i = 5;
     int l;
     byte[] buffer;
-
     // p
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger p = new BigInteger(1, buffer);
-
     // q
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger q = new BigInteger(1, buffer);
-
     // g
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger g = new BigInteger(1, buffer);
-
     // y
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger y = new BigInteger(1, buffer);
-
     return new DSSPublicKey(p, q, g, y);
   }
 
   /**
-   * <p>Returns the encoded form of the designated DSS (Digital Signature
-   * Standard) private key according to the <i>Raw</i> format supported by
-   * this library.</p>
-   *
-   * <p>The <i>Raw</i> format for a DSA private key, in this implementation, is
-   * a byte sequence consisting of the following:</p>
+   * Returns the encoded form of the designated DSS (Digital Signature Standard)
+   * private key according to the <i>Raw</i> format supported by this library.
+   * <p>
+   * The <i>Raw</i> format for a DSA private key, in this implementation, is a
+   * byte sequence consisting of the following:
    * <ol>
-   *    <li>4-byte magic consisting of the value of the literal
-   *    {@link Registry#MAGIC_RAW_DSS_PRIVATE_KEY},<li>
-   *    <li>1-byte version consisting of the constant: 0x01,</li>
-   *    <li>4-byte count of following bytes representing the DSA parameter
-   *    <code>p</code> in internet order,</li>
-   *    <li>n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the <code>toByteArray()</code> method on the DSA parameter
-   *    <code>p</code>,</li>
-   *    <li>4-byte count of following bytes representing the DSA parameter
-   *    <code>q</code>,</li>
-   *    <li>n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the <code>toByteArray()</code> method on the DSA parameter
-   *    <code>q</code>,</li>
-   *    <li>4-byte count of following bytes representing the DSA parameter
-   *    <code>g</code>,</li>
-   *    <li>n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the <code>toByteArray()</code> method on the DSA parameter
-   *    <code>g</code>,</li>
-   *    <li>4-byte count of following bytes representing the DSA parameter
-   *    <code>x</code>,</li>
-   *    <li>n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the <code>toByteArray()</code> method on the DSA parameter
-   *    <code>x</code>,</li>
+   * <li>4-byte magic consisting of the value of the literal
+   * {@link Registry#MAGIC_RAW_DSS_PRIVATE_KEY},
+   * <li>
+   * <li>1-byte version consisting of the constant: 0x01,</li>
+   * <li>4-byte count of following bytes representing the DSA parameter
+   * <code>p</code> in internet order,</li>
+   * <li>n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the <code>toByteArray()</code> method on the DSA parameter <code>p</code>,
+   * </li>
+   * <li>4-byte count of following bytes representing the DSA parameter
+   * <code>q</code>,</li>
+   * <li>n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the <code>toByteArray()</code> method on the DSA parameter <code>q</code>,
+   * </li>
+   * <li>4-byte count of following bytes representing the DSA parameter
+   * <code>g</code>,</li>
+   * <li>n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the <code>toByteArray()</code> method on the DSA parameter <code>g</code>,
+   * </li>
+   * <li>4-byte count of following bytes representing the DSA parameter
+   * <code>x</code>,</li>
+   * <li>n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the <code>toByteArray()</code> method on the DSA parameter <code>x</code>,
+   * </li>
    * </ol>
-   *
+   * 
    * @param key the key to encode.
    * @return the <i>Raw</i> format encoding of the designated key.
    * @throws IllegalArgumentException if the designated key is not a DSS
-   * (Digital Signature Standard) one.
+   *           (Digital Signature Standard) one.
    */
   public byte[] encodePrivateKey(PrivateKey key)
   {
-    if (!(key instanceof DSSPrivateKey))
-      {
-        throw new IllegalArgumentException("key");
-      }
+    if (! (key instanceof DSSPrivateKey))
+      throw new IllegalArgumentException("key");
 
     DSSPrivateKey dssKey = (DSSPrivateKey) key;
     ByteArrayOutputStream baos = new ByteArrayOutputStream();
-
     // magic
     baos.write(Registry.MAGIC_RAW_DSS_PRIVATE_KEY[0]);
     baos.write(Registry.MAGIC_RAW_DSS_PRIVATE_KEY[1]);
     baos.write(Registry.MAGIC_RAW_DSS_PRIVATE_KEY[2]);
     baos.write(Registry.MAGIC_RAW_DSS_PRIVATE_KEY[3]);
-
     // version
     baos.write(0x01);
-
     // p
     byte[] buffer = dssKey.getParams().getP().toByteArray();
     int length = buffer.length;
@@ -292,7 +263,6 @@ public class DSSKeyPairRawCodec implements IKeyPairCodec
     baos.write((length >>> 8) & 0xFF);
     baos.write(length & 0xFF);
     baos.write(buffer, 0, length);
-
     // q
     buffer = dssKey.getParams().getQ().toByteArray();
     length = buffer.length;
@@ -301,7 +271,6 @@ public class DSSKeyPairRawCodec implements IKeyPairCodec
     baos.write((length >>> 8) & 0xFF);
     baos.write(length & 0xFF);
     baos.write(buffer, 0, length);
-
     // g
     buffer = dssKey.getParams().getG().toByteArray();
     length = buffer.length;
@@ -310,7 +279,6 @@ public class DSSKeyPairRawCodec implements IKeyPairCodec
     baos.write((length >>> 8) & 0xFF);
     baos.write(length & 0xFF);
     baos.write(buffer, 0, length);
-
     // x
     buffer = dssKey.getX().toByteArray();
     length = buffer.length;
@@ -319,7 +287,6 @@ public class DSSKeyPairRawCodec implements IKeyPairCodec
     baos.write((length >>> 8) & 0xFF);
     baos.write(length & 0xFF);
     baos.write(buffer, 0, length);
-
     return baos.toByteArray();
   }
 
@@ -330,52 +297,51 @@ public class DSSKeyPairRawCodec implements IKeyPairCodec
         || k[1] != Registry.MAGIC_RAW_DSS_PRIVATE_KEY[1]
         || k[2] != Registry.MAGIC_RAW_DSS_PRIVATE_KEY[2]
         || k[3] != Registry.MAGIC_RAW_DSS_PRIVATE_KEY[3])
-      {
-        throw new IllegalArgumentException("magic");
-      }
+      throw new IllegalArgumentException("magic");
 
     // version
     if (k[4] != 0x01)
-      {
-        throw new IllegalArgumentException("version");
-      }
-    int i = 5;
+      throw new IllegalArgumentException("version");
 
+    int i = 5;
     int l;
     byte[] buffer;
-
     // p
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger p = new BigInteger(1, buffer);
-
     // q
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger q = new BigInteger(1, buffer);
-
     // g
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger g = new BigInteger(1, buffer);
-
     // x
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger x = new BigInteger(1, buffer);
-
     return new DSSPrivateKey(p, q, g, x);
   }
 }
diff --git a/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairX509Codec.java b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairX509Codec.java
index 516ef92afd5..a5e8e9d47eb 100644
--- a/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairX509Codec.java
+++ b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairX509Codec.java
@@ -94,9 +94,15 @@ public class DSSKeyPairX509Codec
    *     g   INTEGER
    *   }
    * </pre>
-   * 
-   * <p>The <i>subjectPublicKey</i> field, which is a BIT STRING, contains the
-   * DER-encoded form of the DSA public key as an INTEGER.</p>
+   * <p>
+   * Note that RFC-3280 (page 79) implies that some certificates MAY have an
+   * absent, or NULL, parameters field in their AlgorithmIdentifier element,
+   * implying that those parameters MUST be <i>inherited</i> from another
+   * certificate. This implementation, encodes a <i>NULL</i> element as the DER
+   * value of the parameters field when such is the case.
+   * <p>
+   * The <i>subjectPublicKey</i> field, which is a BIT STRING, contains the
+   * DER-encoded form of the DSA public key as an INTEGER.
    * 
    * <pre>
    *       DSAPublicKey ::= INTEGER -- public key, Y
@@ -118,20 +124,25 @@ public class DSSKeyPairX509Codec
     DERValue derOID = new DERValue(DER.OBJECT_IDENTIFIER, DSA_ALG_OID);
 
     DSSPublicKey dssKey = (DSSPublicKey) key;
-    BigInteger p = dssKey.getParams().getP();
-    BigInteger q = dssKey.getParams().getQ();
-    BigInteger g = dssKey.getParams().getG();
-    BigInteger y = dssKey.getY();
-
-    DERValue derP = new DERValue(DER.INTEGER, p);
-    DERValue derQ = new DERValue(DER.INTEGER, q);
-    DERValue derG = new DERValue(DER.INTEGER, g);
-
-    ArrayList params = new ArrayList(3);
-    params.add(derP);
-    params.add(derQ);
-    params.add(derG);
-    DERValue derParams = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, params);
+    DERValue derParams;
+    if (dssKey.hasInheritedParameters())
+      derParams = new DERValue(DER.NULL, null);
+    else
+      {
+        BigInteger p = dssKey.getParams().getP();
+        BigInteger q = dssKey.getParams().getQ();
+        BigInteger g = dssKey.getParams().getG();
+
+        DERValue derP = new DERValue(DER.INTEGER, p);
+        DERValue derQ = new DERValue(DER.INTEGER, q);
+        DERValue derG = new DERValue(DER.INTEGER, g);
+
+        ArrayList params = new ArrayList(3);
+        params.add(derP);
+        params.add(derQ);
+        params.add(derG);
+        derParams = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, params);
+      }
 
     ArrayList algorithmID = new ArrayList(2);
     algorithmID.add(derOID);
@@ -139,6 +150,7 @@ public class DSSKeyPairX509Codec
     DERValue derAlgorithmID = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE,
                                            algorithmID);
 
+    BigInteger y = dssKey.getY();
     DERValue derDSAPublicKey = new DERValue(DER.INTEGER, y);
     byte[] yBytes = derDSAPublicKey.getEncoded();
     DERValue derSPK = new DERValue(DER.BIT_STRING, new BitString(yBytes));
@@ -157,11 +169,10 @@ public class DSSKeyPairX509Codec
       }
     catch (IOException x)
       {
-        InvalidParameterException e = new InvalidParameterException();
+        InvalidParameterException e = new InvalidParameterException(x.getMessage());
         e.initCause(x);
         throw e;
       }
-
     return result;
   }
 
@@ -186,7 +197,10 @@ public class DSSKeyPairX509Codec
     if (input == null)
       throw new InvalidParameterException("Input bytes MUST NOT be null");
 
-    BigInteger p, g, q, y;
+    BigInteger p = null;
+    BigInteger g = null;
+    BigInteger q = null;
+    BigInteger y;
     DERReader der = new DERReader(input);
     try
       {
@@ -204,20 +218,35 @@ public class DSSKeyPairX509Codec
         if (! algOID.equals(DSA_ALG_OID))
           throw new InvalidParameterException("Unexpected OID: " + algOID);
 
-        DERValue derParams = der.read();
-        DerUtil.checkIsConstructed(derParams, "Wrong DSS Parameters field");
-
         DERValue val = der.read();
-        DerUtil.checkIsBigInteger(val, "Wrong P field");
-        p = (BigInteger) val.getValue();
-        val = der.read();
-        DerUtil.checkIsBigInteger(val, "Wrong Q field");
-        q = (BigInteger) val.getValue();
-        val = der.read();
-        DerUtil.checkIsBigInteger(val, "Wrong G field");
-        g = (BigInteger) val.getValue();
-
-        val = der.read();
+        // RFC-3280, page 79 states: "If the subjectPublicKeyInfo field of the
+        // certificate contains an algorithm field with null parameters or
+        // parameters are omitted, compare the certificate subjectPublicKey
+        // algorithm to the working_public_key_algorithm.  If the certificate
+        // subjectPublicKey algorithm and the working_public_key_algorithm are
+        // different, set the working_public_key_parameters to null."
+        // in other words, the parameters field of an AlgorithmIdentifier
+        // element MAY NOT be present at all, or if present MAY be NULL!
+        // the Mauve test ValidDSAParameterInheritenceTest5, in
+        // gnu.testlet.java.security.cert.pkix.pkits, is/was failing because
+        // of this.
+        if (val.getTag() == DER.NULL)
+          val = der.read();
+        else if (val.isConstructed())
+          {
+            val = der.read();
+            DerUtil.checkIsBigInteger(val, "Wrong P field");
+            p = (BigInteger) val.getValue();
+            val = der.read();
+            DerUtil.checkIsBigInteger(val, "Wrong Q field");
+            q = (BigInteger) val.getValue();
+            val = der.read();
+            DerUtil.checkIsBigInteger(val, "Wrong G field");
+            g = (BigInteger) val.getValue();
+
+            val = der.read();
+          }
+
         if (! (val.getValue() instanceof BitString))
           throw new InvalidParameterException("Wrong SubjectPublicKey field");
 
@@ -230,11 +259,10 @@ public class DSSKeyPairX509Codec
       }
     catch (IOException x)
       {
-        InvalidParameterException e = new InvalidParameterException();
+        InvalidParameterException e = new InvalidParameterException(x.getMessage());
         e.initCause(x);
         throw e;
       }
-
     return new DSSPublicKey(Registry.X509_ENCODING_ID, p, q, g, y);
   }
 
diff --git a/libjava/classpath/gnu/java/security/key/dss/DSSPrivateKey.java b/libjava/classpath/gnu/java/security/key/dss/DSSPrivateKey.java
index fe59cb6d77b..6ed8de8460d 100644
--- a/libjava/classpath/gnu/java/security/key/dss/DSSPrivateKey.java
+++ b/libjava/classpath/gnu/java/security/key/dss/DSSPrivateKey.java
@@ -38,38 +38,34 @@ exception statement from your version.  */
 
 package gnu.java.security.key.dss;
 
-import gnu.classpath.SystemProperties;
+import gnu.java.security.Configuration;
 import gnu.java.security.Registry;
+import gnu.java.security.action.GetPropertyAction;
 import gnu.java.security.key.IKeyPairCodec;
 
 import java.math.BigInteger;
+import java.security.AccessController;
 import java.security.PrivateKey;
 import java.security.interfaces.DSAPrivateKey;
 
 /**
- * <p>An object that embodies a DSS (Digital Signature Standard) private key.</p>
- *
+ * An object that embodies a DSS (Digital Signature Standard) private key.
+ * 
  * @see #getEncoded
  */
-public class DSSPrivateKey extends DSSKey implements PrivateKey, DSAPrivateKey
+public class DSSPrivateKey
+    extends DSSKey
+    implements PrivateKey, DSAPrivateKey
 {
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  private static final boolean DEBUG = false;
-
   /**
-   * <p>A randomly or pseudorandomly generated integer with <code>0 &lt; x &lt;
-   * q</code>.</p>
+   * A randomly or pseudorandomly generated integer with <code>0 &lt; x &lt;
+   * q</code>.
    */
   private final BigInteger x;
 
   /** String representation of this key. Cached for speed. */
   private transient String str;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
    * Convenience constructor. Calls the constructor with 5 arguments passing
    * {@link Registry#RAW_ENCODING_ID} as the identifier of the preferred
@@ -104,13 +100,9 @@ public class DSSPrivateKey extends DSSKey implements PrivateKey, DSAPrivateKey
     super(preferredFormat == Registry.ASN1_ENCODING_ID ? Registry.PKCS8_ENCODING_ID
                                                        : preferredFormat,
           p, q, g);
-
     this.x = x;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
    * A class method that takes the output of the <code>encodePrivateKey()</code>
    * method of a DSS keypair codec object (an instance implementing
@@ -135,30 +127,22 @@ public class DSSPrivateKey extends DSSKey implements PrivateKey, DSAPrivateKey
       catch (IllegalArgumentException ignored)
         {
         }
-
     // try PKCS#8 codec
     return (DSSPrivateKey) new DSSKeyPairPKCS8Codec().decodePrivateKey(k);
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.security.interfaces.DSAPrivateKey interface implementation ---------
-
   public BigInteger getX()
   {
     return x;
   }
 
-  // Other instance methods --------------------------------------------------
-
   /**
-   * <p>Returns the encoded form of this private key according to the
-   * designated format.</p>
-   *
+   * Returns the encoded form of this private key according to the designated
+   * format.
+   * 
    * @param format the desired format identifier of the resulting encoding.
    * @return the byte sequence encoding this key according to the designated
-   * format.
+   *         format.
    * @exception IllegalArgumentException if the format is not supported.
    * @see DSSKeyPairRawCodec
    */
@@ -181,24 +165,22 @@ public class DSSPrivateKey extends DSSKey implements PrivateKey, DSAPrivateKey
   }
 
   /**
-   * <p>Returns <code>true</code> if the designated object is an instance of
+   * Returns <code>true</code> if the designated object is an instance of
    * {@link DSAPrivateKey} and has the same DSS (Digital Signature Standard)
-   * parameter values as this one.</p>
-   *
+   * parameter values as this one.
+   * 
    * @param obj the other non-null DSS key to compare to.
-   * @return <code>true</code> if the designated object is of the same type and
-   * value as this one.
+   * @return <code>true</code> if the designated object is of the same type
+   *         and value as this one.
    */
   public boolean equals(Object obj)
   {
     if (obj == null)
-      {
-        return false;
-      }
-    if (!(obj instanceof DSAPrivateKey))
-      {
-        return false;
-      }
+      return false;
+
+    if (! (obj instanceof DSAPrivateKey))
+      return false;
+
     DSAPrivateKey that = (DSAPrivateKey) obj;
     return super.equals(that) && x.equals(that.getX());
   }
@@ -207,13 +189,15 @@ public class DSSPrivateKey extends DSSKey implements PrivateKey, DSAPrivateKey
   {
     if (str == null)
       {
-        String ls = SystemProperties.getProperty("line.separator");
+        String ls = (String) AccessController.doPrivileged
+            (new GetPropertyAction("line.separator"));
         str = new StringBuilder(this.getClass().getName()).append("(")
-        .append(super.toString()).append(",").append(ls)
-        .append("x=0x").append(DEBUG ? x.toString(16) : "**...*").append(ls)
-        .append(")").toString();
+            .append(super.toString()).append(",").append(ls)
+            .append("x=0x").append(Configuration.DEBUG ? x.toString(16)
+                                                       : "**...*").append(ls)
+            .append(")")
+            .toString();
       }
-
     return str;
   }
 }
diff --git a/libjava/classpath/gnu/java/security/key/dss/DSSPublicKey.java b/libjava/classpath/gnu/java/security/key/dss/DSSPublicKey.java
index 52292131336..9e1c4cf0a04 100644
--- a/libjava/classpath/gnu/java/security/key/dss/DSSPublicKey.java
+++ b/libjava/classpath/gnu/java/security/key/dss/DSSPublicKey.java
@@ -38,36 +38,33 @@ exception statement from your version.  */
 
 package gnu.java.security.key.dss;
 
-import gnu.classpath.SystemProperties;
 import gnu.java.security.Registry;
+import gnu.java.security.action.GetPropertyAction;
 import gnu.java.security.key.IKeyPairCodec;
 
 import java.math.BigInteger;
+import java.security.AccessController;
 import java.security.PublicKey;
 import java.security.interfaces.DSAPublicKey;
 
 /**
- * <p>An object that embodies a DSS (Digital Signature Standard) public key.</p>
+ * An object that embodies a DSS (Digital Signature Standard) public key.
  * 
  * @see #getEncoded
  */
-public class DSSPublicKey extends DSSKey implements PublicKey, DSAPublicKey
+public class DSSPublicKey
+    extends DSSKey
+    implements PublicKey, DSAPublicKey
 {
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /**
-   * <code>y = g<sup>x</sup> mod p</code> where <code>x</code> is the private
-   * part of the DSA key.
+   * <code>y = g<sup>x</sup> mod p</code> where <code>x</code> is the
+   * private part of the DSA key.
    */
   private final BigInteger y;
 
   /** String representation of this key. Cached for speed. */
   private transient String str;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
    * Conveience constructor. Calls the constructor with 5 arguments passing
    * {@link Registry#RAW_ENCODING_ID} as the identifier of the preferred
@@ -85,8 +82,8 @@ public class DSSPublicKey extends DSSKey implements PublicKey, DSAPublicKey
   }
 
   /**
-   * Constructs a new instance of <code>DSSPublicKey</code> given the designated
-   * arguments.
+   * Constructs a new instance of <code>DSSPublicKey</code> given the
+   * designated arguments.
    * 
    * @param preferredFormat the identifier of the preferred encoding format to
    *          use when externalizing this key.
@@ -102,13 +99,9 @@ public class DSSPublicKey extends DSSKey implements PublicKey, DSAPublicKey
     super(preferredFormat == Registry.ASN1_ENCODING_ID ? Registry.X509_ENCODING_ID
                                                        : preferredFormat,
           p, q, g);
-
     this.y = y;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
    * A class method that takes the output of the <code>encodePublicKey()</code>
    * method of a DSS keypair codec object (an instance implementing
@@ -133,30 +126,22 @@ public class DSSPublicKey extends DSSKey implements PublicKey, DSAPublicKey
       catch (IllegalArgumentException ignored)
         {
         }
-
     // try X.509 codec
     return (DSSPublicKey) new DSSKeyPairX509Codec().decodePublicKey(k);
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.security.interfaces.DSAPublicKey interface implementation ----------
-
   public BigInteger getY()
   {
     return y;
   }
 
-  // Other instance methods --------------------------------------------------
-
   /**
-   * <p>Returns the encoded form of this public key according to the designated
-   * format.</p>
+   * Returns the encoded form of this public key according to the designated
+   * format.
    * 
    * @param format the desired format identifier of the resulting encoding.
    * @return the byte sequence encoding this key according to the designated
-   * format.
+   *         format.
    * @exception IllegalArgumentException if the format is not supported.
    * @see DSSKeyPairRawCodec
    */
@@ -179,24 +164,22 @@ public class DSSPublicKey extends DSSKey implements PublicKey, DSAPublicKey
   }
 
   /**
-   * <p>Returns <code>true</code> if the designated object is an instance of
+   * Returns <code>true</code> if the designated object is an instance of
    * {@link DSAPublicKey} and has the same DSS (Digital Signature Standard)
-   * parameter values as this one.</p>
+   * parameter values as this one.
    * 
    * @param obj the other non-null DSS key to compare to.
-   * @return <code>true</code> if the designated object is of the same type and
-   * value as this one.
+   * @return <code>true</code> if the designated object is of the same type
+   *         and value as this one.
    */
   public boolean equals(Object obj)
   {
     if (obj == null)
-      {
-        return false;
-      }
-    if (!(obj instanceof DSAPublicKey))
-      {
-        return false;
-      }
+      return false;
+
+    if (! (obj instanceof DSAPublicKey))
+      return false;
+
     DSAPublicKey that = (DSAPublicKey) obj;
     return super.equals(that) && y.equals(that.getY());
   }
@@ -205,13 +188,14 @@ public class DSSPublicKey extends DSSKey implements PublicKey, DSAPublicKey
   {
     if (str == null)
       {
-        String ls = SystemProperties.getProperty("line.separator");
+        String ls = (String) AccessController.doPrivileged
+            (new GetPropertyAction("line.separator"));
         str = new StringBuilder(this.getClass().getName()).append("(")
-        .append(super.toString()).append(",").append(ls)
-        .append("y=0x").append(y.toString(16)).append(ls)
-        .append(")").toString();
+            .append(super.toString()).append(",").append(ls)
+            .append("y=0x").append(y.toString(16)).append(ls)
+            .append(")")
+            .toString();
       }
-
     return str;
   }
 }
diff --git a/libjava/classpath/gnu/java/security/key/dss/FIPS186.java b/libjava/classpath/gnu/java/security/key/dss/FIPS186.java
index 5984bcc9393..7277599bd54 100644
--- a/libjava/classpath/gnu/java/security/key/dss/FIPS186.java
+++ b/libjava/classpath/gnu/java/security/key/dss/FIPS186.java
@@ -40,26 +40,21 @@ package gnu.java.security.key.dss;
 
 import gnu.java.security.hash.Sha160;
 import gnu.java.security.util.PRNG;
-import gnu.java.security.util.Prime2;
 
 import java.math.BigInteger;
 import java.security.SecureRandom;
 
 /**
- * <p>An implementation of the DSA parameters generation as described in
- * FIPS-186.</p>
- *
- * References:<br>
+ * An implementation of the DSA parameters generation as described in FIPS-186.
+ * <p>
+ * References:
+ * <p>
  * <a href="http://www.itl.nist.gov/fipspubs/fip186.htm">Digital Signature
- * Standard (DSS)</a>, Federal Information Processing Standards Publication 186.
- * National Institute of Standards and Technology.
+ * Standard (DSS)</a>, Federal Information Processing Standards Publication
+ * 186. National Institute of Standards and Technology.
  */
 public class FIPS186
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   public static final int DSA_PARAMS_SEED = 0;
 
   public static final int DSA_PARAMS_COUNTER = 1;
@@ -73,7 +68,7 @@ public class FIPS186
   public static final int DSA_PARAMS_G = 5;
 
   /** The BigInteger constant 2. */
-  private static final BigInteger TWO = new BigInteger("2");
+  private static final BigInteger TWO = BigInteger.valueOf(2L);
 
   private static final BigInteger TWO_POW_160 = TWO.pow(160);
 
@@ -89,9 +84,6 @@ public class FIPS186
   /** Our default source of randomness. */
   private PRNG prng = null;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public FIPS186(int L, SecureRandom rnd)
   {
     super();
@@ -100,38 +92,31 @@ public class FIPS186
     this.rnd = rnd;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   /**
    * This method generates the DSS <code>p</code>, <code>q</code>, and
    * <code>g</code> parameters only when <code>L</code> (the modulus length)
    * is not one of the following: <code>512</code>, <code>768</code> and
-   * <code>1024</code>. For those values of <code>L</code>, this implementation
-   * uses pre-computed values of <code>p</code>, <code>q</code>, and
-   * <code>g</code> given in the document <i>CryptoSpec</i> included in the
-   * security guide documentation of the standard JDK distribution.<p>
-   *
+   * <code>1024</code>. For those values of <code>L</code>, this
+   * implementation uses pre-computed values of <code>p</code>,
+   * <code>q</code>, and <code>g</code> given in the document <i>CryptoSpec</i>
+   * included in the security guide documentation of the standard JDK
+   * distribution.
+   * <p>
    * The DSS requires two primes , <code>p</code> and <code>q</code>,
    * satisfying the following three conditions:
-   *
    * <ul>
-   *    <li><code>2<sup>159</sup> &lt; q &lt; 2<sup>160</sup></code></li>
-   *    <li><code>2<sup>L-1</sup> &lt; p &lt; 2<sup>L</sup></code> for a
-   *    specified <code>L</code>, where <code>L = 512 + 64j</code> for some
-   *    <code>0 &lt;= j &lt;= 8</code></li>
-   *    <li>q divides p - 1.</li>
+   * <li><code>2<sup>159</sup> &lt; q &lt; 2<sup>160</sup></code></li>
+   * <li><code>2<sup>L-1</sup> &lt; p &lt; 2<sup>L</sup></code> for a
+   * specified <code>L</code>, where <code>L = 512 + 64j</code> for some
+   * <code>0 &lt;= j &lt;= 8</code></li>
+   * <li>q divides p - 1.</li>
    * </ul>
-   *
    * The algorithm used to find these primes is as described in FIPS-186,
    * section 2.2: GENERATION OF PRIMES. This prime generation scheme starts by
-   * using the {@link Sha160} and a user supplied <i>SEED</i>
-   * to construct a prime, <code>q</code>, in the range 2<sup>159</sup> &lt; q
-   * &lt; 2<sup>160</sup>. Once this is accomplished, the same <i>SEED</i>
-   * value is used to construct an <code>X</code> in the range <code>2<sup>L-1
+   * using the {@link Sha160} and a user supplied <i>SEED</i> to construct a
+   * prime, <code>q</code>, in the range 2<sup>159</sup> &lt; q &lt; 2<sup>160</sup>.
+   * Once this is accomplished, the same <i>SEED</i> value is used to construct
+   * an <code>X</code> in the range <code>2<sup>L-1
    * </sup> &lt; X &lt; 2<sup>L</sup>. The prime, <code>p</code>, is then
    * formed by rounding <code>X</code> to a number congruent to <code>1 mod
    * 2q</code>. In this implementation we use the same <i>SEED</i> value given
@@ -169,9 +154,8 @@ public class FIPS186
                 u = sha.digest();
               }
             for (int i = 0; i < a.length; i++)
-              {
-                a[i] ^= u[i];
-              }
+              a[i] ^= u[i];
+
             U = new BigInteger(1, a);
             // 3. Form q from U by setting the most significant bit (the
             // 2**159 bit) and the least significant bit to 1. In terms of
@@ -183,12 +167,9 @@ public class FIPS186
             // probability of a non-prime number passing the test is at
             // most 1/2**80.
             // 5. If q is not prime, go to step 1.
-            if (Prime2.isProbablePrime(q))
-              {
-                break step1;
-              }
+            if (q.isProbablePrime(80))
+              break step1;
           } // step1
-
         // 6. Let counter = 0 and offset = 2.
         counter = 0;
         offset = 2;
@@ -201,9 +182,9 @@ public class FIPS186
               {
                 for (int k = 0; k <= n; k++)
                   {
-                    a = SEED_PLUS_OFFSET.add(
-                                             BigInteger.valueOf(k & 0xFFFFFFFFL)).mod(
-                                                                                      TWO_POW_160).toByteArray();
+                    a = SEED_PLUS_OFFSET
+                        .add(BigInteger.valueOf(k & 0xFFFFFFFFL))
+                        .mod(TWO_POW_160).toByteArray();
                     sha.update(a, 0, a.length);
                     V[k] = new BigInteger(1, sha.digest());
                   }
@@ -214,9 +195,8 @@ public class FIPS186
             // Note that 0 <= W < 2**(L-1) and hence 2**(L-1) <= X < 2**L.
             W = V[0];
             for (int k = 1; k < n; k++)
-              {
-                W = W.add(V[k].multiply(TWO.pow(k * 160)));
-              }
+              W = W.add(V[k].multiply(TWO.pow(k * 160)));
+
             W = W.add(V[n].mod(TWO.pow(b)).multiply(TWO.pow(n * 160)));
             X = W.add(TWO.pow(L - 1));
             // 9. Let c = X mod 2q and set p = X - (c - 1).
@@ -228,22 +208,17 @@ public class FIPS186
               {
                 // 11. Perform a robust primality test on p.
                 // 12. If p passes the test performed in step 11, go to step 15.
-                if (Prime2.isProbablePrime(p))
-                  {
-                    break algorithm;
-                  }
+                if (p.isProbablePrime(80))
+                  break algorithm;
               }
             // 13. Let counter = counter + 1 and offset = offset + n + 1.
             counter++;
             offset += n + 1;
             // 14. If counter >= 4096 go to step 1, otherwise go to step 7.
             if (counter >= 4096)
-              {
-                continue algorithm;
-              }
+              continue algorithm;
           } // step7
       } // algorithm
-
     // compute g. from FIPS-186, Appendix 4:
     // 1. Generate p and q as specified in Appendix 2.
     // 2. Let e = (p - 1) / q
@@ -258,28 +233,21 @@ public class FIPS186
         // 4. Set g = h**e mod p
         g = h.modPow(e, p);
         // 5. If g = 1, go to step 3
-        if (!g.equals(BigInteger.ONE))
-          {
-            break;
-          }
+        if (! g.equals(BigInteger.ONE))
+          break;
       }
-
     return new BigInteger[] { SEED, BigInteger.valueOf(counter), q, p, e, g };
   }
 
-  // helper methods ----------------------------------------------------------
-
   /**
    * Fills the designated byte array with random data.
-   *
+   * 
    * @param buffer the byte array to fill with random data.
    */
   private void nextRandomBytes(byte[] buffer)
   {
     if (rnd != null)
-      {
-        rnd.nextBytes(buffer);
-      }
+      rnd.nextBytes(buffer);
     else
       getDefaultPRNG().nextBytes(buffer);
   }
diff --git a/libjava/classpath/gnu/java/security/key/rsa/GnuRSAKey.java b/libjava/classpath/gnu/java/security/key/rsa/GnuRSAKey.java
index 3009dd71fa0..4bdce4011a5 100644
--- a/libjava/classpath/gnu/java/security/key/rsa/GnuRSAKey.java
+++ b/libjava/classpath/gnu/java/security/key/rsa/GnuRSAKey.java
@@ -38,23 +38,21 @@ exception statement from your version.  */
 
 package gnu.java.security.key.rsa;
 
-import gnu.classpath.SystemProperties;
 import gnu.java.security.Registry;
+import gnu.java.security.action.GetPropertyAction;
 import gnu.java.security.util.FormatUtil;
 
 import java.math.BigInteger;
+import java.security.AccessController;
 import java.security.Key;
 import java.security.interfaces.RSAKey;
 
 /**
- * <p>A base asbtract class for both public and private RSA keys.</p>
+ * A base asbtract class for both public and private RSA keys.
  */
-public abstract class GnuRSAKey implements Key, RSAKey
+public abstract class GnuRSAKey
+    implements Key, RSAKey
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** The public modulus of an RSA key pair. */
   private final BigInteger n;
 
@@ -62,17 +60,14 @@ public abstract class GnuRSAKey implements Key, RSAKey
   private final BigInteger e;
 
   /**
-   * Identifier of the default encoding format to use when externalizing the
-   * key material.
+   * Identifier of the default encoding format to use when externalizing the key
+   * material.
    */
   protected final int defaultFormat;
 
   /** String representation of this key. Cached for speed. */
   private transient String str;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
    * Trivial protected constructor.
    * 
@@ -91,21 +86,11 @@ public abstract class GnuRSAKey implements Key, RSAKey
     this.e = e;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.security.interfaces.RSAKey interface implementation ----------------
-
   public BigInteger getModulus()
   {
     return getN();
   }
 
-  // java.security.Key interface implementation ------------------------------
-
   public String getAlgorithm()
   {
     return Registry.RSA_KPG;
@@ -122,11 +107,9 @@ public abstract class GnuRSAKey implements Key, RSAKey
     return FormatUtil.getEncodingShortName(defaultFormat);
   }
 
-  // Other instance methods --------------------------------------------------
-
   /**
-   * <p>Returns the modulus <code>n</code>.</p>
-   *
+   * Returns the modulus <code>n</code>.
+   * 
    * @return the modulus <code>n</code>.
    */
   public BigInteger getN()
@@ -135,8 +118,8 @@ public abstract class GnuRSAKey implements Key, RSAKey
   }
 
   /**
-   * <p>Returns the public exponent <code>e</code>.</p>
-   *
+   * Returns the public exponent <code>e</code>.
+   * 
    * @return the public exponent <code>e</code>.
    */
   public BigInteger getPublicExponent()
@@ -145,8 +128,8 @@ public abstract class GnuRSAKey implements Key, RSAKey
   }
 
   /**
-   * <p>Same as {@link #getPublicExponent()}.</p>
-   *
+   * Same as {@link #getPublicExponent()}.
+   * 
    * @return the public exponent <code>e</code>.
    */
   public BigInteger getE()
@@ -155,23 +138,21 @@ public abstract class GnuRSAKey implements Key, RSAKey
   }
 
   /**
-   * <p>Returns <code>true</code> if the designated object is an instance of
-   * {@link RSAKey} and has the same RSA parameter values as this one.</p>
-   *
+   * Returns <code>true</code> if the designated object is an instance of
+   * {@link RSAKey} and has the same RSA parameter values as this one.
+   * 
    * @param obj the other non-null RSA key to compare to.
-   * @return <code>true</code> if the designated object is of the same type and
-   * value as this one.
+   * @return <code>true</code> if the designated object is of the same type
+   *         and value as this one.
    */
   public boolean equals(final Object obj)
   {
     if (obj == null)
-      {
-        return false;
-      }
-    if (!(obj instanceof RSAKey))
-      {
-        return false;
-      }
+      return false;
+
+    if (! (obj instanceof RSAKey))
+      return false;
+
     final RSAKey that = (RSAKey) obj;
     return n.equals(that.getModulus());
   }
@@ -180,8 +161,9 @@ public abstract class GnuRSAKey implements Key, RSAKey
   {
     if (str == null)
       {
-        String ls = SystemProperties.getProperty("line.separator");
-        str = new StringBuilder().append(ls)
+        String ls = (String) AccessController.doPrivileged
+            (new GetPropertyAction("line.separator"));
+        str = new StringBuilder(ls)
             .append("defaultFormat=").append(defaultFormat).append(",").append(ls)
             .append("n=0x").append(n.toString(16)).append(",").append(ls)
             .append("e=0x").append(e.toString(16))
@@ -190,7 +172,5 @@ public abstract class GnuRSAKey implements Key, RSAKey
     return str;
   }
 
-  // abstract methods to be implemented by subclasses ------------------------
-
   public abstract byte[] getEncoded(int format);
 }
diff --git a/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPrivateKey.java b/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPrivateKey.java
index 92053448763..00a1b822ad0 100644
--- a/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPrivateKey.java
+++ b/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPrivateKey.java
@@ -38,42 +38,39 @@ exception statement from your version.  */
 
 package gnu.java.security.key.rsa;
 
-import gnu.classpath.SystemProperties;
+import gnu.java.security.Configuration;
+import gnu.java.security.action.GetPropertyAction;
 import gnu.java.security.Registry;
 import gnu.java.security.key.IKeyPairCodec;
 
 import java.math.BigInteger;
+import java.security.AccessController;
 import java.security.PrivateKey;
 import java.security.interfaces.RSAPrivateCrtKey;
 import java.security.interfaces.RSAPrivateKey;
 
 /**
- * <p>An object that embodies an RSA private key.</p>
- *
- * <p>References:</p>
+ * An object that embodies an RSA private key.
+ * <p>
+ * References:
  * <ol>
- *    <li><a href="http://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/rsa-pss.zip">
- *    RSA-PSS Signature Scheme with Appendix, part B.</a><br>
- *    Primitive specification and supporting documentation.<br>
- *    Jakob Jonsson and Burt Kaliski.</li>
+ * <li><a
+ * href="http://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/rsa-pss.zip">
+ * RSA-PSS Signature Scheme with Appendix, part B.</a><br>
+ * Primitive specification and supporting documentation.<br>
+ * Jakob Jonsson and Burt Kaliski.</li>
  * </ol>
  */
-public class GnuRSAPrivateKey extends GnuRSAKey implements PrivateKey,
-    RSAPrivateCrtKey
+public class GnuRSAPrivateKey
+    extends GnuRSAKey
+    implements PrivateKey, RSAPrivateCrtKey
 {
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  private static final boolean DEBUG = false;
-
   /** The first prime divisor of the modulus. */
   private final BigInteger p;
 
   /** The second prime divisor of the modulus. */
   private final BigInteger q;
 
-  /** The public exponent of an RSA key. */
-  //   private final BigInteger e;
   /** The private exponent of an RSA private key. */
   private final BigInteger d;
 
@@ -89,21 +86,17 @@ public class GnuRSAPrivateKey extends GnuRSAKey implements PrivateKey,
   /** String representation of this key. Cached for speed. */
   private transient String str;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
    * Convenience constructor. Calls the constructor with 5 arguments passing
    * {@link Registry#RAW_ENCODING_ID} as the identifier of the preferred
    * encoding format.
-   *
+   * 
    * @param p the modulus first prime divisor.
    * @param q the modulus second prime divisor.
    * @param e the public exponent.
    * @param d the private exponent.
    */
-  public GnuRSAPrivateKey(BigInteger p, BigInteger q, BigInteger e,
-                          BigInteger d)
+  public GnuRSAPrivateKey(BigInteger p, BigInteger q, BigInteger e, BigInteger d)
   {
     this(Registry.RAW_ENCODING_ID, p, q, e, d);
   }
@@ -122,7 +115,9 @@ public class GnuRSAPrivateKey extends GnuRSAKey implements PrivateKey,
   public GnuRSAPrivateKey(int preferredFormat, BigInteger p, BigInteger q,
                           BigInteger e, BigInteger d)
   {
-    this(preferredFormat, p.multiply(q), e, d, p, q, 
+    this(preferredFormat,
+         p.multiply(q),
+         e, d, p, q,
          e.modInverse(p.subtract(BigInteger.ONE)),
          e.modInverse(q.subtract(BigInteger.ONE)),
          q.modInverse(p));
@@ -135,19 +130,20 @@ public class GnuRSAPrivateKey extends GnuRSAKey implements PrivateKey,
    * @param preferredFormat the indetifier of the preferred encoding format to
    *          use when externalizing this key.
    * @param n the public modulus, which is also the product of <code>p</code>
-   * and <code>q</code>.
+   *          and <code>q</code>.
    * @param e the public exponent.
    * @param d the private exponent.
    * @param p the modulus first prime divisor.
    * @param q the modulus second prime divisor.
    * @param dP the first prime's exponen. A positive integer less than
-   * <code>p</code> and <code>q</code>, satisfying <code>e * dP = 1 (mod p-1)
-   * </code>.
+   *          <code>p</code> and <code>q</code>, satisfying
+   *          <code>e * dP = 1 (mod p-1)</code>.
    * @param dQ the second prime's exponent. A positive integer less than
-   * <code>p</code> and <code>q</code>, satisfying <code>e * dQ = 1 (mod p-1)
-   * </code>.
+   *          <code>p</code> and <code>q</code>, satisfying
+   *          <code>e * dQ = 1 (mod p-1)</code>.
    * @param qInv the Chinese Remainder Theorem coefiicient. A positive integer
-   * less than <code>p</code>, satisfying <code>q * qInv = 1 (mod p)</code>.
+   *          less than <code>p</code>, satisfying
+   *          <code>q * qInv = 1 (mod p)</code>.
    */
   public GnuRSAPrivateKey(int preferredFormat, BigInteger n, BigInteger e,
                           BigInteger d, BigInteger p, BigInteger q,
@@ -156,24 +152,20 @@ public class GnuRSAPrivateKey extends GnuRSAKey implements PrivateKey,
     super(preferredFormat == Registry.ASN1_ENCODING_ID ? Registry.PKCS8_ENCODING_ID
                                                        : preferredFormat,
           n, e);
-
     this.d = d;
     this.p = p;
     this.q = q;
     // the exponents dP and dQ are positive integers less than p and q
     // respectively satisfying
-    //    e * dP = 1 (mod p-1);
-    //    e * dQ = 1 (mod q-1),
+    // e * dP = 1 (mod p-1);
+    // e * dQ = 1 (mod q-1),
     this.dP = dP;
     this.dQ = dQ;
     // the CRT coefficient qInv is a positive integer less than p satisfying
-    //    q * qInv = 1 (mod p).
+    // q * qInv = 1 (mod p).
     this.qInv = qInv;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
    * A class method that takes the output of the <code>encodePrivateKey()</code>
    * method of an RSA keypair codec object (an instance implementing
@@ -198,14 +190,10 @@ public class GnuRSAPrivateKey extends GnuRSAKey implements PrivateKey,
       catch (IllegalArgumentException ignored)
         {
         }
-
     // try PKCS#8 codec
     return (GnuRSAPrivateKey) new RSAKeyPairPKCS8Codec().decodePrivateKey(k);
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   public BigInteger getPrimeP()
   {
     return p;
@@ -231,22 +219,18 @@ public class GnuRSAPrivateKey extends GnuRSAKey implements PrivateKey,
     return qInv;
   }
 
-  // java.security.interfaces.RSAPrivateKey interface implementation ---------
-
   public BigInteger getPrivateExponent()
   {
     return d;
   }
 
-  // Other instance methods --------------------------------------------------
-
   /**
-   * Returns the encoded form of this private key according to the
-   * designated format.
-   *
+   * Returns the encoded form of this private key according to the designated
+   * format.
+   * 
    * @param format the desired format identifier of the resulting encoding.
    * @return the byte sequence encoding this key according to the designated
-   * format.
+   *         format.
    * @throws IllegalArgumentException if the format is not supported.
    * @see RSAKeyPairRawCodec
    * @see RSAKeyPairPKCS8Codec
@@ -270,19 +254,18 @@ public class GnuRSAPrivateKey extends GnuRSAKey implements PrivateKey,
   }
 
   /**
-   * <p>Returns <code>true</code> if the designated object is an instance of
-   * this class and has the same RSA parameter values as this one.</p>
-   *
+   * Returns <code>true</code> if the designated object is an instance of this
+   * class and has the same RSA parameter values as this one.
+   * 
    * @param obj the other non-null RSA key to compare to.
    * @return <code>true</code> if the designated object is of the same type
-   * and value as this one.
+   *         and value as this one.
    */
   public boolean equals(final Object obj)
   {
     if (obj == null)
-      {
-        return false;
-      }
+      return false;
+
     if (obj instanceof RSAPrivateKey)
       {
         final RSAPrivateKey that = (RSAPrivateKey) obj;
@@ -304,16 +287,24 @@ public class GnuRSAPrivateKey extends GnuRSAKey implements PrivateKey,
   {
     if (str == null)
       {
-        String ls = SystemProperties.getProperty("line.separator");
+        String ls = (String) AccessController.doPrivileged
+            (new GetPropertyAction("line.separator"));
         str = new StringBuilder(this.getClass().getName()).append("(")
             .append(super.toString()).append(",").append(ls)
-            .append("d=0x").append(DEBUG ? d.toString(16) : "**...*").append(ls)
-            .append("p=0x").append(DEBUG ? p.toString(16) : "**...*").append(ls)
-            .append("q=0x").append(DEBUG ? q.toString(16) : "**...*").append(ls)
-            .append("dP=0x").append(DEBUG ? dP.toString(16) : "**...*").append(ls)
-            .append("dQ=0x").append(DEBUG ? dQ.toString(16) : "**...*").append(ls)
-            .append("qInv=0x").append(DEBUG ? qInv.toString(16) : "**...*").append(ls)
-            .append(")").toString();
+            .append("d=0x").append(Configuration.DEBUG ? d.toString(16)
+                                                       : "**...*").append(ls)
+            .append("p=0x").append(Configuration.DEBUG ? p.toString(16)
+                                                       : "**...*").append(ls)
+            .append("q=0x").append(Configuration.DEBUG ? q.toString(16)
+                                                       : "**...*").append(ls)
+            .append("dP=0x").append(Configuration.DEBUG ? dP.toString(16)
+                                                        : "**...*").append(ls)
+            .append("dQ=0x").append(Configuration.DEBUG ? dQ.toString(16)
+                                                        : "**...*").append(ls)
+            .append("qInv=0x").append(Configuration.DEBUG ? qInv.toString(16)
+                                                          : "**...*").append(ls)
+            .append(")")
+            .toString();
       }
     return str;
   }
diff --git a/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPublicKey.java b/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPublicKey.java
index 8badede1422..fe28d0ba3b0 100644
--- a/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPublicKey.java
+++ b/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPublicKey.java
@@ -38,42 +38,39 @@ exception statement from your version.  */
 
 package gnu.java.security.key.rsa;
 
-import gnu.classpath.SystemProperties;
 import gnu.java.security.Registry;
+import gnu.java.security.action.GetPropertyAction;
 import gnu.java.security.key.IKeyPairCodec;
 
 import java.math.BigInteger;
+import java.security.AccessController;
 import java.security.PublicKey;
 import java.security.interfaces.RSAPublicKey;
 
 /**
- * <p>An object that encapsulates an RSA public key.</p>
- *
- * <p>References:</p>
+ * An object that encapsulates an RSA public key.
+ * <p>
+ * References:
  * <ol>
- *    <li><a href="http://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/rsa-pss.zip">
- *    RSA-PSS Signature Scheme with Appendix, part B.</a><br>
- *    Primitive specification and supporting documentation.<br>
- *    Jakob Jonsson and Burt Kaliski.</li>
+ * <li><a
+ * href="http://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/rsa-pss.zip">
+ * RSA-PSS Signature Scheme with Appendix, part B.</a><br>
+ * Primitive specification and supporting documentation.<br>
+ * Jakob Jonsson and Burt Kaliski.</li>
  * </ol>
  */
-public class GnuRSAPublicKey extends GnuRSAKey implements PublicKey,
-    RSAPublicKey
+public class GnuRSAPublicKey
+    extends GnuRSAKey
+    implements PublicKey, RSAPublicKey
 {
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** String representation of this key. Cached for speed. */
   private transient String str;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
    * Conveience constructor. Calls the constructor with 3 arguments passing
    * {@link Registry#RAW_ENCODING_ID} as the identifier of the preferred
    * encoding format.
-   *
+   * 
    * @param n the modulus.
    * @param e the public exponent.
    */
@@ -98,9 +95,6 @@ public class GnuRSAPublicKey extends GnuRSAKey implements PublicKey,
           n, e);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
    * A class method that takes the output of the <code>encodePublicKey()</code>
    * method of an RSA keypair codec object (an instance implementing
@@ -125,21 +119,17 @@ public class GnuRSAPublicKey extends GnuRSAKey implements PublicKey,
       catch (IllegalArgumentException ignored)
         {
         }
-
     // try X.509 codec
     return (GnuRSAPublicKey) new RSAKeyPairX509Codec().decodePublicKey(k);
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns the encoded form of this public key according to the designated
-   * format.</p>
-   *
+   * Returns the encoded form of this public key according to the designated
+   * format.
+   * 
    * @param format the desired format identifier of the resulting encoding.
    * @return the byte sequence encoding this key according to the designated
-   * format.
+   *         format.
    * @throws IllegalArgumentException if the format is not supported.
    * @see RSAKeyPairRawCodec
    */
@@ -162,23 +152,21 @@ public class GnuRSAPublicKey extends GnuRSAKey implements PublicKey,
   }
 
   /**
-   * <p>Returns <code>true</code> if the designated object is an instance of
-   * this class and has the same RSA parameter values as this one.</p>
-   *
+   * Returns <code>true</code> if the designated object is an instance of this
+   * class and has the same RSA parameter values as this one.
+   * 
    * @param obj the other non-null RSA key to compare to.
-   * @return <code>true</code> if the designated object is of the same type and
-   * value as this one.
+   * @return <code>true</code> if the designated object is of the same type
+   *         and value as this one.
    */
   public boolean equals(final Object obj)
   {
     if (obj == null)
-      {
-        return false;
-      }
-    if (!(obj instanceof RSAPublicKey))
-      {
-        return false;
-      }
+      return false;
+
+    if (! (obj instanceof RSAPublicKey))
+      return false;
+
     final RSAPublicKey that = (RSAPublicKey) obj;
     return super.equals(that)
            && getPublicExponent().equals(that.getPublicExponent());
@@ -188,10 +176,12 @@ public class GnuRSAPublicKey extends GnuRSAKey implements PublicKey,
   {
     if (str == null)
       {
-        String ls = SystemProperties.getProperty("line.separator");
+        String ls = (String) AccessController.doPrivileged
+            (new GetPropertyAction("line.separator"));
         str = new StringBuilder(this.getClass().getName()).append("(")
             .append(super.toString()).append(",").append(ls)
-            .append(")").toString();
+            .append(")")
+            .toString();
       }
     return str;
   }
diff --git a/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairGenerator.java b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairGenerator.java
index 39063381f37..c31cc4cc1e0 100644
--- a/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairGenerator.java
+++ b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairGenerator.java
@@ -38,10 +38,10 @@ exception statement from your version.  */
 
 package gnu.java.security.key.rsa;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.Registry;
 import gnu.java.security.key.IKeyPairGenerator;
 import gnu.java.security.util.PRNG;
-import gnu.java.security.util.Prime2;
 
 import java.math.BigInteger;
 import java.security.KeyPair;
@@ -53,25 +53,23 @@ import java.util.Map;
 import java.util.logging.Logger;
 
 /**
- * <p>A key-pair generator for asymetric keys to use in conjunction with the RSA
- * scheme.</p>
- *
- * <p>Reference:</p>
+ * A key-pair generator for asymetric keys to use in conjunction with the RSA
+ * scheme.
+ * <p>
+ * Reference:
  * <ol>
- *    <li><a href="http://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/rsa-pss.zip">
- *    RSA-PSS Signature Scheme with Appendix</a>, part B. Primitive
- *    specification and supporting documentation. Jakob Jonsson and Burt Kaliski.
- *    </li>
- *    <li><a href="http://www.cacr.math.uwaterloo.ca/hac/">Handbook of Applied
- *    Cryptography</a>, Alfred J. Menezes, Paul C. van Oorschot and Scott A.
- *    Vanstone. Section 11.3 RSA and related signature schemes.</li>
+ * <li><a
+ * href="http://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/rsa-pss.zip">
+ * RSA-PSS Signature Scheme with Appendix</a>, part B. Primitive specification
+ * and supporting documentation. Jakob Jonsson and Burt Kaliski. </li>
+ * <li><a href="http://www.cacr.math.uwaterloo.ca/hac/">Handbook of Applied
+ * Cryptography</a>, Alfred J. Menezes, Paul C. van Oorschot and Scott A.
+ * Vanstone. Section 11.3 RSA and related signature schemes.</li>
  * </ol>
  */
-public class RSAKeyPairGenerator implements IKeyPairGenerator
+public class RSAKeyPairGenerator
+    implements IKeyPairGenerator
 {
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   private static final Logger log = Logger.getLogger(RSAKeyPairGenerator.class.getName());
 
   /** The BigInteger constant 1. */
@@ -90,8 +88,8 @@ public class RSAKeyPairGenerator implements IKeyPairGenerator
   public static final String SOURCE_OF_RANDOMNESS = "gnu.crypto.rsa.prng";
 
   /**
-   * Property name of an optional {@link RSAKeyGenParameterSpec} instance to
-   * use for this generator's <code>n</code>, and <code>e</code> values. The
+   * Property name of an optional {@link RSAKeyGenParameterSpec} instance to use
+   * for this generator's <code>n</code>, and <code>e</code> values. The
    * default is to generate <code>n</code> and use a fixed value for
    * <code>e</.code> (Fermat's F4 number).
    */
@@ -128,38 +126,28 @@ public class RSAKeyPairGenerator implements IKeyPairGenerator
   /** Preferred encoding format of generated keys. */
   private int preferredFormat;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   // implicit 0-arguments constructor
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // gnu.crypto.key.IKeyPairGenerator interface implementation ---------------
-
   public String name()
   {
     return Registry.RSA_KPG;
   }
 
   /**
-   * <p>Configures this instance.</p>
-   *
+   * Configures this instance.
+   * 
    * @param attributes the map of name/value pairs to use.
-   * @exception IllegalArgumentException if the designated MODULUS_LENGTH
-   * value is less than 1024.
+   * @exception IllegalArgumentException if the designated MODULUS_LENGTH value
+   *              is less than 1024.
    */
   public void setup(Map attributes)
   {
-    log.entering(this.getClass().getName(), "setup", attributes);
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "setup", attributes);
     // do we have a SecureRandom, or should we use our own?
     rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS);
-
     // are we given a set of RSA params or we shall use our own?
     RSAKeyGenParameterSpec params = (RSAKeyGenParameterSpec) attributes.get(RSA_PARAMETERS);
-
     // find out the modulus length
     if (params != null)
       {
@@ -171,32 +159,30 @@ public class RSAKeyPairGenerator implements IKeyPairGenerator
         Integer l = (Integer) attributes.get(MODULUS_LENGTH);
         L = (l == null ? DEFAULT_MODULUS_LENGTH : l.intValue());
       }
-
     if (L < 1024)
-      {
-        throw new IllegalArgumentException(MODULUS_LENGTH);
-      }
+      throw new IllegalArgumentException(MODULUS_LENGTH);
 
     // what is the preferred encoding format
     Integer formatID = (Integer) attributes.get(PREFERRED_ENCODING_FORMAT);
     preferredFormat = formatID == null ? DEFAULT_ENCODING_FORMAT
                                        : formatID.intValue();
-
-    log.exiting(this.getClass().getName(), "setup");
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "setup");
   }
 
   /**
-   * <p>The algorithm used here is described in <i>nessie-pss-B.pdf</i>
-   * document which is part of the RSA-PSS submission to NESSIE.</p>
-   *
+   * <p>
+   * The algorithm used here is described in <i>nessie-pss-B.pdf</i> document
+   * which is part of the RSA-PSS submission to NESSIE.
+   * </p>
+   * 
    * @return an RSA keypair.
    */
   public KeyPair generate()
   {
-    log.entering(this.getClass().getName(), "generate");
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "generate");
     BigInteger p, q, n, d;
-
     // 1. Generate a prime p in the interval [2**(M-1), 2**M - 1], where
     // M = CEILING(L/2), and such that GCD(p, e) = 1
     int M = (L + 1) / 2;
@@ -208,12 +194,9 @@ public class RSAKeyPairGenerator implements IKeyPairGenerator
         nextRandomBytes(kb);
         p = new BigInteger(1, kb).setBit(0);
         if (p.compareTo(lower) >= 0 && p.compareTo(upper) <= 0
-            && Prime2.isProbablePrime(p) && p.gcd(e).equals(ONE))
-          {
-            break step1;
-          }
+            && p.isProbablePrime(80) && p.gcd(e).equals(ONE))
+          break step1;
       }
-
     // 2. Generate a prime q such that the product of p and q is an L-bit
     // number, and such that GCD(q, e) = 1
     step2: while (true)
@@ -221,45 +204,34 @@ public class RSAKeyPairGenerator implements IKeyPairGenerator
         nextRandomBytes(kb);
         q = new BigInteger(1, kb).setBit(0);
         n = p.multiply(q);
-        if (n.bitLength() == L && Prime2.isProbablePrime(q)
-            && q.gcd(e).equals(ONE))
-          {
-            break step2;
-          }
-
+        if (n.bitLength() == L && q.isProbablePrime(80) && q.gcd(e).equals(ONE))
+          break step2;
         // TODO: test for p != q
       }
-
     // TODO: ensure p < q
-
     // 3. Put n = pq. The public key is (n, e).
     // 4. Compute the parameters necessary for the private key K (see
     // Section 2.2).
     BigInteger phi = p.subtract(ONE).multiply(q.subtract(ONE));
     d = e.modInverse(phi);
-
     // 5. Output the public key and the private key.
     PublicKey pubK = new GnuRSAPublicKey(preferredFormat, n, e);
     PrivateKey secK = new GnuRSAPrivateKey(preferredFormat, p, q, e, d);
-
     KeyPair result = new KeyPair(pubK, secK);
-    log.exiting(this.getClass().getName(), "generate", result);
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "generate", result);
     return result;
   }
 
-  // helper methods ----------------------------------------------------------
-
   /**
-   * <p>Fills the designated byte array with random data.</p>
-   *
+   * Fills the designated byte array with random data.
+   * 
    * @param buffer the byte array to fill with random data.
    */
   private void nextRandomBytes(byte[] buffer)
   {
     if (rnd != null)
-      {
-        rnd.nextBytes(buffer);
-      }
+      rnd.nextBytes(buffer);
     else
       getDefaultPRNG().nextBytes(buffer);
   }
diff --git a/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java
index 0b980903251..7a51d0a0dd0 100644
--- a/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java
+++ b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java
@@ -38,15 +38,7 @@ exception statement from your version. */
 
 package gnu.java.security.key.rsa;
 
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.math.BigInteger;
-import java.security.InvalidParameterException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.util.ArrayList;
-import java.util.logging.Logger;
-
+import gnu.java.security.Configuration;
 import gnu.java.security.OID;
 import gnu.java.security.Registry;
 import gnu.java.security.der.DER;
@@ -56,6 +48,15 @@ import gnu.java.security.der.DERWriter;
 import gnu.java.security.key.IKeyPairCodec;
 import gnu.java.security.util.DerUtil;
 
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.math.BigInteger;
+import java.security.InvalidParameterException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.util.ArrayList;
+import java.util.logging.Logger;
+
 /**
  * An implementation of an {@link IKeyPairCodec} that knows how to encode /
  * decode PKCS#8 ASN.1 external representation of RSA private keys.
@@ -84,7 +85,6 @@ public class RSAKeyPairPKCS8Codec
   /**
    * Returns the PKCS#8 ASN.1 <i>PrivateKeyInfo</i> representation of an RSA
    * private key. The ASN.1 specification is as follows:
-   * 
    * <pre>
    *   PrivateKeyInfo ::= SEQUENCE {
    *     version              INTEGER, -- MUST be 0
@@ -97,10 +97,12 @@ public class RSAKeyPairPKCS8Codec
    *     parameters  ANY DEFINED BY algorithm OPTIONAL
    *   }
    * </pre>
-   * 
-   * <p>The <i>privateKey</i> field, which is an OCTET STRING, contains the
-   * DER-encoded form of the RSA private key defined as:</p>
-   * 
+   * <p>
+   * As indicated in RFC-2459: "The parameters field shall have ASN.1 type NULL
+   * for this algorithm identifier.".
+   * <p>
+   * The <i>privateKey</i> field, which is an OCTET STRING, contains the
+   * DER-encoded form of the RSA private key defined as:
    * <pre>
    *   RSAPrivateKey ::= SEQUENCE {
    *     version                 INTEGER, -- MUST be 0
@@ -122,8 +124,8 @@ public class RSAKeyPairPKCS8Codec
    */
   public byte[] encodePrivateKey(PrivateKey key)
   {
-    log.entering(this.getClass().getName(), "encodePrivateKey()", key);
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "encodePrivateKey()", key);
     if (! (key instanceof GnuRSAPrivateKey))
       throw new InvalidParameterException("Wrong key type");
 
@@ -141,8 +143,9 @@ public class RSAKeyPairPKCS8Codec
 
     DERValue derOID = new DERValue(DER.OBJECT_IDENTIFIER, RSA_ALG_OID);
 
-    ArrayList algorithmID = new ArrayList(1);
+    ArrayList algorithmID = new ArrayList(2);
     algorithmID.add(derOID);
+    algorithmID.add(new DERValue(DER.NULL, null));
     DERValue derAlgorithmID = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE,
                                            algorithmID);
 
@@ -190,8 +193,8 @@ public class RSAKeyPairPKCS8Codec
         y.initCause(x);
         throw y;
       }
-
-    log.exiting(this.getClass().getName(), "encodePrivateKey()", result);
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "encodePrivateKey()", result);
     return result;
   }
 
@@ -213,8 +216,8 @@ public class RSAKeyPairPKCS8Codec
    */
   public PrivateKey decodePrivateKey(byte[] input)
   {
-    log.entering(this.getClass().getName(), "decodePrivateKey()", input);
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "decodePrivateKey()", input);
     if (input == null)
       throw new InvalidParameterException("Input bytes MUST NOT be null");
 
@@ -239,9 +242,12 @@ public class RSAKeyPairPKCS8Codec
         if (! algOID.equals(RSA_ALG_OID))
           throw new InvalidParameterException("Unexpected OID: " + algOID);
 
+        // rfc-2459 states that this field is OPTIONAL but NULL if/when present
         DERValue val = der.read();
-        byte[] pkBytes = (byte[]) val.getValue();
+        if (val.getTag() == DER.NULL)
+          val = der.read();
 
+        byte[] pkBytes = (byte[]) val.getValue();
         der = new DERReader(pkBytes);
         DERValue derRSAPrivateKey = der.read();
         DerUtil.checkIsConstructed(derRSAPrivateKey, "Wrong RSAPrivateKey field");
@@ -284,10 +290,10 @@ public class RSAKeyPairPKCS8Codec
         y.initCause(x);
         throw y;
       }
-
-    PrivateKey result = new GnuRSAPrivateKey(Registry.PKCS8_ENCODING_ID, n, e,
-                                             d, p, q, dP, dQ, qInv);
-    log.exiting(this.getClass().getName(), "decodePrivateKey()", result);
+    PrivateKey result = new GnuRSAPrivateKey(Registry.PKCS8_ENCODING_ID,
+                                             n, e, d, p, q, dP, dQ, qInv);
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "decodePrivateKey()", result);
     return result;
   }
 }
diff --git a/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairRawCodec.java b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairRawCodec.java
index fb7cea99edd..c2650e6a49c 100644
--- a/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairRawCodec.java
+++ b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairRawCodec.java
@@ -47,80 +47,60 @@ import java.security.PrivateKey;
 import java.security.PublicKey;
 
 /**
- * <p>An object that implements the {@link IKeyPairCodec} interface for the
- * <i>Raw</i> format to use with RSA keypairs.</p>
- *
- * @version $Revision: 1.1 $
+ * An object that implements the {@link IKeyPairCodec} interface for the <i>Raw</i>
+ * format to use with RSA keypairs.
  */
-public class RSAKeyPairRawCodec implements IKeyPairCodec
+public class RSAKeyPairRawCodec
+    implements IKeyPairCodec
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   // implicit 0-arguments constructor
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // gnu.crypto.key.IKeyPairCodec interface implementation -------------------
-
   public int getFormatID()
   {
     return RAW_FORMAT;
   }
 
   /**
-   * <p>Returns the encoded form of the designated RSA public key according to
-   * the <i>Raw</i> format supported by this library.</p>
-   *
-   * <p>The <i>Raw</i> format for an RSA public key, in this implementation, is
-   * a byte sequence consisting of the following:</p>
-   *
+   * Returns the encoded form of the designated RSA public key according to the
+   * <i>Raw</i> format supported by this library.
+   * <p>
+   * The <i>Raw</i> format for an RSA public key, in this implementation, is a
+   * byte sequence consisting of the following:
    * <ol>
-   *		<li>4-byte magic consisting of the value of the literal
-   *    {@link Registry#MAGIC_RAW_RSA_PUBLIC_KEY},<li>
-   *		<li>1-byte version consisting of the constant: 0x01,</li>
-   *		<li>4-byte count of following bytes representing the RSA parameter
-   *		<code>n</code> (the modulus) in internet order,</li>
-   *		<li>n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the <code>toByteArray()</code> method on the RSA parameter <code>n</code>,</li>
-   *		<li>4-byte count of following bytes representing the RSA parameter
-   *		<code>e</code> (the public exponent) in internet order,</li>
-   *		<li>n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the <code>toByteArray()</code> method on the RSA parameter <code>e</code>.</li>
+   * <li>4-byte magic consisting of the value of the literal
+   * {@link Registry#MAGIC_RAW_RSA_PUBLIC_KEY},</li>
+   * <li>1-byte version consisting of the constant: 0x01,</li>
+   * <li>4-byte count of following bytes representing the RSA parameter
+   * <code>n</code> (the modulus) in internet order,</li>
+   * <li>n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the <code>toByteArray()</code> method on the RSA parameter <code>n</code>,
+   * </li>
+   * <li>4-byte count of following bytes representing the RSA parameter
+   * <code>e</code> (the public exponent) in internet order,</li>
+   * <li>n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the <code>toByteArray()</code> method on the RSA parameter <code>e</code>.
+   * </li>
    * </ol>
-   *
+   * 
    * @param key the key to encode.
    * @return the <i>Raw</i> format encoding of the designated key.
    * @exception IllegalArgumentException if the designated key is not an RSA
-   * one.
+   *              one.
    */
   public byte[] encodePublicKey(PublicKey key)
   {
-    if (!(key instanceof GnuRSAPublicKey))
-      {
-        throw new IllegalArgumentException("key");
-      }
+    if (! (key instanceof GnuRSAPublicKey))
+      throw new IllegalArgumentException("key");
 
     GnuRSAPublicKey rsaKey = (GnuRSAPublicKey) key;
     ByteArrayOutputStream baos = new ByteArrayOutputStream();
-
     // magic
     baos.write(Registry.MAGIC_RAW_RSA_PUBLIC_KEY[0]);
     baos.write(Registry.MAGIC_RAW_RSA_PUBLIC_KEY[1]);
     baos.write(Registry.MAGIC_RAW_RSA_PUBLIC_KEY[2]);
     baos.write(Registry.MAGIC_RAW_RSA_PUBLIC_KEY[3]);
-
     // version
     baos.write(0x01);
-
     // n
     byte[] buffer = rsaKey.getModulus().toByteArray();
     int length = buffer.length;
@@ -129,7 +109,6 @@ public class RSAKeyPairRawCodec implements IKeyPairCodec
     baos.write((length >>> 8) & 0xFF);
     baos.write(length & 0xFF);
     baos.write(buffer, 0, length);
-
     // e
     buffer = rsaKey.getPublicExponent().toByteArray();
     length = buffer.length;
@@ -138,7 +117,6 @@ public class RSAKeyPairRawCodec implements IKeyPairCodec
     baos.write((length >>> 8) & 0xFF);
     baos.write(length & 0xFF);
     baos.write(buffer, 0, length);
-
     return baos.toByteArray();
   }
 
@@ -149,92 +127,87 @@ public class RSAKeyPairRawCodec implements IKeyPairCodec
         || k[1] != Registry.MAGIC_RAW_RSA_PUBLIC_KEY[1]
         || k[2] != Registry.MAGIC_RAW_RSA_PUBLIC_KEY[2]
         || k[3] != Registry.MAGIC_RAW_RSA_PUBLIC_KEY[3])
-      {
-        throw new IllegalArgumentException("magic");
-      }
+      throw new IllegalArgumentException("magic");
 
     // version
     if (k[4] != 0x01)
-      {
-        throw new IllegalArgumentException("version");
-      }
-    int i = 5;
+      throw new IllegalArgumentException("version");
 
+    int i = 5;
     int l;
     byte[] buffer;
-
     // n
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger n = new BigInteger(1, buffer);
-
     // e
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger e = new BigInteger(1, buffer);
-
     return new GnuRSAPublicKey(n, e);
   }
 
   /**
-   * <p>Returns the encoded form of the designated RSA private key according to
-   * the <i>Raw</i> format supported by this library.</p>
-   *
-   * <p>The <i>Raw</i> format for an RSA private key, in this implementation,
-   * is a byte sequence consisting of the following:</p>
-   *
+   * Returns the encoded form of the designated RSA private key according to the
+   * <i>Raw</i> format supported by this library.
+   * <p>
+   * The <i>Raw</i> format for an RSA private key, in this implementation, is a
+   * byte sequence consisting of the following:
    * <ol>
-   *		<li>4-byte magic consisting of the value of the literal
-   *    {@link Registry#MAGIC_RAW_RSA_PRIVATE_KEY},<li>
-   *		<li>1-byte version consisting of the constant: 0x01,</li>
-   *		<li>4-byte count of following bytes representing the RSA parameter
-   *		<code>p</code> (the first prime factor of the modulus) in internet
-   *    order,</li>
-   *		<li>n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the <code>toByteArray()</code> method on the RSA parameter <code>p</code>,</li>
-   *		<li>4-byte count of following bytes representing the RSA parameter
-   *		<code>q</code> (the second prime factor of the modulus) in internet
-   *    order,</li>
-   *		<li>n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the <code>toByteArray()</code> method on the RSA parameter <code>q</code>,</li>
-   *		<li>4-byte count of following bytes representing the RSA parameter
-   *		<code>e</code> (the public exponent) in internet order,</li>
-   *		<li>n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the <code>toByteArray()</code> method on the RSA parameter <code>e</code>,</li>
-   *		<li>4-byte count of following bytes representing the RSA parameter
-   *		<code>d</code> (the private exponent) in internet order,</li>
-   *		<li>n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the <code>toByteArray()</code> method on the RSA parameter <code>d</code>,</li>
+   * <li>4-byte magic consisting of the value of the literal
+   * {@link Registry#MAGIC_RAW_RSA_PRIVATE_KEY},</li>
+   * <li>1-byte version consisting of the constant: 0x01,</li>
+   * <li>4-byte count of following bytes representing the RSA parameter
+   * <code>p</code> (the first prime factor of the modulus) in internet order,
+   * </li>
+   * <li>n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the <code>toByteArray()</code> method on the RSA parameter <code>p</code>,
+   * </li>
+   * <li>4-byte count of following bytes representing the RSA parameter
+   * <code>q</code> (the second prime factor of the modulus) in internet
+   * order,</li>
+   * <li>n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the <code>toByteArray()</code> method on the RSA parameter <code>q</code>,
+   * </li>
+   * <li>4-byte count of following bytes representing the RSA parameter
+   * <code>e</code> (the public exponent) in internet order,</li>
+   * <li>n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the <code>toByteArray()</code> method on the RSA parameter <code>e</code>,
+   * </li>
+   * <li>4-byte count of following bytes representing the RSA parameter
+   * <code>d</code> (the private exponent) in internet order,</li>
+   * <li>n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the <code>toByteArray()</code> method on the RSA parameter <code>d</code>,
+   * </li>
    * </ol>
-   *
+   * 
    * @param key the key to encode.
    * @return the <i>Raw</i> format encoding of the designated key.
    */
   public byte[] encodePrivateKey(PrivateKey key)
   {
-    if (!(key instanceof GnuRSAPrivateKey))
-      {
-        throw new IllegalArgumentException("key");
-      }
+    if (! (key instanceof GnuRSAPrivateKey))
+      throw new IllegalArgumentException("key");
 
     GnuRSAPrivateKey rsaKey = (GnuRSAPrivateKey) key;
     ByteArrayOutputStream baos = new ByteArrayOutputStream();
-
     // magic
     baos.write(Registry.MAGIC_RAW_RSA_PRIVATE_KEY[0]);
     baos.write(Registry.MAGIC_RAW_RSA_PRIVATE_KEY[1]);
     baos.write(Registry.MAGIC_RAW_RSA_PRIVATE_KEY[2]);
     baos.write(Registry.MAGIC_RAW_RSA_PRIVATE_KEY[3]);
-
     // version
     baos.write(0x01);
-
     // p
     byte[] buffer = rsaKey.getPrimeP().toByteArray();
     int length = buffer.length;
@@ -243,7 +216,6 @@ public class RSAKeyPairRawCodec implements IKeyPairCodec
     baos.write((length >>> 8) & 0xFF);
     baos.write(length & 0xFF);
     baos.write(buffer, 0, length);
-
     // q
     buffer = rsaKey.getPrimeQ().toByteArray();
     length = buffer.length;
@@ -252,7 +224,6 @@ public class RSAKeyPairRawCodec implements IKeyPairCodec
     baos.write((length >>> 8) & 0xFF);
     baos.write(length & 0xFF);
     baos.write(buffer, 0, length);
-
     // e
     buffer = rsaKey.getPublicExponent().toByteArray();
     length = buffer.length;
@@ -261,7 +232,6 @@ public class RSAKeyPairRawCodec implements IKeyPairCodec
     baos.write((length >>> 8) & 0xFF);
     baos.write(length & 0xFF);
     baos.write(buffer, 0, length);
-
     // d
     buffer = rsaKey.getPrivateExponent().toByteArray();
     length = buffer.length;
@@ -270,7 +240,6 @@ public class RSAKeyPairRawCodec implements IKeyPairCodec
     baos.write((length >>> 8) & 0xFF);
     baos.write(length & 0xFF);
     baos.write(buffer, 0, length);
-
     return baos.toByteArray();
   }
 
@@ -281,52 +250,51 @@ public class RSAKeyPairRawCodec implements IKeyPairCodec
         || k[1] != Registry.MAGIC_RAW_RSA_PRIVATE_KEY[1]
         || k[2] != Registry.MAGIC_RAW_RSA_PRIVATE_KEY[2]
         || k[3] != Registry.MAGIC_RAW_RSA_PRIVATE_KEY[3])
-      {
-        throw new IllegalArgumentException("magic");
-      }
+      throw new IllegalArgumentException("magic");
 
     // version
     if (k[4] != 0x01)
-      {
-        throw new IllegalArgumentException("version");
-      }
-    int i = 5;
+      throw new IllegalArgumentException("version");
 
+    int i = 5;
     int l;
     byte[] buffer;
-
     // p
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger p = new BigInteger(1, buffer);
-
     // q
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger q = new BigInteger(1, buffer);
-
     // e
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger e = new BigInteger(1, buffer);
-
     // d
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger d = new BigInteger(1, buffer);
-
     return new GnuRSAPrivateKey(p, q, e, d);
   }
 }
diff --git a/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairX509Codec.java b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairX509Codec.java
index 882d9c7b2ca..b11e1c01371 100644
--- a/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairX509Codec.java
+++ b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairX509Codec.java
@@ -38,6 +38,7 @@ exception statement from your version. */
 
 package gnu.java.security.key.rsa;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.OID;
 import gnu.java.security.Registry;
 import gnu.java.security.der.BitString;
@@ -114,8 +115,8 @@ public class RSAKeyPairX509Codec
    */
   public byte[] encodePublicKey(PublicKey key)
   {
-    log.entering(this.getClass().getName(), "encodePublicKey()", key);
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "encodePublicKey()", key);
     if (! (key instanceof GnuRSAPublicKey))
       throw new InvalidParameterException("key");
 
@@ -156,12 +157,12 @@ public class RSAKeyPairX509Codec
       }
     catch (IOException x)
       {
-        InvalidParameterException y = new InvalidParameterException();
+        InvalidParameterException y = new InvalidParameterException(x.getMessage());
         y.initCause(x);
         throw y;
       }
-
-    log.exiting(this.getClass().getName(), "encodePublicKey()", result);
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "encodePublicKey()", result);
     return result;
   }
 
@@ -183,8 +184,8 @@ public class RSAKeyPairX509Codec
    */
   public PublicKey decodePublicKey(byte[] input)
   {
-    log.entering(this.getClass().getName(), "decodePublicKey()", input);
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "decodePublicKey()", input);
     if (input == null)
       throw new InvalidParameterException("Input bytes MUST NOT be null");
 
@@ -229,13 +230,13 @@ public class RSAKeyPairX509Codec
       }
     catch (IOException x)
       {
-        InvalidParameterException y = new InvalidParameterException();
+        InvalidParameterException y = new InvalidParameterException(x.getMessage());
         y.initCause(x);
         throw y;
       }
-
     PublicKey result = new GnuRSAPublicKey(Registry.X509_ENCODING_ID, n, e);
-    log.exiting(this.getClass().getName(), "decodePublicKey()", result);
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "decodePublicKey()", result);
     return result;
   }
 
diff --git a/libjava/classpath/gnu/java/security/pkcs/PKCS7SignedData.java b/libjava/classpath/gnu/java/security/pkcs/PKCS7SignedData.java
index 0781f4ba97c..d59dba3cd0f 100644
--- a/libjava/classpath/gnu/java/security/pkcs/PKCS7SignedData.java
+++ b/libjava/classpath/gnu/java/security/pkcs/PKCS7SignedData.java
@@ -37,6 +37,7 @@ exception statement from your version. */
 
 package gnu.java.security.pkcs;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.OID;
 import gnu.java.security.ber.BER;
 import gnu.java.security.ber.BEREncodingException;
@@ -52,9 +53,7 @@ import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
-
 import java.math.BigInteger;
-
 import java.security.cert.CRL;
 import java.security.cert.CRLException;
 import java.security.cert.Certificate;
@@ -62,7 +61,6 @@ import java.security.cert.CertificateEncodingException;
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateFactory;
 import java.security.cert.X509CRL;
-
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashSet;
@@ -174,21 +172,22 @@ public class PKCS7SignedData
     if (!val.isConstructed())
       throw new BEREncodingException("malformed SignedData");
 
-    log.finest("SignedData: " + val);
+    if (Configuration.DEBUG)
+      log.fine("SignedData: " + val);
 
     val = ber.read();
     if (val.getTag() != BER.INTEGER)
       throw new BEREncodingException("expecting Version");
     version = (BigInteger) val.getValue();
-
-    log.finest("  Version: " + version);
+    if (Configuration.DEBUG)
+      log.fine("  Version: " + version);
 
     digestAlgorithms = new HashSet();
     val = ber.read();
     if (!val.isConstructed())
       throw new BEREncodingException("malformed DigestAlgorithmIdentifiers");
-
-    log.finest("  DigestAlgorithmIdentifiers: " + val);
+    if (Configuration.DEBUG)
+      log.fine("  DigestAlgorithmIdentifiers: " + val);
     int count = 0;
     DERValue val2 = ber.read();
     while (val2 != BER.END_OF_SEQUENCE &&
@@ -196,14 +195,14 @@ public class PKCS7SignedData
       {
         if (!val2.isConstructed())
           throw new BEREncodingException("malformed AlgorithmIdentifier");
-
-        log.finest("    AlgorithmIdentifier: " + val2);
+        if (Configuration.DEBUG)
+          log.fine("    AlgorithmIdentifier: " + val2);
         count += val2.getEncodedLength();
         val2 = ber.read();
         if (val2.getTag() != BER.OBJECT_IDENTIFIER)
           throw new BEREncodingException("malformed AlgorithmIdentifier");
-
-        log.finest("      digestAlgorithmIdentifiers OID: " + val2.getValue());
+        if (Configuration.DEBUG)
+          log.fine("      digestAlgorithmIdentifiers OID: " + val2.getValue());
         List algId = new ArrayList(2);
         algId.add(val2.getValue());
         val2 = ber.read();
@@ -224,23 +223,27 @@ public class PKCS7SignedData
         else
           algId.add(null);
 
-        log.finest("      digestAlgorithmIdentifiers params: ");
-        log.finest(Util.dumpString((byte[]) algId.get(1),
-                                   "      digestAlgorithmIdentifiers params: "));
+        if (Configuration.DEBUG)
+          {
+            log.fine("      digestAlgorithmIdentifiers params: ");
+            log.fine(Util.dumpString((byte[]) algId.get(1),
+                                     "      digestAlgorithmIdentifiers params: "));
+          }
         digestAlgorithms.add(algId);
       }
 
     val = ber.read();
     if (!val.isConstructed())
       throw new BEREncodingException("malformed ContentInfo");
-
-    log.finest("  ContentInfo: " + val);
+    if (Configuration.DEBUG)
+      log.fine("  ContentInfo: " + val);
     val2 = ber.read();
     if (val2.getTag() != BER.OBJECT_IDENTIFIER)
       throw new BEREncodingException("malformed ContentType");
 
     contentType = (OID) val2.getValue();
-    log.finest("    ContentType OID: " + contentType);
+    if (Configuration.DEBUG)
+      log.fine("    ContentType OID: " + contentType);
     if (BERValue.isIndefinite(val)
         || (val.getLength() > 0 && val.getLength() > val2.getEncodedLength()))
       {
@@ -252,17 +255,18 @@ public class PKCS7SignedData
               val2 = ber.read();
           }
       }
-
-    log.finest("    Content: ");
-    log.finest(Util.dumpString(content, "    Content: "));
-
+    if (Configuration.DEBUG)
+      {
+        log.fine("    Content: ");
+        log.fine(Util.dumpString(content, "    Content: "));
+      }
     val = ber.read();
     if (val.getTag() == 0)
       {
         if (!val.isConstructed())
           throw new BEREncodingException("malformed ExtendedCertificatesAndCertificates");
-
-        log.finest("  ExtendedCertificatesAndCertificates: " + val);
+        if (Configuration.DEBUG)
+          log.fine("  ExtendedCertificatesAndCertificates: " + val);
         count = 0;
         val2 = ber.read();
         List certs = new LinkedList();
@@ -271,7 +275,8 @@ public class PKCS7SignedData
           {
             Certificate cert =
               x509.generateCertificate(new ByteArrayInputStream(val2.getEncoded()));
-            log.finest("    Certificate: " + cert);
+            if (Configuration.DEBUG)
+              log.fine("    Certificate: " + cert);
             certs.add(cert);
             count += val2.getEncodedLength();
             ber.skip(val2.getLength());
@@ -286,8 +291,8 @@ public class PKCS7SignedData
       {
         if (!val.isConstructed())
           throw new BEREncodingException("malformed CertificateRevocationLists");
-
-        log.finest("  CertificateRevocationLists: " + val);
+        if (Configuration.DEBUG)
+          log.fine("  CertificateRevocationLists: " + val);
         count = 0;
         val2 = ber.read();
         List crls = new LinkedList();
@@ -295,7 +300,8 @@ public class PKCS7SignedData
                (val.getLength() > 0 && val.getLength() > count))
           {
             CRL crl = x509.generateCRL(new ByteArrayInputStream(val2.getEncoded()));
-            log.finest("    CRL: " + crl);
+            if (Configuration.DEBUG)
+              log.fine("    CRL: " + crl);
             crls.add(crl);
             count += val2.getEncodedLength();
             ber.skip(val2.getLength());
@@ -309,8 +315,8 @@ public class PKCS7SignedData
     signerInfos = new HashSet();
     if (!val.isConstructed())
       throw new BEREncodingException("malformed SignerInfos");
-
-    log.finest("  SignerInfos: " + val);
+    if (Configuration.DEBUG)
+      log.fine("  SignerInfos: " + val);
 
     // FIXME read this more carefully.
     // Since we are just reading a file (probably) we just read until we
diff --git a/libjava/classpath/gnu/java/security/pkcs/SignerInfo.java b/libjava/classpath/gnu/java/security/pkcs/SignerInfo.java
index 7b38bfefdaf..3066401ac4b 100644
--- a/libjava/classpath/gnu/java/security/pkcs/SignerInfo.java
+++ b/libjava/classpath/gnu/java/security/pkcs/SignerInfo.java
@@ -37,6 +37,7 @@ exception statement from your version. */
 
 package gnu.java.security.pkcs;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.OID;
 import gnu.java.security.ber.BER;
 import gnu.java.security.ber.BEREncodingException;
@@ -50,7 +51,6 @@ import gnu.java.security.util.Util;
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.io.OutputStream;
-
 import java.math.BigInteger;
 import java.util.ArrayList;
 import java.util.logging.Logger;
@@ -101,7 +101,8 @@ public class SignerInfo
   public SignerInfo(BERReader ber) throws IOException
   {
     DERValue val = ber.read();
-    log.finest("SignerInfo: " + val);
+    if (Configuration.DEBUG)
+      log.fine("SignerInfo: " + val);
     if (!val.isConstructed())
       throw new BEREncodingException("malformed SignerInfo");
 
@@ -110,13 +111,13 @@ public class SignerInfo
       throw new BEREncodingException("malformed Version");
 
     version = (BigInteger) val.getValue();
-    log.finest("  Version: " + version);
+    log.fine("  Version: " + version);
 
     val = ber.read();
     if (!val.isConstructed())
       throw new BEREncodingException("malformed IssuerAndSerialNumber");
-
-    log.finest("  IssuerAndSerialNumber: " + val);
+    if (Configuration.DEBUG)
+      log.fine("  IssuerAndSerialNumber: " + val);
 
     val = ber.read();
     if (!val.isConstructed())
@@ -124,20 +125,22 @@ public class SignerInfo
 
     issuer = new X500Principal(val.getEncoded());
     ber.skip(val.getLength());
-    log.finest("    Issuer: " + issuer);
+    if (Configuration.DEBUG)
+      log.fine("    Issuer: " + issuer);
 
     val = ber.read();
     if (val.getTag() != BER.INTEGER)
       throw new BEREncodingException("malformed SerialNumber");
 
     serialNumber = (BigInteger) val.getValue();
-    log.finest("    SerialNumber: " + serialNumber);
+    if (Configuration.DEBUG)
+      log.fine("    SerialNumber: " + serialNumber);
 
     val = ber.read();
     if (!val.isConstructed())
       throw new BEREncodingException("malformed DigestAlgorithmIdentifier");
-
-    log.finest("  DigestAlgorithmIdentifier: " + val);
+    if (Configuration.DEBUG)
+      log.fine("  DigestAlgorithmIdentifier: " + val);
 
     int count = 0;
     DERValue val2 = ber.read();
@@ -145,7 +148,8 @@ public class SignerInfo
       throw new BEREncodingException("malformed AlgorithmIdentifier");
 
     digestAlgorithmId = (OID) val2.getValue();
-    log.finest("    digestAlgorithm OID: " + digestAlgorithmId);
+    if (Configuration.DEBUG)
+      log.fine("    digestAlgorithm OID: " + digestAlgorithmId);
 
     if (BERValue.isIndefinite(val))
       {
@@ -170,10 +174,12 @@ public class SignerInfo
     else
       digestAlgorithmParams = null;
 
-    log.finest("    digestAlgorithm params: ");
-    log.finest(Util.dumpString(digestAlgorithmParams,
-                               "    digestAlgorithm params: "));
-
+    if (Configuration.DEBUG)
+      {
+        log.fine("    digestAlgorithm params: ");
+        log.fine(Util.dumpString(digestAlgorithmParams,
+                                 "    digestAlgorithm params: "));
+      }
     val = ber.read();
     if (val.getTag() == 0)
       {
@@ -187,21 +193,24 @@ public class SignerInfo
     else
       authenticatedAttributes = null;
 
-    log.finest("  AuthenticatedAttributes: ");
-    log.finest(Util.dumpString(authenticatedAttributes,
-                               "  AuthenticatedAttributes: "));
-
+    if (Configuration.DEBUG)
+      {
+        log.fine("  AuthenticatedAttributes: ");
+        log.fine(Util.dumpString(authenticatedAttributes,
+                                 "  AuthenticatedAttributes: "));
+      }
     if (!val.isConstructed())
       throw new BEREncodingException("malformed DigestEncryptionAlgorithmIdentifier");
-
-    log.finest("  DigestEncryptionAlgorithmIdentifier: " + val);
+    if (Configuration.DEBUG)
+      log.fine("  DigestEncryptionAlgorithmIdentifier: " + val);
     count = 0;
     val2 = ber.read();
     if (val2.getTag() != BER.OBJECT_IDENTIFIER)
       throw new BEREncodingException("malformed AlgorithmIdentifier");
 
     digestEncryptionAlgorithmId = (OID) val2.getValue();
-    log.finest("    digestEncryptionAlgorithm OID: " + digestEncryptionAlgorithmId);
+    if (Configuration.DEBUG)
+      log.fine("    digestEncryptionAlgorithm OID: " + digestEncryptionAlgorithmId);
 
     if (BERValue.isIndefinite(val))
       {
@@ -226,27 +235,33 @@ public class SignerInfo
     else
       digestEncryptionAlgorithmParams = null;
 
-    log.finest("    digestEncryptionAlgorithm params: ");
-    log.finest(Util.dumpString(digestEncryptionAlgorithmParams,
-                               "    digestEncryptionAlgorithm params: "));
-
+    if (Configuration.DEBUG)
+      {
+        log.fine("    digestEncryptionAlgorithm params: ");
+        log.fine(Util.dumpString(digestEncryptionAlgorithmParams,
+                                 "    digestEncryptionAlgorithm params: "));
+      }
     val = ber.read();
     if (val.getTag() != BER.OCTET_STRING)
       throw new BEREncodingException("malformed EncryptedDigest");
 
     encryptedDigest = (byte[]) val.getValue();
-    log.finest("  EncryptedDigest: ");
-    log.finest(Util.dumpString(encryptedDigest, "  EncryptedDigest: "));
-
+    if (Configuration.DEBUG)
+      {
+        log.fine("  EncryptedDigest: ");
+        log.fine(Util.dumpString(encryptedDigest, "  EncryptedDigest: "));
+      }
     if (ber.peek() == 1)
       unauthenticatedAttributes = ber.read().getEncoded();
     else
       unauthenticatedAttributes = null;
 
-    log.finest("  UnauthenticatedAttributes: ");
-    log.finest(Util.dumpString(unauthenticatedAttributes,
-                               "  UnauthenticatedAttributes: "));
-
+    if (Configuration.DEBUG)
+      {
+        log.fine("  UnauthenticatedAttributes: ");
+        log.fine(Util.dumpString(unauthenticatedAttributes,
+                                 "  UnauthenticatedAttributes: "));
+      }
     if (ber.peek() == 0)
       ber.read();
   }
diff --git a/libjava/classpath/gnu/java/security/prng/BasePRNG.java b/libjava/classpath/gnu/java/security/prng/BasePRNG.java
index fe815d7004e..3b7c8cf071f 100644
--- a/libjava/classpath/gnu/java/security/prng/BasePRNG.java
+++ b/libjava/classpath/gnu/java/security/prng/BasePRNG.java
@@ -41,14 +41,11 @@ package gnu.java.security.prng;
 import java.util.Map;
 
 /**
- * <p>An abstract class to facilitate implementing PRNG algorithms.</p>
+ * An abstract class to facilitate implementing PRNG algorithms.
  */
-public abstract class BasePRNG implements IRandom
+public abstract class BasePRNG
+    implements IRandom
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** The canonical name prefix of the PRNG algorithm. */
   protected String name;
 
@@ -61,12 +58,9 @@ public abstract class BasePRNG implements IRandom
   /** The index into buffer of where the next byte will come from. */
   protected int ndx;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Trivial constructor for use by concrete subclasses.</p>
-   *
+   * Trivial constructor for use by concrete subclasses.
+   * 
    * @param name the canonical name of this instance.
    */
   protected BasePRNG(String name)
@@ -78,14 +72,6 @@ public abstract class BasePRNG implements IRandom
     buffer = new byte[0];
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // IRandom interface implementation ----------------------------------------
-
   public String name()
   {
     return name;
@@ -101,10 +87,9 @@ public abstract class BasePRNG implements IRandom
 
   public byte nextByte() throws IllegalStateException, LimitReachedException
   {
-    if (!initialised)
-      {
-        throw new IllegalStateException();
-      }
+    if (! initialised)
+      throw new IllegalStateException();
+
     return nextByteInternal();
   }
 
@@ -117,7 +102,7 @@ public abstract class BasePRNG implements IRandom
   public void nextBytes(byte[] out, int offset, int length)
       throws IllegalStateException, LimitReachedException
   {
-    if (!initialised)
+    if (! initialised)
       throw new IllegalStateException("not initialized");
 
     if (length == 0)
@@ -127,7 +112,6 @@ public abstract class BasePRNG implements IRandom
       throw new ArrayIndexOutOfBoundsException("offset=" + offset + " length="
                                                + length + " limit="
                                                + out.length);
-
     if (ndx >= buffer.length)
       {
         fillBlock();
@@ -163,9 +147,6 @@ public abstract class BasePRNG implements IRandom
     throw new UnsupportedOperationException("random state is non-modifiable");
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   public boolean isInitialised()
   {
     return initialised;
@@ -182,8 +163,6 @@ public abstract class BasePRNG implements IRandom
     return buffer[ndx++];
   }
 
-  // abstract methods to implement by subclasses -----------------------------
-
   public Object clone() throws CloneNotSupportedException
   {
     BasePRNG result = (BasePRNG) super.clone();
diff --git a/libjava/classpath/gnu/java/security/prng/EntropySource.java b/libjava/classpath/gnu/java/security/prng/EntropySource.java
index 260c668f8df..95f68f04872 100644
--- a/libjava/classpath/gnu/java/security/prng/EntropySource.java
+++ b/libjava/classpath/gnu/java/security/prng/EntropySource.java
@@ -43,7 +43,6 @@ package gnu.java.security.prng;
  */
 public interface EntropySource
 {
-
   /**
    * Returns the estimated quality of this source. This value should be
    * between 0 and 100 (the running quality is computed as a percentage,
diff --git a/libjava/classpath/gnu/java/security/prng/IRandom.java b/libjava/classpath/gnu/java/security/prng/IRandom.java
index 2c89e7ad56f..66ad6d2241b 100644
--- a/libjava/classpath/gnu/java/security/prng/IRandom.java
+++ b/libjava/classpath/gnu/java/security/prng/IRandom.java
@@ -41,140 +41,134 @@ package gnu.java.security.prng;
 import java.util.Map;
 
 /**
- * <p>The basic visible methods of any pseudo-random number generator.</p>
- *
- * <p>The [HAC] defines a PRNG (as implemented in this library) as follows:</p>
- *
+ * The basic visible methods of any pseudo-random number generator.
+ * <p>
+ * The [HAC] defines a PRNG (as implemented in this library) as follows:
  * <ul>
- *    <li>"5.6 Definition: A pseudorandom bit generator (PRBG) is said to pass
- *    the <em>next-bit test</em> if there is no polynomial-time algorithm which,
- *    on input of the first <code>L</code> bits of an output sequence <code>S</code>,
- *    can predict the <code>(L+1)</code>st bit of <code>S</code> with a
- *    probability significantly grater than <code>1/2</code>."</li>
- *
- *    <li>"5.8 Definition: A PRBG that passes the <em>next-bit test</em>
- *    (possibly under some plausible but unproved mathematical assumption such
- *    as the intractability of factoring integers) is called a
- *    <em>cryptographically secure pseudorandom bit generator</em> (CSPRBG)."</li>
+ * <li>"5.6 Definition: A pseudorandom bit generator (PRBG) is said to pass the
+ * <em>next-bit test</em> if there is no polynomial-time algorithm which, on
+ * input of the first <code>L</code> bits of an output sequence <code>S</code>,
+ * can predict the <code>(L+1)</code><sup>st</sup> bit of <code>S</code> with a
+ * probability significantly greater than <code>1/2</code>."</li>
+ * <li>"5.8 Definition: A PRBG that passes the <em>next-bit test</em>
+ * (possibly under some plausible but unproved mathematical assumption such as
+ * the intractability of factoring integers) is called a <em>cryptographically
+ * secure pseudorandom bit generator</em> (CSPRBG)."</li>
  * </ul>
- *
- * <p><b>IMPLEMENTATION NOTE</b>: Although all the concrete classes in this
+ * <p>
+ * <b>IMPLEMENTATION NOTE</b>: Although all the concrete classes in this
  * package implement the {@link Cloneable} interface, it is important to note
- * here that such an operation, for those algorithms that use an underlting
+ * here that such an operation, for those algorithms that use an underlying
  * symmetric key block cipher, <b>DOES NOT</b> clone any session key material
  * that may have been used in initialising the source PRNG (the instance to be
- * cloned). Instead a clone of an already initialised PRNG, that uses and
+ * cloned). Instead a clone of an already initialised PRNG, that uses an
  * underlying symmetric key block cipher, is another instance with a clone of
- * the same cipher that operates with the <b>same block size</b> but without any
- * knowledge of neither key material nor key size.</p>
- *
- * <p>References:</p>
- *
+ * the same cipher that operates with the <b>same block size</b> but without
+ * any knowledge of neither key material nor key size.
+ * <p>
+ * References:
  * <ol>
- *    <li><a href="http://www.cacr.math.uwaterloo.ca/hac">[HAC]</a>: Handbook of
- *    Applied Cryptography.<br>
- *    CRC Press, Inc. ISBN 0-8493-8523-7, 1997<br>
- *    Menezes, A., van Oorschot, P. and S. Vanstone.</li>
+ * <li><a href="http://www.cacr.math.uwaterloo.ca/hac">[HAC]</a>: Handbook of
+ * Applied Cryptography.<br>
+ * CRC Press, Inc. ISBN 0-8493-8523-7, 1997<br>
+ * Menezes, A., van Oorschot, P. and S. Vanstone.</li>
  * </ol>
  */
-public interface IRandom extends Cloneable
+public interface IRandom
+    extends Cloneable
 {
-
-  // Constants
-  // -------------------------------------------------------------------------
-
-  // Methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns the canonical name of this instance.</p>
-   *
-   * @return the canonical name of this instance. */
+   * Returns the canonical name of this instance.
+   * 
+   * @return the canonical name of this instance.
+   */
   String name();
 
   /**
-   * <p>Initialises the pseudo-random number generator scheme with the
-   * appropriate attributes.</p>
-   *
+   * Initialises the pseudo-random number generator scheme with the appropriate
+   * attributes.
+   * 
    * @param attributes a set of name-value pairs that describe the desired
-   * future instance behaviour.
+   *          future instance behaviour.
    * @exception IllegalArgumentException if at least one of the defined name/
-   * value pairs contains invalid data.
+   *              value pairs contains invalid data.
    */
   void init(Map attributes);
 
   /**
-   * <p>Returns the next 8 bits of random data generated from this instance.</p>
-   *
+   * Returns the next 8 bits of random data generated from this instance.
+   * 
    * @return the next 8 bits of random data generated from this instance.
    * @exception IllegalStateException if the instance is not yet initialised.
    * @exception LimitReachedException if this instance has reached its
-   * theoretical limit for generating non-repetitive pseudo-random data.
+   *              theoretical limit for generating non-repetitive pseudo-random
+   *              data.
    */
   byte nextByte() throws IllegalStateException, LimitReachedException;
 
   /**
-   * <p>Fills the designated byte array, starting from byte at index
-   * <code>offset</code>, for a maximum of <code>length</code> bytes with the
-   * output of this generator instance.
-   *
+   * Fills the designated byte array, starting from byte at index
+   * <code>offset</code>, for a maximum of <code>length</code> bytes with
+   * the output of this generator instance.
+   * 
    * @param out the placeholder to contain the generated random bytes.
    * @param offset the starting index in <i>out</i> to consider. This method
-   * does nothing if this parameter is not within <code>0</code> and
-   * <code>out.length</code>.
-   * @param length the maximum number of required random bytes. This method
-   * does nothing if this parameter is less than <code>1</code>.
+   *          does nothing if this parameter is not within <code>0</code> and
+   *          <code>out.length</code>.
+   * @param length the maximum number of required random bytes. This method does
+   *          nothing if this parameter is less than <code>1</code>.
    * @exception IllegalStateException if the instance is not yet initialised.
    * @exception LimitReachedException if this instance has reached its
-   * theoretical limit for generating non-repetitive pseudo-random data.
+   *              theoretical limit for generating non-repetitive pseudo-random
+   *              data.
    */
   void nextBytes(byte[] out, int offset, int length)
       throws IllegalStateException, LimitReachedException;
 
   /**
-   * <p>Supplement, or possibly replace, the random state of this PRNG with
-   * a random byte.</p>
-   *
-   * <p>Implementations are not required to implement this method in any
-   * meaningful way; this may be a no-operation, and implementations may
-   * throw an {@link UnsupportedOperationException}.</p>
-   *
+   * Supplement, or possibly replace, the random state of this PRNG with a
+   * random byte.
+   * <p>
+   * Implementations are not required to implement this method in any meaningful
+   * way; this may be a no-operation, and implementations may throw an
+   * {@link UnsupportedOperationException}.
+   * 
    * @param b The byte to add.
    */
   void addRandomByte(byte b);
 
   /**
-   * <p>Supplement, or possibly replace, the random state of this PRNG with
-   * a sequence of new random bytes.</p>
-   *
-   * <p>Implementations are not required to implement this method in any
-   * meaningful way; this may be a no-operation, and implementations may
-   * throw an {@link UnsupportedOperationException}.</p>
-   *
+   * Supplement, or possibly replace, the random state of this PRNG with a
+   * sequence of new random bytes.
+   * <p>
+   * Implementations are not required to implement this method in any meaningful
+   * way; this may be a no-operation, and implementations may throw an
+   * {@link UnsupportedOperationException}.
+   * 
    * @param in The buffer of new random bytes to add.
    */
   void addRandomBytes(byte[] in);
 
   /**
-   * <p>Supplement, or possibly replace, the random state of this PRNG with
-   * a sequence of new random bytes.</p>
-   *
-   * <p>Implementations are not required to implement this method in any
-   * meaningful way; this may be a no-operation, and implementations may
-   * throw an {@link UnsupportedOperationException}.</p>
-   *
+   * Supplement, or possibly replace, the random state of this PRNG with a
+   * sequence of new random bytes.
+   * <p>
+   * Implementations are not required to implement this method in any meaningful
+   * way; this may be a no-operation, and implementations may throw an
+   * {@link UnsupportedOperationException}.
+   * 
    * @param in The buffer of new random bytes to add.
    * @param offset The offset from whence to begin reading random bytes.
    * @param length The number of random bytes to add.
-   * @exception IndexOutOfBoundsException If <i>offset</i>, <i>length</i>,
-   * or <i>offset</i>+<i>length</i> is out of bounds.
+   * @exception IndexOutOfBoundsException If <i>offset</i>, <i>length</i>, or
+   *              <i>offset</i>+<i>length</i> is out of bounds.
    */
   void addRandomBytes(byte[] in, int offset, int length);
 
   /**
-   * <p>Returns a clone copy of this instance.</p>
-   *
+   * Returns a clone copy of this instance.
+   * 
    * @return a clone copy of this instance.
    */
   Object clone() throws CloneNotSupportedException;
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/java/security/prng/LimitReachedException.java b/libjava/classpath/gnu/java/security/prng/LimitReachedException.java
index 2fd8bfa7fd1..8d5b30baf90 100644
--- a/libjava/classpath/gnu/java/security/prng/LimitReachedException.java
+++ b/libjava/classpath/gnu/java/security/prng/LimitReachedException.java
@@ -42,15 +42,9 @@ package gnu.java.security.prng;
  * A checked exception that indicates that a pseudo random number generated has
  * reached its theoretical limit in generating random bytes.
  */
-public class LimitReachedException extends Exception
+public class LimitReachedException
+    extends Exception
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public LimitReachedException()
   {
     super();
@@ -60,10 +54,4 @@ public class LimitReachedException extends Exception
   {
     super(msg);
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instant methods
-  // -------------------------------------------------------------------------
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/java/security/prng/MDGenerator.java b/libjava/classpath/gnu/java/security/prng/MDGenerator.java
index 073c559ae04..574a2f9d64b 100644
--- a/libjava/classpath/gnu/java/security/prng/MDGenerator.java
+++ b/libjava/classpath/gnu/java/security/prng/MDGenerator.java
@@ -45,19 +45,17 @@ import gnu.java.security.hash.IMessageDigest;
 import java.util.Map;
 
 /**
- * <p>A simple pseudo-random number generator that relies on a hash algorithm,
- * that (a) starts its operation by hashing a <code>seed</code>, and then (b)
- * continuously re-hashing its output. If no hash algorithm name is specified
- * in the {@link Map} of attributes used to initialise the instance then the
+ * A simple pseudo-random number generator that relies on a hash algorithm, that
+ * (a) starts its operation by hashing a <code>seed</code>, and then (b)
+ * continuously re-hashing its output. If no hash algorithm name is specified in
+ * the {@link Map} of attributes used to initialise the instance then the
  * SHA-160 algorithm is used as the underlying hash function. Also, if no
- * <code>seed</code> is given, an empty octet sequence is used.</p>
+ * <code>seed</code> is given, an empty octet sequence is used.
  */
-public class MDGenerator extends BasePRNG implements Cloneable
+public class MDGenerator
+    extends BasePRNG
+    implements Cloneable
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** Property name of underlying hash algorithm for this generator. */
   public static final String MD_NAME = "gnu.crypto.prng.md.hash.name";
 
@@ -67,23 +65,12 @@ public class MDGenerator extends BasePRNG implements Cloneable
   /** The underlying hash instance. */
   private IMessageDigest md;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial 0-arguments constructor. */
   public MDGenerator()
   {
     super(Registry.MD_PRNG);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // Implementation of abstract methods in BaseRandom ------------------------
-
   public void setup(Map attributes)
   {
     // find out which hash to use
@@ -95,22 +82,15 @@ public class MDGenerator extends BasePRNG implements Cloneable
             // ensure we have a reliable implementation of this hash
             md = HashFactory.getInstance(Registry.SHA160_HASH);
           }
-        else
-          { // a clone. reset it for reuse
-            md.reset();
-          }
-      }
-    else
-      { // ensure we have a reliable implementation of this hash
-        md = HashFactory.getInstance(underlyingMD);
+        else // a clone. reset it for reuse
+          md.reset();
       }
-
+    else // ensure we have a reliable implementation of this hash
+      md = HashFactory.getInstance(underlyingMD);
     // get the seeed
     byte[] seed = (byte[]) attributes.get(SEEED);
     if (seed == null)
-      {
-        seed = new byte[0];
-      }
+      seed = new byte[0];
 
     md.update(seed, 0, seed.length);
   }
@@ -122,22 +102,20 @@ public class MDGenerator extends BasePRNG implements Cloneable
     md.update(buffer, 0, buffer.length);
   }
 
-  public void addRandomByte (final byte b)
+  public void addRandomByte(final byte b)
   {
     if (md == null)
-      throw new IllegalStateException ("not initialized");
-    md.update (b);
+      throw new IllegalStateException("not initialized");
+    md.update(b);
   }
 
-  public void addRandomBytes (final byte[] buf, final int off, final int len)
+  public void addRandomBytes(final byte[] buf, final int off, final int len)
   {
     if (md == null)
-      throw new IllegalStateException ("not initialized");
-    md.update (buf, off, len);
+      throw new IllegalStateException("not initialized");
+    md.update(buf, off, len);
   }
 
-  // Cloneable interface implementation ---------------------------------------
-
   public Object clone() throws CloneNotSupportedException
   {
     MDGenerator result = (MDGenerator) super.clone();
diff --git a/libjava/classpath/gnu/java/security/prng/PRNGFactory.java b/libjava/classpath/gnu/java/security/prng/PRNGFactory.java
index 8b5141456e6..ae15d053b82 100644
--- a/libjava/classpath/gnu/java/security/prng/PRNGFactory.java
+++ b/libjava/classpath/gnu/java/security/prng/PRNGFactory.java
@@ -42,60 +42,46 @@ import gnu.java.security.Registry;
 
 import java.util.Collections;
 import java.util.HashSet;
-import java.util.Iterator;
 import java.util.Set;
 
 /**
- * <p>A Factory to instantiate pseudo random number generators.</p>
+ * A Factory to instantiate pseudo random number generators.
  */
-public class PRNGFactory implements Registry
+public class PRNGFactory
+    implements Registry
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial constructor to enforce <i>Singleton</i> pattern. */
   protected PRNGFactory()
   {
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns an instance of a padding algorithm given its name.</p>
-   *
+   * Returns an instance of a padding algorithm given its name.
+   * 
    * @param prng the case-insensitive name of the PRNG.
    * @return an instance of the pseudo-random number generator.
    * @exception InternalError if the implementation does not pass its self-
-   * test.
+   *              test.
    */
   public static final IRandom getInstance(String prng)
   {
     if (prng == null)
-      {
-        return null;
-      }
+      return null;
 
     prng = prng.trim();
     IRandom result = null;
     if (prng.equalsIgnoreCase(MD_PRNG))
-      {
-        result = new MDGenerator();
-      }
+      result = new MDGenerator();
 
     return result;
   }
 
   /**
-   * <p>Returns a {@link Set} of names of padding algorithms supported by this
-   * <i>Factory</i>.</p>
-   *
+   * Returns a {@link Set} of names of padding algorithms supported by this
+   * <i>Factory</i>.
+   * 
    * @return a {@link Set} of pseudo-random number generator algorithm names
-   * (Strings).
+   *         (Strings).
    */
   public static final Set getNames()
   {
@@ -103,7 +89,4 @@ public class PRNGFactory implements Registry
     hs.add(MD_PRNG);
     return Collections.unmodifiableSet(hs);
   }
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/java/security/prng/RandomEvent.java b/libjava/classpath/gnu/java/security/prng/RandomEvent.java
index c07062125dc..fc4607a8a1e 100644
--- a/libjava/classpath/gnu/java/security/prng/RandomEvent.java
+++ b/libjava/classpath/gnu/java/security/prng/RandomEvent.java
@@ -41,12 +41,11 @@ package gnu.java.security.prng;
 import java.util.EventObject;
 
 /**
- * An interface for entropy accumulators that will be notified of random
- * events.
+ * A type for entropy accumulators that will be notified of random events.
  */
-public class RandomEvent extends EventObject
+public class RandomEvent
+    extends EventObject
 {
-
   private final byte sourceNumber;
 
   private final byte poolNumber;
@@ -61,7 +60,7 @@ public class RandomEvent extends EventObject
     this.poolNumber = poolNumber;
     if (data.length == 0 || data.length > 32)
       throw new IllegalArgumentException(
-                                         "random events take between 1 and 32 bytes of data");
+          "random events take between 1 and 32 bytes of data");
     this.data = (byte[]) data.clone();
   }
 
@@ -79,4 +78,4 @@ public class RandomEvent extends EventObject
   {
     return data;
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/java/security/prng/RandomEventListener.java b/libjava/classpath/gnu/java/security/prng/RandomEventListener.java
index 1dc14619fe9..beb9087f418 100644
--- a/libjava/classpath/gnu/java/security/prng/RandomEventListener.java
+++ b/libjava/classpath/gnu/java/security/prng/RandomEventListener.java
@@ -41,10 +41,10 @@ package gnu.java.security.prng;
 import java.util.EventListener;
 
 /**
- * An interface for entropy accumulators that will be notified of random
- * events.
+ * An interface for entropy accumulators that will be notified of random events.
  */
-public interface RandomEventListener extends EventListener
+public interface RandomEventListener
+    extends EventListener
 {
   void addRandomEvent(RandomEvent event);
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/java/security/provider/Gnu.java b/libjava/classpath/gnu/java/security/provider/Gnu.java
index 6ea96c1e4f3..62bb0a29eef 100644
--- a/libjava/classpath/gnu/java/security/provider/Gnu.java
+++ b/libjava/classpath/gnu/java/security/provider/Gnu.java
@@ -42,12 +42,16 @@ import java.security.AccessController;
 import java.security.PrivilegedAction;
 import java.security.Provider;
 
-public final class Gnu extends Provider
+public final class Gnu
+    extends Provider
 {
   public Gnu()
   {
-    super("GNU", 1.0, "GNU provider v1.0 implementing SHA-1, MD5, DSA, RSA, X.509 Certificates and CRLs, PKIX certificate path validators, Collection cert stores, Diffie-Hellman key agreement and key pair generator");
-
+    super("GNU", 1.0,
+          "GNU provider v1.0 implementing SHA-1, MD5, DSA, RSA, X.509 "
+          + "Certificates and CRLs, PKIX certificate path validators, "
+          + "Collection cert stores, Diffie-Hellman key agreement and "
+          + "key pair generator");
     AccessController.doPrivileged (new PrivilegedAction()
     {
       public Object run()
@@ -163,29 +167,41 @@ public final class Gnu extends Provider
         put("Alg.Alias.KeyFactory.PKCS#8", "Encoded");
         put("Alg.Alias.KeyFactory.PKCS8", "Encoded");
 
-        put("MessageDigest.HAVAL", gnu.java.security.jce.hash.HavalSpi.class.getName());
+        put("MessageDigest.HAVAL",
+            gnu.java.security.jce.hash.HavalSpi.class.getName());
         put("MessageDigest.HAVAL ImplementedIn", "Software");
-        put("MessageDigest.MD2", gnu.java.security.jce.hash.MD2Spi.class.getName());
+        put("MessageDigest.MD2",
+            gnu.java.security.jce.hash.MD2Spi.class.getName());
         put("MessageDigest.MD2 ImplementedIn", "Software");
-        put("MessageDigest.MD4", gnu.java.security.jce.hash.MD4Spi.class.getName());
+        put("MessageDigest.MD4",
+            gnu.java.security.jce.hash.MD4Spi.class.getName());
         put("MessageDigest.MD4 ImplementedIn", "Software");
-        put("MessageDigest.MD5", gnu.java.security.jce.hash.MD5Spi.class.getName());
+        put("MessageDigest.MD5",
+            gnu.java.security.jce.hash.MD5Spi.class.getName());
         put("MessageDigest.MD5 ImplementedIn", "Software");
-        put("MessageDigest.RIPEMD128", gnu.java.security.jce.hash.RipeMD128Spi.class.getName());
+        put("MessageDigest.RIPEMD128",
+            gnu.java.security.jce.hash.RipeMD128Spi.class.getName());
         put("MessageDigest.RIPEMD128 ImplementedIn", "Software");
-        put("MessageDigest.RIPEMD160", gnu.java.security.jce.hash.RipeMD160Spi.class.getName());
+        put("MessageDigest.RIPEMD160",
+            gnu.java.security.jce.hash.RipeMD160Spi.class.getName());
         put("MessageDigest.RIPEMD160 ImplementedIn", "Software");
-        put("MessageDigest.SHA-160", gnu.java.security.jce.hash.Sha160Spi.class.getName());
+        put("MessageDigest.SHA-160",
+            gnu.java.security.jce.hash.Sha160Spi.class.getName());
         put("MessageDigest.SHA-160 ImplementedIn", "Software");
-        put("MessageDigest.SHA-256", gnu.java.security.jce.hash.Sha256Spi.class.getName());
+        put("MessageDigest.SHA-256",
+            gnu.java.security.jce.hash.Sha256Spi.class.getName());
         put("MessageDigest.SHA-256 ImplementedIn", "Software");
-        put("MessageDigest.SHA-384", gnu.java.security.jce.hash.Sha384Spi.class.getName());
+        put("MessageDigest.SHA-384",
+            gnu.java.security.jce.hash.Sha384Spi.class.getName());
         put("MessageDigest.SHA-384 ImplementedIn", "Software");
-        put("MessageDigest.SHA-512", gnu.java.security.jce.hash.Sha512Spi.class.getName());
+        put("MessageDigest.SHA-512",
+            gnu.java.security.jce.hash.Sha512Spi.class.getName());
         put("MessageDigest.SHA-512 ImplementedIn", "Software");
-        put("MessageDigest.TIGER", gnu.java.security.jce.hash.TigerSpi.class.getName());
+        put("MessageDigest.TIGER",
+            gnu.java.security.jce.hash.TigerSpi.class.getName());
         put("MessageDigest.TIGER ImplementedIn", "Software");
-        put("MessageDigest.WHIRLPOOL", gnu.java.security.jce.hash.WhirlpoolSpi.class.getName());
+        put("MessageDigest.WHIRLPOOL",
+            gnu.java.security.jce.hash.WhirlpoolSpi.class.getName());
         put("MessageDigest.WHIRLPOOL ImplementedIn", "Software");
 
         put("Alg.Alias.MessageDigest.SHS", "SHA-160");
@@ -224,29 +240,41 @@ public final class Gnu extends Provider
         put("SecureRandom.SHA1PRNG",
             gnu.java.security.jce.prng.Sha160RandomSpi.class.getName());
 
-        put("SecureRandom.MD2PRNG", gnu.java.security.jce.prng.MD2RandomSpi.class.getName());
+        put("SecureRandom.MD2PRNG",
+            gnu.java.security.jce.prng.MD2RandomSpi.class.getName());
         put("SecureRandom.MD2PRNG ImplementedIn", "Software");
-        put("SecureRandom.MD4PRNG", gnu.java.security.jce.prng.MD4RandomSpi.class.getName());
+        put("SecureRandom.MD4PRNG",
+            gnu.java.security.jce.prng.MD4RandomSpi.class.getName());
         put("SecureRandom.MD4PRNG ImplementedIn", "Software");
-        put("SecureRandom.MD5PRNG", gnu.java.security.jce.prng.MD5RandomSpi.class.getName());
+        put("SecureRandom.MD5PRNG",
+            gnu.java.security.jce.prng.MD5RandomSpi.class.getName());
         put("SecureRandom.MD5PRNG ImplementedIn", "Software");
-        put("SecureRandom.RIPEMD128PRNG", gnu.java.security.jce.prng.RipeMD128RandomSpi.class.getName());
+        put("SecureRandom.RIPEMD128PRNG",
+            gnu.java.security.jce.prng.RipeMD128RandomSpi.class.getName());
         put("SecureRandom.RIPEMD128PRNG ImplementedIn", "Software");
-        put("SecureRandom.RIPEMD160PRNG", gnu.java.security.jce.prng.RipeMD160RandomSpi.class.getName());
+        put("SecureRandom.RIPEMD160PRNG",
+            gnu.java.security.jce.prng.RipeMD160RandomSpi.class.getName());
         put("SecureRandom.RIPEMD160PRNG ImplementedIn", "Software");
-        put("SecureRandom.SHA-160PRNG", gnu.java.security.jce.prng.Sha160RandomSpi.class.getName());
+        put("SecureRandom.SHA-160PRNG",
+            gnu.java.security.jce.prng.Sha160RandomSpi.class.getName());
         put("SecureRandom.SHA-160PRNG ImplementedIn", "Software");
-        put("SecureRandom.SHA-256PRNG", gnu.java.security.jce.prng.Sha256RandomSpi.class.getName());
+        put("SecureRandom.SHA-256PRNG",
+            gnu.java.security.jce.prng.Sha256RandomSpi.class.getName());
         put("SecureRandom.SHA-256PRNG ImplementedIn", "Software");
-        put("SecureRandom.SHA-384PRNG", gnu.java.security.jce.prng.Sha384RandomSpi.class.getName());
+        put("SecureRandom.SHA-384PRNG",
+            gnu.java.security.jce.prng.Sha384RandomSpi.class.getName());
         put("SecureRandom.SHA-384PRNG ImplementedIn", "Software");
-        put("SecureRandom.SHA-512PRNG", gnu.java.security.jce.prng.Sha512RandomSpi.class.getName());
+        put("SecureRandom.SHA-512PRNG",
+            gnu.java.security.jce.prng.Sha512RandomSpi.class.getName());
         put("SecureRandom.SHA-512PRNG ImplementedIn", "Software");
-        put("SecureRandom.TIGERPRNG", gnu.java.security.jce.prng.TigerRandomSpi.class.getName());
+        put("SecureRandom.TIGERPRNG",
+            gnu.java.security.jce.prng.TigerRandomSpi.class.getName());
         put("SecureRandom.TIGERPRNG ImplementedIn", "Software");
-        put("SecureRandom.HAVALPRNG", gnu.java.security.jce.prng.HavalRandomSpi.class.getName());
+        put("SecureRandom.HAVALPRNG",
+            gnu.java.security.jce.prng.HavalRandomSpi.class.getName());
         put("SecureRandom.HAVALPRNG ImplementedIn", "Software");
-        put("SecureRandom.WHIRLPOOLPRNG", gnu.java.security.jce.prng.WhirlpoolRandomSpi.class.getName());
+        put("SecureRandom.WHIRLPOOLPRNG",
+            gnu.java.security.jce.prng.WhirlpoolRandomSpi.class.getName());
         put("SecureRandom.WHIRLPOOLPRNG ImplementedIn", "Software");
 
         put("Alg.Alias.SecureRandom.SHA-1PRNG", "SHA-160PRNG");
diff --git a/libjava/classpath/gnu/java/security/provider/PKIXCertPathValidatorImpl.java b/libjava/classpath/gnu/java/security/provider/PKIXCertPathValidatorImpl.java
index 880163731f1..cdfad3f61c2 100644
--- a/libjava/classpath/gnu/java/security/provider/PKIXCertPathValidatorImpl.java
+++ b/libjava/classpath/gnu/java/security/provider/PKIXCertPathValidatorImpl.java
@@ -1,5 +1,5 @@
 /* PKIXCertPathValidatorImpl.java -- PKIX certificate path validator.
-   Copyright (C) 2004, 2005  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2005, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -38,6 +38,7 @@ exception statement from your version. */
 
 package gnu.java.security.provider;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.OID;
 import gnu.java.security.Registry;
 import gnu.java.security.key.dss.DSSPublicKey;
@@ -81,63 +82,48 @@ import java.util.Iterator;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.Set;
+import java.util.logging.Logger;
 
 /**
- * An implementation of the Public Key Infrastructure's X.509
- * certificate path validation algorithm.
- *
- * <p>See <a href="http://www.ietf.org/rfc/rfc3280.txt">RFC 3280:
- * Internet X.509 Public Key Infrastructure Certificate and
- * Certificate Revocation List (CRL) Profile</a>.
- *
+ * An implementation of the Public Key Infrastructure's X.509 certificate path
+ * validation algorithm.
+ * <p>
+ * See <a href="http://www.ietf.org/rfc/rfc3280.txt">RFC 3280: Internet X.509
+ * Public Key Infrastructure Certificate and Certificate Revocation List (CRL)
+ * Profile</a>.
+ * 
  * @author Casey Marshall (rsdio@metastatic.org)
  */
-public class PKIXCertPathValidatorImpl extends CertPathValidatorSpi
+public class PKIXCertPathValidatorImpl
+    extends CertPathValidatorSpi
 {
-
-  // Constants.
-  // -------------------------------------------------------------------------
-
-  private static final boolean DEBUG = false;
-  private static void debug (String msg)
-  {
-    System.err.print (">> PKIXCertPathValidatorImpl: ");
-    System.err.println (msg);
-  }
+  private static final Logger log = Logger.getLogger(PKIXCertPathValidatorImpl.class.getName());
 
   public static final String ANY_POLICY = "2.5.29.32.0";
 
-  // Constructor.
-  // -------------------------------------------------------------------------
-
   public PKIXCertPathValidatorImpl()
   {
     super();
   }
 
-  // Instance methods.
-  // -------------------------------------------------------------------------
-
   public CertPathValidatorResult engineValidate(CertPath path,
                                                 CertPathParameters params)
-    throws CertPathValidatorException, InvalidAlgorithmParameterException
+      throws CertPathValidatorException, InvalidAlgorithmParameterException
   {
-    if (!(params instanceof PKIXParameters))
+    if (! (params instanceof PKIXParameters))
       throw new InvalidAlgorithmParameterException("not a PKIXParameters object");
-
     // First check if the certificate path is valid.
     //
     // This means that:
     //
-    //   (a)  for all x in {1, ..., n-1}, the subject of certificate x is
-    //        the issuer of certificate x+1;
+    // (a) for all x in {1, ..., n-1}, the subject of certificate x is
+    // the issuer of certificate x+1;
     //
-    //   (b)  for all x in {1, ..., n}, the certificate was valid at the
-    //        time in question.
+    // (b) for all x in {1, ..., n}, the certificate was valid at the
+    // time in question.
     //
     // Because this is the X.509 algorithm, we also check if all
     // cerificates are of type X509Certificate.
-
     PolicyNodeImpl rootNode = new PolicyNodeImpl();
     Set initPolicies = ((PKIXParameters) params).getInitialPolicies();
     rootNode.setValidPolicy(ANY_POLICY);
@@ -160,7 +146,6 @@ public class PKIXCertPathValidatorImpl extends CertPathValidatorSpi
       {
         throw new CertPathValidatorException("invalid certificate path");
       }
-
     String sigProvider = ((PKIXParameters) params).getSigProvider();
     PublicKey prevKey = null;
     Date now = ((PKIXParameters) params).getDate();
@@ -178,7 +163,7 @@ public class PKIXCertPathValidatorImpl extends CertPathValidatorSpi
             throw new CertPathValidatorException(ce.toString());
           }
         Set uce = getCritExts(p[i]);
-        for (Iterator check = checks.iterator(); check.hasNext(); )
+        for (Iterator check = checks.iterator(); check.hasNext();)
           {
             try
               {
@@ -188,23 +173,21 @@ public class PKIXCertPathValidatorImpl extends CertPathValidatorSpi
               {
               }
           }
-
         PolicyConstraint constr = null;
         if (p[i] instanceof GnuPKIExtension)
           {
-            Extension pcx =
-              ((GnuPKIExtension) p[i]).getExtension (PolicyConstraint.ID);
+            Extension pcx = ((GnuPKIExtension) p[i]).getExtension(PolicyConstraint.ID);
             if (pcx != null)
               constr = (PolicyConstraint) pcx.getValue();
           }
         else
           {
-            byte[] pcx = p[i].getExtensionValue (PolicyConstraint.ID.toString());
+            byte[] pcx = p[i].getExtensionValue(PolicyConstraint.ID.toString());
             if (pcx != null)
               {
                 try
                   {
-                    constr = new PolicyConstraint (pcx);
+                    constr = new PolicyConstraint(pcx);
                   }
                 catch (Exception x)
                   {
@@ -212,14 +195,10 @@ public class PKIXCertPathValidatorImpl extends CertPathValidatorSpi
               }
           }
         if (constr != null && constr.getRequireExplicitPolicy() >= 0)
-          {
-            policyConstraints.add (new int[]
-              { p.length-i, constr.getRequireExplicitPolicy() });
-          }
-
-        updatePolicyTree(p[i], rootNode, p.length-i, (PKIXParameters) params,
-                         checkExplicitPolicy (p.length-i, policyConstraints));
-
+          policyConstraints.add(new int[] { p.length - i,
+                                            constr.getRequireExplicitPolicy() });
+        updatePolicyTree(p[i], rootNode, p.length - i, (PKIXParameters) params,
+                         checkExplicitPolicy(p.length - i, policyConstraints));
         // The rest of the tests involve this cert's relationship with the
         // next in the path. If this cert is the end entity, we can stop.
         if (i == 0)
@@ -236,36 +215,35 @@ public class PKIXCertPathValidatorImpl extends CertPathValidatorSpi
                 // If the DSA public key is missing its parameters, use those
                 // from the previous cert's key.
                 if (dsa == null || dsa.getP() == null || dsa.getG() == null
-                      || dsa.getQ() == null)
+                    || dsa.getQ() == null)
                   {
                     if (prevKey == null)
                       throw new InvalidKeyException("DSA keys not chainable");
-                    if (!(prevKey instanceof DSAPublicKey))
+                    if (! (prevKey instanceof DSAPublicKey))
                       throw new InvalidKeyException("DSA keys not chainable");
                     dsa = ((DSAPublicKey) prevKey).getParams();
                     pubKey = new DSSPublicKey(Registry.X509_ENCODING_ID,
-                                              dsa.getP(),
-                                              dsa.getQ(),
+                                              dsa.getP(), dsa.getQ(),
                                               dsa.getG(),
                                               ((DSAPublicKey) pubKey).getY());
                   }
               }
             if (sigProvider == null)
-              p[i-1].verify(pubKey);
+              p[i - 1].verify(pubKey);
             else
-              p[i-1].verify(pubKey, sigProvider);
+              p[i - 1].verify(pubKey, sigProvider);
             prevKey = pubKey;
           }
         catch (Exception e)
           {
             throw new CertPathValidatorException(e.toString());
           }
-        if (!p[i].getSubjectDN().equals(p[i-1].getIssuerDN()))
+        if (! p[i].getSubjectDN().equals(p[i - 1].getIssuerDN()))
           throw new CertPathValidatorException("issuer DN mismatch");
-        boolean[] issuerUid = p[i-1].getIssuerUniqueID();
+        boolean[] issuerUid = p[i - 1].getIssuerUniqueID();
         boolean[] subjectUid = p[i].getSubjectUniqueID();
         if (issuerUid != null && subjectUid != null)
-          if (!Arrays.equals(issuerUid, subjectUid))
+          if (! Arrays.equals(issuerUid, subjectUid))
             throw new CertPathValidatorException("UID mismatch");
 
         // Check the certificate against the revocation lists.
@@ -282,7 +260,7 @@ public class PKIXCertPathValidatorImpl extends CertPathValidatorSpi
               }
             List certStores = ((PKIXParameters) params).getCertStores();
             List crls = new LinkedList();
-            for (Iterator it = certStores.iterator(); it.hasNext(); )
+            for (Iterator it = certStores.iterator(); it.hasNext();)
               {
                 CertStore cs = (CertStore) it.next();
                 try
@@ -297,30 +275,30 @@ public class PKIXCertPathValidatorImpl extends CertPathValidatorSpi
             if (crls.isEmpty())
               throw new CertPathValidatorException("no CRLs for issuer");
             boolean certOk = false;
-            for (Iterator it = crls.iterator(); it.hasNext(); )
+            for (Iterator it = crls.iterator(); it.hasNext();)
               {
                 CRL crl = (CRL) it.next();
-                if (!(crl instanceof X509CRL))
+                if (! (crl instanceof X509CRL))
                   continue;
                 X509CRL xcrl = (X509CRL) crl;
-                if (!checkCRL(xcrl, p, now, p[i], pubKey, certStores))
+                if (! checkCRL(xcrl, p, now, p[i], pubKey, certStores))
                   continue;
-                if (xcrl.isRevoked(p[i-1]))
+                if (xcrl.isRevoked(p[i - 1]))
                   throw new CertPathValidatorException("certificate is revoked");
                 else
                   certOk = true;
               }
-            if (!certOk)
-              throw new CertPathValidatorException("certificate's validity could not be determined");
+            if (! certOk)
+              throw new CertPathValidatorException(
+                  "certificate's validity could not be determined");
           }
       }
     rootNode.setReadOnly();
-
     // Now ensure that the first certificate in the chain was issued
     // by a trust anchor.
     Exception cause = null;
     Set anchors = ((PKIXParameters) params).getTrustAnchors();
-    for (Iterator i = anchors.iterator(); i.hasNext(); )
+    for (Iterator i = anchors.iterator(); i.hasNext();)
       {
         TrustAnchor anchor = (TrustAnchor) i.next();
         X509Certificate anchorCert = null;
@@ -338,7 +316,7 @@ public class PKIXCertPathValidatorImpl extends CertPathValidatorSpi
           {
             if (anchorCert != null)
               anchorCert.checkValidity(now);
-            p[p.length-1].verify(anchorKey);
+            p[p.length - 1].verify(anchorKey);
             if (anchorCert != null && anchorCert.getBasicConstraints() >= 0
                 && anchorCert.getBasicConstraints() < p.length)
               continue;
@@ -358,7 +336,7 @@ public class PKIXCertPathValidatorImpl extends CertPathValidatorSpi
                   selector.addIssuerName(anchor.getCAName());
                 List certStores = ((PKIXParameters) params).getCertStores();
                 List crls = new LinkedList();
-                for (Iterator it = certStores.iterator(); it.hasNext(); )
+                for (Iterator it = certStores.iterator(); it.hasNext();)
                   {
                     CertStore cs = (CertStore) it.next();
                     try
@@ -372,10 +350,10 @@ public class PKIXCertPathValidatorImpl extends CertPathValidatorSpi
                   }
                 if (crls.isEmpty())
                   continue;
-                for (Iterator it = crls.iterator(); it.hasNext(); )
+                for (Iterator it = crls.iterator(); it.hasNext();)
                   {
                     CRL crl = (CRL) it.next();
-                    if (!(crl instanceof X509CRL))
+                    if (! (crl instanceof X509CRL))
                       continue;
                     X509CRL xcrl = (X509CRL) crl;
                     try
@@ -389,11 +367,10 @@ public class PKIXCertPathValidatorImpl extends CertPathValidatorSpi
                     Date nextUpdate = xcrl.getNextUpdate();
                     if (nextUpdate != null && nextUpdate.compareTo(now) < 0)
                       continue;
-                    if (xcrl.isRevoked(p[p.length-1]))
+                    if (xcrl.isRevoked(p[p.length - 1]))
                       throw new CertPathValidatorException("certificate is revoked");
                   }
               }
-
             // The chain is valid; return the result.
             return new PKIXCertPathValidatorResult(anchor, rootNode,
                                                    p[0].getPublicKey());
@@ -404,44 +381,39 @@ public class PKIXCertPathValidatorImpl extends CertPathValidatorSpi
             continue;
           }
       }
-
     // The path is not valid.
     CertPathValidatorException cpve =
-      new CertPathValidatorException("path validation failed");
+        new CertPathValidatorException("path validation failed");
     if (cause != null)
-      cpve.initCause (cause);
+      cpve.initCause(cause);
     throw cpve;
   }
 
-  // Own methods.
-  // -------------------------------------------------------------------------
-
   /**
-   * Check if a given CRL is acceptable for checking the revocation status
-   * of certificates in the path being checked.
-   *
-   * <p>The CRL is accepted iff:</p>
-   *
+   * Check if a given CRL is acceptable for checking the revocation status of
+   * certificates in the path being checked.
+   * <p>
+   * The CRL is accepted iff:
    * <ol>
    * <li>The <i>nextUpdate</i> field (if present) is in the future.</li>
    * <li>The CRL does not contain any unsupported critical extensions.</li>
    * <li>The CRL is signed by one of the certificates in the path, or,</li>
-   * <li>The CRL is signed by the given public key and was issued by the
-   * public key's subject, or,</li>
-   * <li>The CRL is signed by a certificate in the given cert stores, and
-   * that cert is signed by one of the certificates in the path.</li>
+   * <li>The CRL is signed by the given public key and was issued by the public
+   * key's subject, or,</li>
+   * <li>The CRL is signed by a certificate in the given cert stores, and that
+   * cert is signed by one of the certificates in the path.</li>
    * </ol>
-   *
+   * 
    * @param crl The CRL being checked.
    * @param path The path this CRL is being checked against.
    * @param now The value to use as 'now'.
-   * @param pubKeySubject The subject of the public key.
+   * @param pubKeyCert The certificate authenticating the public key.
    * @param pubKey The public key to check.
    * @return True if the CRL is acceptable.
    */
-  private static boolean checkCRL(X509CRL crl, X509Certificate[] path, Date now,
-                                  X509Certificate pubKeyCert, PublicKey pubKey,
-                                  List certStores)
+  private static boolean checkCRL(X509CRL crl, X509Certificate[] path,
+                                  Date now, X509Certificate pubKeyCert,
+                                  PublicKey pubKey, List certStores)
   {
     Date nextUpdate = crl.getNextUpdate();
     if (nextUpdate != null && nextUpdate.compareTo(now) < 0)
@@ -450,12 +422,12 @@ public class PKIXCertPathValidatorImpl extends CertPathValidatorSpi
       return false;
     for (int i = 0; i < path.length; i++)
       {
-        if (!path[i].getSubjectDN().equals(crl.getIssuerDN()))
+        if (! path[i].getSubjectDN().equals(crl.getIssuerDN()))
           continue;
         boolean[] keyUsage = path[i].getKeyUsage();
         if (keyUsage != null)
           {
-            if (!keyUsage[KeyUsage.CRL_SIGN])
+            if (! keyUsage[KeyUsage.CRL_SIGN])
               continue;
           }
         try
@@ -474,7 +446,7 @@ public class PKIXCertPathValidatorImpl extends CertPathValidatorSpi
             boolean[] keyUsage = pubKeyCert.getKeyUsage();
             if (keyUsage != null)
               {
-                if (!keyUsage[KeyUsage.CRL_SIGN])
+                if (! keyUsage[KeyUsage.CRL_SIGN])
                   throw new Exception();
               }
             crl.verify(pubKey);
@@ -489,7 +461,7 @@ public class PKIXCertPathValidatorImpl extends CertPathValidatorSpi
         X509CertSelectorImpl select = new X509CertSelectorImpl();
         select.addSubjectName(crl.getIssuerDN());
         List certs = new LinkedList();
-        for (Iterator it = certStores.iterator(); it.hasNext(); )
+        for (Iterator it = certStores.iterator(); it.hasNext();)
           {
             CertStore cs = (CertStore) it.next();
             try
@@ -500,17 +472,17 @@ public class PKIXCertPathValidatorImpl extends CertPathValidatorSpi
               {
               }
           }
-        for (Iterator it = certs.iterator(); it.hasNext(); )
+        for (Iterator it = certs.iterator(); it.hasNext();)
           {
             X509Certificate c = (X509Certificate) it.next();
             for (int i = 0; i < path.length; i++)
               {
-                if (!c.getIssuerDN().equals(path[i].getSubjectDN()))
+                if (! c.getIssuerDN().equals(path[i].getSubjectDN()))
                   continue;
                 boolean[] keyUsage = c.getKeyUsage();
                 if (keyUsage != null)
                   {
-                    if (!keyUsage[KeyUsage.CRL_SIGN])
+                    if (! keyUsage[KeyUsage.CRL_SIGN])
                       continue;
                   }
                 try
@@ -542,10 +514,10 @@ public class PKIXCertPathValidatorImpl extends CertPathValidatorSpi
     if (cert instanceof GnuPKIExtension)
       {
         Collection exts = ((GnuPKIExtension) cert).getExtensions();
-        for (Iterator it = exts.iterator(); it.hasNext(); )
+        for (Iterator it = exts.iterator(); it.hasNext();)
           {
             Extension ext = (Extension) it.next();
-            if (ext.isCritical() && !ext.isSupported())
+            if (ext.isCritical() && ! ext.isSupported())
               s.add(ext.getOid().toString());
           }
       }
@@ -558,13 +530,13 @@ public class PKIXCertPathValidatorImpl extends CertPathValidatorSpi
    * Perform a basic sanity check on the CA certificate at <code>index</code>.
    */
   private static void basicSanity(X509Certificate[] path, int index)
-    throws CertPathValidatorException
+      throws CertPathValidatorException
   {
     X509Certificate cert = path[index];
     int pathLen = 0;
     for (int i = index - 1; i > 0; i--)
       {
-        if (!path[i].getIssuerDN().equals(path[i].getSubjectDN()))
+        if (! path[i].getIssuerDN().equals(path[i].getSubjectDN()))
           pathLen++;
       }
     Extension e = null;
@@ -585,25 +557,30 @@ public class PKIXCertPathValidatorImpl extends CertPathValidatorSpi
     if (e == null)
       throw new CertPathValidatorException("no basicConstraints");
     BasicConstraints bc = (BasicConstraints) e.getValue();
-    if (!bc.isCA())
-      throw new CertPathValidatorException("certificate cannot be used to verify signatures");
-    if (bc.getPathLengthConstraint() >= 0 && bc.getPathLengthConstraint() < pathLen)
+    if (! bc.isCA())
+      throw new CertPathValidatorException(
+          "certificate cannot be used to verify signatures");
+    if (bc.getPathLengthConstraint() >= 0
+        && bc.getPathLengthConstraint() < pathLen)
       throw new CertPathValidatorException("path is too long");
 
     boolean[] keyUsage = cert.getKeyUsage();
     if (keyUsage != null)
       {
-        if (!keyUsage[KeyUsage.KEY_CERT_SIGN])
-          throw new CertPathValidatorException("certificate cannot be used to sign certificates");
+        if (! keyUsage[KeyUsage.KEY_CERT_SIGN])
+          throw new CertPathValidatorException(
+              "certificate cannot be used to sign certificates");
       }
   }
 
-  private static void updatePolicyTree(X509Certificate cert, PolicyNodeImpl root,
-                                       int depth, PKIXParameters params,
+  private static void updatePolicyTree(X509Certificate cert,
+                                       PolicyNodeImpl root, int depth,
+                                       PKIXParameters params,
                                        boolean explicitPolicy)
-    throws CertPathValidatorException
+      throws CertPathValidatorException
   {
-    if (DEBUG) debug("updatePolicyTree depth == " + depth);
+    if (Configuration.DEBUG)
+      log.fine("updatePolicyTree depth == " + depth);
     Set nodes = new HashSet();
     LinkedList stack = new LinkedList();
     Iterator current = null;
@@ -614,21 +591,24 @@ public class PKIXCertPathValidatorImpl extends CertPathValidatorSpi
         while (current.hasNext())
           {
             PolicyNodeImpl p = (PolicyNodeImpl) current.next();
-            if (DEBUG) debug("visiting node == " + p);
+            if (Configuration.DEBUG)
+              log.fine("visiting node == " + p);
             if (p.getDepth() == depth - 1)
               {
-                if (DEBUG) debug("added node");
+                if (Configuration.DEBUG)
+                  log.fine("added node");
                 nodes.add(p);
               }
             else
               {
-                if (DEBUG) debug("skipped node");
+                if (Configuration.DEBUG)
+                  log.fine("skipped node");
                 stack.addLast(current);
                 current = p.getChildren();
               }
           }
       }
-    while (!stack.isEmpty());
+    while (! stack.isEmpty());
 
     Extension e = null;
     CertificatePolicies policies = null;
@@ -646,18 +626,23 @@ public class PKIXCertPathValidatorImpl extends CertPathValidatorSpi
     else
       cp = Collections.EMPTY_LIST;
     boolean match = false;
-    if (DEBUG) debug("nodes are == " + nodes);
-    if (DEBUG) debug("cert policies are == " + cp);
-    for (Iterator it = nodes.iterator(); it.hasNext(); )
+    if (Configuration.DEBUG)
+      {
+        log.fine("nodes are == " + nodes);
+        log.fine("cert policies are == " + cp);
+      }
+    for (Iterator it = nodes.iterator(); it.hasNext();)
       {
         PolicyNodeImpl parent = (PolicyNodeImpl) it.next();
-        if (DEBUG) debug("adding policies to " + parent);
-        for (Iterator it2 = cp.iterator(); it2.hasNext(); )
+        if (Configuration.DEBUG)
+          log.fine("adding policies to " + parent);
+        for (Iterator it2 = cp.iterator(); it2.hasNext();)
           {
             OID policy = (OID) it2.next();
-            if (DEBUG) debug("trying to add policy == " + policy);
-            if (policy.toString().equals(ANY_POLICY) &&
-                params.isAnyPolicyInhibited())
+            if (Configuration.DEBUG)
+              log.fine("trying to add policy == " + policy);
+            if (policy.toString().equals(ANY_POLICY)
+                && params.isAnyPolicyInhibited())
               continue;
             PolicyNodeImpl child = new PolicyNodeImpl();
             child.setValidPolicy(policy.toString());
@@ -672,32 +657,34 @@ public class PKIXCertPathValidatorImpl extends CertPathValidatorSpi
                 parent.addChild(child);
                 match = true;
               }
-            else if (ANY_POLICY.equals (policy.toString()))
+            else if (ANY_POLICY.equals(policy.toString()))
               {
-                parent.addChild (child);
+                parent.addChild(child);
                 match = true;
               }
             if (match && policies != null)
               {
-                List qualifiers = policies.getPolicyQualifierInfos (policy);
+                List qualifiers = policies.getPolicyQualifierInfos(policy);
                 if (qualifiers != null)
-                  child.addAllPolicyQualifiers (qualifiers);
+                  child.addAllPolicyQualifiers(qualifiers);
               }
           }
       }
-    if (!match && (params.isExplicitPolicyRequired() || explicitPolicy))
+    if (! match && (params.isExplicitPolicyRequired() || explicitPolicy))
       throw new CertPathValidatorException("policy tree building failed");
   }
 
-  private boolean checkExplicitPolicy (int depth, List explicitPolicies)
+  private boolean checkExplicitPolicy(int depth, List explicitPolicies)
   {
-    if (DEBUG) debug ("checkExplicitPolicy depth=" + depth);
-    for (Iterator it = explicitPolicies.iterator(); it.hasNext(); )
+    if (Configuration.DEBUG)
+      log.fine("checkExplicitPolicy depth=" + depth);
+    for (Iterator it = explicitPolicies.iterator(); it.hasNext();)
       {
         int[] i = (int[]) it.next();
         int caDepth = i[0];
         int limit = i[1];
-        if (DEBUG) debug ("  caDepth=" + caDepth + " limit=" + limit);
+        if (Configuration.DEBUG)
+          log.fine("  caDepth=" + caDepth + " limit=" + limit);
         if (depth - caDepth >= limit)
           return true;
       }
diff --git a/libjava/classpath/gnu/java/security/provider/X509CertificateFactory.java b/libjava/classpath/gnu/java/security/provider/X509CertificateFactory.java
index 1a415eabb05..7d61779f937 100644
--- a/libjava/classpath/gnu/java/security/provider/X509CertificateFactory.java
+++ b/libjava/classpath/gnu/java/security/provider/X509CertificateFactory.java
@@ -59,30 +59,24 @@ import java.util.Iterator;
 import java.util.LinkedList;
 import java.util.List;
 
-public class X509CertificateFactory extends CertificateFactorySpi
+public class X509CertificateFactory
+    extends CertificateFactorySpi
 {
-
-  // Constants.
-  // ------------------------------------------------------------------------
-
   public static final String BEGIN_CERTIFICATE = "-----BEGIN CERTIFICATE-----";
+
   public static final String END_CERTIFICATE = "-----END CERTIFICATE-----";
+
   public static final String BEGIN_X509_CRL = "-----BEGIN X509 CRL-----";
-  public static final String END_X509_CRL = "-----END X509 CRL-----";
 
-  // Constructors.
-  // ------------------------------------------------------------------------
+  public static final String END_X509_CRL = "-----END X509 CRL-----";
 
   public X509CertificateFactory()
   {
     super();
   }
 
-  // Instance methods.
-  // ------------------------------------------------------------------------
-
   public Certificate engineGenerateCertificate(InputStream inStream)
-    throws CertificateException
+      throws CertificateException
   {
     try
       {
@@ -91,13 +85,13 @@ public class X509CertificateFactory extends CertificateFactorySpi
     catch (IOException ioe)
       {
         CertificateException ce = new CertificateException(ioe.getMessage());
-        ce.initCause (ioe);
+        ce.initCause(ioe);
         throw ce;
       }
   }
 
   public Collection engineGenerateCertificates(InputStream inStream)
-    throws CertificateException
+      throws CertificateException
   {
     LinkedList certs = new LinkedList();
     while (true)
@@ -113,7 +107,7 @@ public class X509CertificateFactory extends CertificateFactorySpi
         catch (IOException ioe)
           {
             CertificateException ce = new CertificateException(ioe.getMessage());
-            ce.initCause (ioe);
+            ce.initCause(ioe);
             throw ce;
           }
       }
@@ -129,13 +123,13 @@ public class X509CertificateFactory extends CertificateFactorySpi
     catch (IOException ioe)
       {
         CRLException crle = new CRLException(ioe.getMessage());
-        crle.initCause (ioe);
+        crle.initCause(ioe);
         throw crle;
       }
   }
 
   public Collection engineGenerateCRLs(InputStream inStream)
-    throws CRLException
+      throws CRLException
   {
     LinkedList crls = new LinkedList();
     while (true)
@@ -151,7 +145,7 @@ public class X509CertificateFactory extends CertificateFactorySpi
         catch (IOException ioe)
           {
             CRLException crle = new CRLException(ioe.getMessage());
-            crle.initCause (ioe);
+            crle.initCause(ioe);
             throw crle;
           }
       }
@@ -164,13 +158,13 @@ public class X509CertificateFactory extends CertificateFactorySpi
   }
 
   public CertPath engineGenerateCertPath(InputStream in)
-    throws CertificateEncodingException
+      throws CertificateEncodingException
   {
     return new X509CertPath(in);
   }
 
   public CertPath engineGenerateCertPath(InputStream in, String encoding)
-    throws CertificateEncodingException
+      throws CertificateEncodingException
   {
     return new X509CertPath(in, encoding);
   }
@@ -180,21 +174,17 @@ public class X509CertificateFactory extends CertificateFactorySpi
     return X509CertPath.ENCODINGS.iterator();
   }
 
-  // Own methods.
-  // ------------------------------------------------------------------------
-
   private X509Certificate generateCert(InputStream inStream)
-    throws IOException, CertificateException
+      throws IOException, CertificateException
   {
     if (inStream == null)
       throw new CertificateException("missing input stream");
-    if (!inStream.markSupported())
+    if (! inStream.markSupported())
       inStream = new BufferedInputStream(inStream, 8192);
     inStream.mark(20);
     int i = inStream.read();
     if (i == -1)
       throw new EOFException();
-
     // If the input is in binary DER format, the first byte MUST be
     // 0x30, which stands for the ASN.1 [UNIVERSAL 16], which is the
     // UNIVERSAL SEQUENCE, with the CONSTRUCTED bit (0x20) set.
@@ -217,9 +207,9 @@ public class X509CertificateFactory extends CertificateFactorySpi
               }
             while (i != '\n' && i != '\r');
           }
-        while (!line.toString().equals(BEGIN_CERTIFICATE));
+        while (! line.toString().equals(BEGIN_CERTIFICATE));
         X509Certificate ret = new X509Certificate(
-           new BufferedInputStream(new Base64InputStream(inStream), 8192));
+            new BufferedInputStream(new Base64InputStream(inStream), 8192));
         line.setLength(0);
         line.append('-'); // Base64InputStream will eat this.
         do
@@ -232,7 +222,7 @@ public class X509CertificateFactory extends CertificateFactorySpi
           }
         while (i != '\n' && i != '\r');
         // XXX ???
-        if (!line.toString().equals(END_CERTIFICATE))
+        if (! line.toString().equals(END_CERTIFICATE))
           throw new CertificateException("no end-of-certificate marker");
         return ret;
       }
@@ -243,18 +233,17 @@ public class X509CertificateFactory extends CertificateFactorySpi
       }
   }
 
-  private X509CRL generateCRL(InputStream inStream)
-    throws IOException, CRLException
+  private X509CRL generateCRL(InputStream inStream) throws IOException,
+      CRLException
   {
     if (inStream == null)
       throw new CRLException("missing input stream");
-    if (!inStream.markSupported())
+    if (! inStream.markSupported())
       inStream = new BufferedInputStream(inStream, 8192);
     inStream.mark(20);
     int i = inStream.read();
     if (i == -1)
       throw new EOFException();
-
     // If the input is in binary DER format, the first byte MUST be
     // 0x30, which stands for the ASN.1 [UNIVERSAL 16], which is the
     // UNIVERSAL SEQUENCE, with the CONSTRUCTED bit (0x20) set.
@@ -277,9 +266,9 @@ public class X509CertificateFactory extends CertificateFactorySpi
               }
             while (i != '\n' && i != '\r');
           }
-        while (!line.toString().startsWith(BEGIN_X509_CRL));
+        while (! line.toString().startsWith(BEGIN_X509_CRL));
         X509CRL ret = new X509CRL(
-           new BufferedInputStream(new Base64InputStream(inStream), 8192));
+            new BufferedInputStream(new Base64InputStream(inStream), 8192));
         line.setLength(0);
         line.append('-'); // Base64InputStream will eat this.
         do
@@ -292,7 +281,7 @@ public class X509CertificateFactory extends CertificateFactorySpi
           }
         while (i != '\n' && i != '\r');
         // XXX ???
-        if (!line.toString().startsWith(END_X509_CRL))
+        if (! line.toString().startsWith(END_X509_CRL))
           throw new CRLException("no end-of-CRL marker");
         return ret;
       }
diff --git a/libjava/classpath/gnu/java/security/sig/BaseSignature.java b/libjava/classpath/gnu/java/security/sig/BaseSignature.java
index dd964d4819d..9c76cacba0f 100644
--- a/libjava/classpath/gnu/java/security/sig/BaseSignature.java
+++ b/libjava/classpath/gnu/java/security/sig/BaseSignature.java
@@ -49,15 +49,11 @@ import java.util.Map;
 import java.util.Random;
 
 /**
- * <p>A base abstract class to facilitate implementations of concrete
- * Signatures.</p>
+ * A base abstract class to facilitate implementations of concrete Signatures.
  */
-public abstract class BaseSignature implements ISignature
+public abstract class BaseSignature
+    implements ISignature
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** The canonical name of this signature scheme. */
   protected String schemeName;
 
@@ -79,9 +75,6 @@ public abstract class BaseSignature implements ISignature
   /** Our default source of randomness. */
   private PRNG prng = null;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
    * Trivial constructor.
    * 
@@ -101,14 +94,6 @@ public abstract class BaseSignature implements ISignature
     this.md = md;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // gnu.crypto.sig.ISignature interface implementation ----------------------
-
   public String name()
   {
     return schemeName + "-" + md.name();
@@ -117,51 +102,41 @@ public abstract class BaseSignature implements ISignature
   public void setupVerify(Map attributes) throws IllegalArgumentException
   {
     setup(attributes);
-
     // do we have a public key?
     PublicKey key = (PublicKey) attributes.get(VERIFIER_KEY);
     if (key != null)
-      {
-        setupForVerification(key);
-      }
+      setupForVerification(key);
   }
 
   public void setupSign(Map attributes) throws IllegalArgumentException
   {
     setup(attributes);
-
     // do we have a private key?
     PrivateKey key = (PrivateKey) attributes.get(SIGNER_KEY);
     if (key != null)
-      {
-        setupForSigning(key);
-      }
+      setupForSigning(key);
   }
 
   public void update(byte b)
   {
     if (md == null)
-      {
-        throw new IllegalStateException();
-      }
+      throw new IllegalStateException();
+
     md.update(b);
   }
 
   public void update(byte[] b, int off, int len)
   {
     if (md == null)
-      {
-        throw new IllegalStateException();
-      }
+      throw new IllegalStateException();
+
     md.update(b, off, len);
   }
 
   public Object sign()
   {
     if (md == null || privateKey == null)
-      {
-        throw new IllegalStateException();
-      }
+      throw new IllegalStateException();
 
     return generateSignature();
   }
@@ -169,15 +144,11 @@ public abstract class BaseSignature implements ISignature
   public boolean verify(Object sig)
   {
     if (md == null || publicKey == null)
-      {
-        throw new IllegalStateException();
-      }
+      throw new IllegalStateException();
 
     return verifySignature(sig);
   }
 
-  // abstract methods to be implemented by concrete subclasses ---------------
-
   public abstract Object clone();
 
   protected abstract void setupForVerification(PublicKey key)
@@ -191,8 +162,6 @@ public abstract class BaseSignature implements ISignature
   protected abstract boolean verifySignature(Object signature)
       throws IllegalStateException;
 
-  // Other instance methods --------------------------------------------------
-
   /** Initialises the internal fields of this instance. */
   protected void init()
   {
@@ -204,33 +173,27 @@ public abstract class BaseSignature implements ISignature
   }
 
   /**
-   * <p>Fills the designated byte array with random data.</p>
-   *
+   * Fills the designated byte array with random data.
+   * 
    * @param buffer the byte array to fill with random data.
    */
   protected void nextRandomBytes(byte[] buffer)
   {
     if (rnd != null)
-      {
-        rnd.nextBytes(buffer);
-      }
+      rnd.nextBytes(buffer);
     else if (irnd != null)
-      {
-        try
-          {
-            irnd.nextBytes(buffer, 0, buffer.length);
-          }
-        catch (IllegalStateException x)
-          {
-            throw new RuntimeException("nextRandomBytes(): "
-                                       + String.valueOf(x));
-          }
-        catch (LimitReachedException x)
-          {
-            throw new RuntimeException("nextRandomBytes(): "
-                                       + String.valueOf(x));
-          }
-      }
+      try
+        {
+          irnd.nextBytes(buffer, 0, buffer.length);
+        }
+      catch (IllegalStateException x)
+        {
+          throw new RuntimeException("nextRandomBytes(): " + x);
+        }
+      catch (LimitReachedException x)
+        {
+          throw new RuntimeException("nextRandomBytes(): " + x);
+        }
     else
       getDefaultPRNG().nextBytes(buffer);
   }
@@ -238,17 +201,12 @@ public abstract class BaseSignature implements ISignature
   private void setup(Map attributes)
   {
     init();
-
     // do we have a Random or SecureRandom, or should we use our own?
     Object obj = attributes.get(SOURCE_OF_RANDOMNESS);
     if (obj instanceof Random)
-      {
-        rnd = (Random) obj;
-      }
+      rnd = (Random) obj;
     else if (obj instanceof IRandom)
-      {
-        irnd = (IRandom) obj;
-      }
+      irnd = (IRandom) obj;
   }
 
   private PRNG getDefaultPRNG()
diff --git a/libjava/classpath/gnu/java/security/sig/ISignature.java b/libjava/classpath/gnu/java/security/sig/ISignature.java
index e77f39d2cf1..ff25f29d9fa 100644
--- a/libjava/classpath/gnu/java/security/sig/ISignature.java
+++ b/libjava/classpath/gnu/java/security/sig/ISignature.java
@@ -41,28 +41,24 @@ package gnu.java.security.sig;
 import java.util.Map;
 
 /**
- * <p>The visible methods of every signature-with-appendix scheme.</p>
- *
- * <p>The Handbook of Applied Cryptography (HAC), by A. Menezes &amp; al. states:
+ * The visible methods of every signature-with-appendix scheme.
+ * <p>
+ * The Handbook of Applied Cryptography (HAC), by A. Menezes &amp; al. states:
  * "Digital signature schemes which require the message as input to the
- * verification algorithm are called <i>digital signature schemes with
- * appendix</i>. ... They rely on cryptographic hash functions rather than
- * customised redundancy functions, and are less prone to existential forgery
- * attacks."</p>
- *
- * <p>References:</p>
+ * verification algorithm are called <i>digital signature schemes with appendix</i>.
+ * ... They rely on cryptographic hash functions rather than customised
+ * redundancy functions, and are less prone to existential forgery attacks."
+ * <p>
+ * References:
  * <ol>
- *    <li><a href="http://www.cacr.math.uwaterloo.ca/hac/">Handbook of Applied
- *    Cryptography</a>, Alfred J. Menezes, Paul C. van Oorschot and Scott A.
- *    Vanstone. Section 11.2.2 Digital signature schemes with appendix.</li>
+ * <li><a href="http://www.cacr.math.uwaterloo.ca/hac/">Handbook of Applied
+ * Cryptography</a>, Alfred J. Menezes, Paul C. van Oorschot and Scott A.
+ * Vanstone. Section 11.2.2 Digital signature schemes with appendix.</li>
  * </ol>
  */
-public interface ISignature extends Cloneable
+public interface ISignature
+    extends Cloneable
 {
-
-  // Constants
-  // -------------------------------------------------------------------------
-
   /** Property name of the verifier's public key. */
   public static final String VERIFIER_KEY = "gnu.crypto.sig.public.key";
 
@@ -71,96 +67,93 @@ public interface ISignature extends Cloneable
 
   /**
    * Property name of an optional {@link java.security.SecureRandom},
-   * {@link java.util.Random}, or {@link gnu.crypto.prng.IRandom} instance to
-   * use. The default is to use a classloader singleton from
-   * {@link gnu.crypto.util.PRNG}.
+   * {@link java.util.Random}, or {@link gnu.java.security.prng.IRandom}
+   * instance to use. The default is to use a classloader singleton from
+   * {@link gnu.java.security.util.PRNG}.
    */
   public static final String SOURCE_OF_RANDOMNESS = "gnu.crypto.sig.prng";
 
-  // Methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns the canonical name of this signature scheme.</p>
-   *
+   * Returns the canonical name of this signature scheme.
+   * 
    * @return the canonical name of this instance.
    */
   String name();
 
   /**
-   * <p>Initialises this instance for signature verification.</p>
-   *
+   * Initialises this instance for signature verification.
+   * 
    * @param attributes the attributes to use for setting up this instance.
    * @throws IllegalArgumentException if the designated public key is not
-   * appropriate for this signature scheme.
+   *           appropriate for this signature scheme.
    * @see #SOURCE_OF_RANDOMNESS
    * @see #VERIFIER_KEY
    */
   void setupVerify(Map attributes) throws IllegalArgumentException;
 
   /**
-   * <p>Initialises this instance for signature generation.</p>
-   *
+   * Initialises this instance for signature generation.
+   * 
    * @param attributes the attributes to use for setting up this instance.
    * @throws IllegalArgumentException if the designated private key is not
-   * appropriate for this signature scheme.
+   *           appropriate for this signature scheme.
    * @see #SOURCE_OF_RANDOMNESS
    * @see #SIGNER_KEY
    */
   void setupSign(Map attributes) throws IllegalArgumentException;
 
   /**
-   * <p>Digests one byte of a message for signing or verification purposes.</p>
-   *
+   * Digests one byte of a message for signing or verification purposes.
+   * 
    * @param b the message byte to digest.
-   * @throws IllegalStateException if this instance was not setup for
-   * signature generation/verification.
+   * @throws IllegalStateException if this instance was not setup for signature
+   *           generation/verification.
    */
   void update(byte b) throws IllegalStateException;
 
   /**
-   * <p>Digests a sequence of bytes from a message for signing or verification
-   * purposes.</p>
-   *
+   * Digests a sequence of bytes from a message for signing or verification
+   * purposes.
+   * 
    * @param buffer the byte sequence to consider.
    * @param offset the byte poisition in <code>buffer</code> of the first byte
-   * to consider.
-   * @param length the number of bytes in <code>buffer</code> starting from the
-   * byte at index <code>offset</code> to digest.
-   * @throws IllegalStateException if this instance was not setup for
-   * signature generation/verification.
+   *          to consider.
+   * @param length the number of bytes in <code>buffer</code> starting from
+   *          the byte at index <code>offset</code> to digest.
+   * @throws IllegalStateException if this instance was not setup for signature
+   *           generation/verification.
    */
   void update(byte[] buffer, int offset, int length)
       throws IllegalStateException;
 
   /**
-   * <p>Terminates a signature generation phase by digesting and processing the
-   * context of the underlying message digest algorithm instance.</p>
-   *
+   * Terminates a signature generation phase by digesting and processing the
+   * context of the underlying message digest algorithm instance.
+   * 
    * @return a {@link Object} representing the native output of the signature
-   * scheme implementation.
-   * @throws IllegalStateException if this instance was not setup for
-   * signature generation.
+   *         scheme implementation.
+   * @throws IllegalStateException if this instance was not setup for signature
+   *           generation.
    */
   Object sign() throws IllegalStateException;
 
   /**
-   * <p>Terminates a signature verification phase by digesting and processing
-   * the context of the underlying message digest algorithm instance.</p>
-   *
+   * Terminates a signature verification phase by digesting and processing the
+   * context of the underlying message digest algorithm instance.
+   * 
    * @param signature a native signature object previously generated by an
-   * invocation of the <code>sign()</code> method.
+   *          invocation of the <code>sign()</code> method.
    * @return <code>true</code> iff the outpout of the verification phase
-   * confirms that the designated signature object has been generated using the
-   * corresponding public key of the recepient.
-   * @throws IllegalStateException if this instance was not setup for
-   * signature verification.
+   *         confirms that the designated signature object has been generated
+   *         using the corresponding public key of the recepient.
+   * @throws IllegalStateException if this instance was not setup for signature
+   *           verification.
    */
   boolean verify(Object signature) throws IllegalStateException;
 
   /**
-   * <p>Returns a clone copy of this instance.</p>
-   *
+   * Returns a clone copy of this instance.
+   * 
    * @return a clone copy of this instance.
    */
   Object clone();
diff --git a/libjava/classpath/gnu/java/security/sig/ISignatureCodec.java b/libjava/classpath/gnu/java/security/sig/ISignatureCodec.java
index b6ab0ba9b1e..aaae6ccb034 100644
--- a/libjava/classpath/gnu/java/security/sig/ISignatureCodec.java
+++ b/libjava/classpath/gnu/java/security/sig/ISignatureCodec.java
@@ -41,23 +41,16 @@ package gnu.java.security.sig;
 import gnu.java.security.Registry;
 
 /**
- * <p>The visible methods of an object that knows how to encode and decode
+ * The visible methods of an object that knows how to encode and decode
  * cryptographic signatures. Codecs are useful for (a) externalising signature
  * output data for storage and on-the-wire transmission, as well as (b) re-
- * creating their internal Java representation from external sources.</p>
+ * creating their internal Java representation from external sources.
  */
 public interface ISignatureCodec
 {
-
-  // Constants
-  // -------------------------------------------------------------------------
-
   /** Constant identifying the <i>Raw</i> encoding format. */
   int RAW_FORMAT = Registry.RAW_ENCODING_ID;
 
-  // Method(s)
-  // -------------------------------------------------------------------------
-
   int getFormatID();
 
   byte[] encodeSignature(Object signature);
diff --git a/libjava/classpath/gnu/java/security/sig/SignatureFactory.java b/libjava/classpath/gnu/java/security/sig/SignatureFactory.java
index d5bd728ad8a..28b68925b21 100644
--- a/libjava/classpath/gnu/java/security/sig/SignatureFactory.java
+++ b/libjava/classpath/gnu/java/security/sig/SignatureFactory.java
@@ -53,38 +53,28 @@ public class SignatureFactory
 {
   private static Set names;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial constructor to enforce Singleton pattern. */
   private SignatureFactory()
   {
     super();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
    * Returns an instance of a signature-with-appendix scheme given its name.
-   *
+   * 
    * @param ssa the case-insensitive signature-with-appendix scheme name.
    * @return an instance of the scheme, or <code>null</code> if none found.
    */
   public static final ISignature getInstance(String ssa)
   {
     if (ssa == null)
-      {
-        return null;
-      }
+      return null;
 
     ssa = ssa.trim();
     ssa = ssa.toLowerCase();
     ISignature result = null;
     if (ssa.equalsIgnoreCase(Registry.DSA_SIG) || ssa.equals(Registry.DSS_SIG))
-      {
-        result = new DSSSignature();
-      }
+      result = new DSSSignature();
     else if (ssa.startsWith(Registry.RSA_SIG_PREFIX))
       result = RSASignatureFactory.getInstance(ssa);
 
@@ -92,9 +82,9 @@ public class SignatureFactory
   }
 
   /**
-   * Returns a {@link Set} of signature-with-appendix scheme names supported
-   * by this <i>Factory</i>.
-   *
+   * Returns a {@link Set} of signature-with-appendix scheme names supported by
+   * this <i>Factory</i>.
+   * 
    * @return a {@link Set} of signature-with-appendix scheme names (Strings).
    */
   public static synchronized final Set getNames()
@@ -104,10 +94,8 @@ public class SignatureFactory
         HashSet hs = new HashSet();
         hs.add(Registry.DSS_SIG);
         hs.addAll(RSASignatureFactory.getNames());
-
         names = Collections.unmodifiableSet(hs);
       }
-
     return names;
   }
 }
diff --git a/libjava/classpath/gnu/java/security/sig/dss/DSSSignature.java b/libjava/classpath/gnu/java/security/sig/dss/DSSSignature.java
index 370a93854e1..1ef1bea1a7f 100644
--- a/libjava/classpath/gnu/java/security/sig/dss/DSSSignature.java
+++ b/libjava/classpath/gnu/java/security/sig/dss/DSSSignature.java
@@ -55,72 +55,65 @@ import java.util.Map;
 import java.util.Random;
 
 /**
- * <p>The DSS (Digital Signature Standard) algorithm makes use of the following
- * parameters:</p>
- *
+ * The DSS (Digital Signature Standard) algorithm makes use of the following
+ * parameters:
  * <ol>
- *    <li>p: A prime modulus, where <code>2<sup>L-1</sup> &lt; p &lt; 2<sup>L</sup>
- *    </code> for <code>512 &lt;= L &lt;= 1024</code> and <code>L</code> a
- *    multiple of <code>64</code>.</li>
- *    <li>q: A prime divisor of <code>p - 1</code>, where <code>2<sup>159</sup>
+ * <li>p: A prime modulus, where
+ * <code>2<sup>L-1</sup> &lt; p &lt; 2<sup>L</sup> </code> for <code>512 &lt;= L
+ * &lt;= 1024</code> and <code>L</code> a multiple of <code>64</code>.</li>
+ * <li>q: A prime divisor of <code>p - 1</code>, where <code>2<sup>159</sup>
  *    &lt; q &lt; 2<sup>160</sup></code>.</li>
- *    <li>g: Where <code>g = h<sup>(p-1)</sup>/q mod p</code>, where
- *    <code>h</code> is any integer with <code>1 &lt; h &lt; p - 1</code> such
- *    that <code>h<sup> (p-1)</sup>/q mod p > 1</code> (<code>g</code> has order
- *    <code>q mod p</code>).</li>
- *    <li>x: A randomly or pseudorandomly generated integer with <code>0 &lt; x
+ * <li>g: Where <code>g = h<sup>(p-1)</sup>/q mod p</code>, where
+ * <code>h</code> is any integer with <code>1 &lt; h &lt; p - 1</code> such
+ * that <code>h<sup> (p-1)</sup>/q mod p > 1</code> (<code>g</code> has order
+ * <code>q mod p</code>).</li>
+ * <li>x: A randomly or pseudorandomly generated integer with <code>0 &lt; x
  *    &lt; q</code>.</li>
- *    <li>y: <code>y = g<sup>x</sup> mod p</code>.</li>
- *    <li>k: A randomly or pseudorandomly generated integer with <code>0 &lt; k
+ * <li>y: <code>y = g<sup>x</sup> mod p</code>.</li>
+ * <li>k: A randomly or pseudorandomly generated integer with <code>0 &lt; k
  *    &lt; q</code>.</li>
  * </ol>
- *
- * <p>The integers <code>p</code>, <code>q</code>, and <code>g</code> can be
+ * <p>
+ * The integers <code>p</code>, <code>q</code>, and <code>g</code> can be
  * public and can be common to a group of users. A user's private and public
- * keys are <code>x</code> and <code>y</code>, respectively. They are normally
- * fixed for a period of time. Parameters <code>x</code> and <code>k</code> are
- * used for signature generation only, and must be kept secret. Parameter
- * <code>k</code> must be regenerated for each signature.</p>
- *
- * <p>The signature of a message <code>M</code> is the pair of numbers <code>r</code>
- * and <code>s</code> computed according to the equations below:</p>
- *
+ * keys are <code>x</code> and <code>y</code>, respectively. They are
+ * normally fixed for a period of time. Parameters <code>x</code> and
+ * <code>k</code> are used for signature generation only, and must be kept
+ * secret. Parameter <code>k</code> must be regenerated for each signature.
+ * <p>
+ * The signature of a message <code>M</code> is the pair of numbers
+ * <code>r</code> and <code>s</code> computed according to the equations below:
  * <ul>
- *    <li><code>r = (g<sup>k</sup> mod p) mod q</code> and</li>
- *    <li><code>s = (k<sup>-1</sup>(SHA(M) + xr)) mod q</code>.</li>
+ * <li><code>r = (g<sup>k</sup> mod p) mod q</code> and</li>
+ * <li><code>s = (k<sup>-1</sup>(SHA(M) + xr)) mod q</code>.</li>
  * </ul>
- *
- * <p>In the above, <code>k<sup>-1</sup></code> is the multiplicative inverse of
- * <code>k</code>, <code>mod q</code>; i.e., <code>(k<sup>-1</sup> k) mod q = 1
- * </code> and <code>0 &lt; k-1 &lt; q</code>. The value of <code>SHA(M)</code>
- * is a 160-bit string output by the Secure Hash Algorithm specified in FIPS 180.
- * For use in computing <code>s</code>, this string must be converted to an
- * integer.</p>
- *
- * <p>As an option, one may wish to check if <code>r == 0</code> or <code>s == 0
- * </code>. If either <code>r == 0</code> or <code>s == 0</code>, a new value
- * of <code>k</code> should be generated and the signature should be
- * recalculated (it is extremely unlikely that <code>r == 0</code> or <code>s ==
- * 0</code> if signatures are generated properly).</p>
- *
- * <p>The signature is transmitted along with the message to the verifier.</p>
- *
- * <p>References:</p>
+ * <p>
+ * In the above, <code>k<sup>-1</sup></code> is the multiplicative inverse of
+ * <code>k</code>, <code>mod q</code>; i.e., <code>(k<sup>-1</sup> k) mod q =
+ * 1</code> and <code>0 &lt; k-1 &lt; q</code>. The value of <code>SHA(M)</code>
+ * is a 160-bit string output by the Secure Hash Algorithm specified in FIPS
+ * 180. For use in computing <code>s</code>, this string must be converted to
+ * an integer.
+ * <p>
+ * As an option, one may wish to check if <code>r == 0</code> or <code>s == 0
+ * </code>.
+ * If either <code>r == 0</code> or <code>s == 0</code>, a new value of
+ * <code>k</code> should be generated and the signature should be recalculated
+ * (it is extremely unlikely that <code>r == 0</code> or <code>s == 0</code> if
+ * signatures are generated properly).
+ * <p>
+ * The signature is transmitted along with the message to the verifier.
+ * <p>
+ * References:
  * <ol>
- *    <li><a href="http://www.itl.nist.gov/fipspubs/fip186.htm">Digital
- *    Signature Standard (DSS)</a>, Federal Information Processing Standards
- *    Publication 186. National Institute of Standards and Technology.</li>
+ * <li><a href="http://www.itl.nist.gov/fipspubs/fip186.htm">Digital Signature
+ * Standard (DSS)</a>, Federal Information Processing Standards Publication
+ * 186. National Institute of Standards and Technology.</li>
  * </ol>
  */
-public class DSSSignature extends BaseSignature
+public class DSSSignature
+    extends BaseSignature
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial 0-arguments constructor. */
   public DSSSignature()
   {
@@ -137,16 +130,12 @@ public class DSSSignature extends BaseSignature
     this.md = (IMessageDigest) that.md.clone();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   public static final BigInteger[] sign(final DSAPrivateKey k, final byte[] h)
   {
     final DSSSignature sig = new DSSSignature();
     final Map attributes = new HashMap();
     attributes.put(ISignature.SIGNER_KEY, k);
     sig.setupSign(attributes);
-
     return sig.computeRS(h);
   }
 
@@ -157,11 +146,9 @@ public class DSSSignature extends BaseSignature
     final Map attributes = new HashMap();
     attributes.put(ISignature.SIGNER_KEY, k);
     if (rnd != null)
-      {
-        attributes.put(ISignature.SOURCE_OF_RANDOMNESS, rnd);
-      }
-    sig.setupSign(attributes);
+      attributes.put(ISignature.SOURCE_OF_RANDOMNESS, rnd);
 
+    sig.setupSign(attributes);
     return sig.computeRS(h);
   }
 
@@ -172,11 +159,9 @@ public class DSSSignature extends BaseSignature
     final Map attributes = new HashMap();
     attributes.put(ISignature.SIGNER_KEY, k);
     if (irnd != null)
-      {
-        attributes.put(ISignature.SOURCE_OF_RANDOMNESS, irnd);
-      }
-    sig.setupSign(attributes);
+      attributes.put(ISignature.SOURCE_OF_RANDOMNESS, irnd);
 
+    sig.setupSign(attributes);
     return sig.computeRS(h);
   }
 
@@ -187,13 +172,9 @@ public class DSSSignature extends BaseSignature
     final Map attributes = new HashMap();
     attributes.put(ISignature.VERIFIER_KEY, k);
     sig.setupVerify(attributes);
-
     return sig.checkRS(rs, h);
   }
 
-  // Implementation of abstract methods in superclass
-  // -------------------------------------------------------------------------
-
   public Object clone()
   {
     return new DSSSignature(this);
@@ -202,81 +183,37 @@ public class DSSSignature extends BaseSignature
   protected void setupForVerification(PublicKey k)
       throws IllegalArgumentException
   {
-    if (!(k instanceof DSAPublicKey))
-      {
-        throw new IllegalArgumentException();
-      }
+    if (! (k instanceof DSAPublicKey))
+      throw new IllegalArgumentException();
+
     this.publicKey = k;
   }
 
   protected void setupForSigning(PrivateKey k) throws IllegalArgumentException
   {
-    if (!(k instanceof DSAPrivateKey))
-      {
-        throw new IllegalArgumentException();
-      }
+    if (! (k instanceof DSAPrivateKey))
+      throw new IllegalArgumentException();
+
     this.privateKey = k;
   }
 
   protected Object generateSignature() throws IllegalStateException
   {
-    //      BigInteger p = ((DSAPrivateKey) privateKey).getParams().getP();
-    //      BigInteger q = ((DSAPrivateKey) privateKey).getParams().getQ();
-    //      BigInteger g = ((DSAPrivateKey) privateKey).getParams().getG();
-    //      BigInteger x = ((DSAPrivateKey) privateKey).getX();
-    //      BigInteger m = new BigInteger(1, md.digest());
-    //      BigInteger k, r, s;
-    //
-    //      byte[] kb = new byte[20]; // we'll use 159 bits only
-    //      while (true) {
-    //         this.nextRandomBytes(kb);
-    //         k = new BigInteger(1, kb);
-    //         k.clearBit(159);
-    //         r = g.modPow(k, p).mod(q);
-    //         if (r.equals(BigInteger.ZERO)) {
-    //            continue;
-    //         }
-    //         s = m.add(x.multiply(r)).multiply(k.modInverse(q)).mod(q);
-    //         if (s.equals(BigInteger.ZERO)) {
-    //            continue;
-    //         }
-    //         break;
-    //      }
     final BigInteger[] rs = computeRS(md.digest());
-
-    //      return encodeSignature(r, s);
     return encodeSignature(rs[0], rs[1]);
   }
 
   protected boolean verifySignature(Object sig) throws IllegalStateException
   {
     final BigInteger[] rs = decodeSignature(sig);
-    //      BigInteger r = rs[0];
-    //      BigInteger s = rs[1];
-    //
-    //      BigInteger g = ((DSAPublicKey) publicKey).getParams().getG();
-    //      BigInteger p = ((DSAPublicKey) publicKey).getParams().getP();
-    //      BigInteger q = ((DSAPublicKey) publicKey).getParams().getQ();
-    //      BigInteger y = ((DSAPublicKey) publicKey).getY();
-    //      BigInteger w = s.modInverse(q);
-    //
-    //      byte bytes[] = md.digest();
-    //      BigInteger u1 = w.multiply(new BigInteger(1, bytes)).mod(q);
-    //      BigInteger u2 = r.multiply(w).mod(q);
-    //
-    //      BigInteger v = g.modPow(u1, p).multiply(y.modPow(u2, p)).mod(p).mod(q);
-    //      return v.equals(r);
     return checkRS(rs, md.digest());
   }
 
-  // Other instance methods
-  // -------------------------------------------------------------------------
-
   /**
-   * Returns the output of a signature generation phase.<p>
-   *
+   * Returns the output of a signature generation phase.
+   * 
    * @return an object encapsulating the DSS signature pair <code>r</code> and
-   * <code>s</code>.
+   *         <code>s</code>.
    */
   private Object encodeSignature(BigInteger r, BigInteger s)
   {
@@ -284,9 +221,9 @@ public class DSSSignature extends BaseSignature
   }
 
   /**
-   * Returns the output of a previously generated signature object as a pair
-   * of {@link java.math.BigInteger}.<p>
-   *
+   * Returns the output of a previously generated signature object as a pair of
+   * {@link java.math.BigInteger}.
+   * 
    * @return the DSS signature pair <code>r</code> and <code>s</code>.
    */
   private BigInteger[] decodeSignature(Object signature)
@@ -302,7 +239,6 @@ public class DSSSignature extends BaseSignature
     final BigInteger x = ((DSAPrivateKey) privateKey).getX();
     final BigInteger m = new BigInteger(1, digestBytes);
     BigInteger k, r, s;
-
     final byte[] kb = new byte[20]; // we'll use 159 bits only
     while (true)
       {
@@ -311,17 +247,14 @@ public class DSSSignature extends BaseSignature
         k.clearBit(159);
         r = g.modPow(k, p).mod(q);
         if (r.equals(BigInteger.ZERO))
-          {
-            continue;
-          }
+          continue;
+
         s = m.add(x.multiply(r)).multiply(k.modInverse(q)).mod(q);
         if (s.equals(BigInteger.ZERO))
-          {
-            continue;
-          }
+          continue;
+
         break;
       }
-
     return new BigInteger[] { r, s };
   }
 
@@ -329,16 +262,13 @@ public class DSSSignature extends BaseSignature
   {
     final BigInteger r = rs[0];
     final BigInteger s = rs[1];
-
     final BigInteger g = ((DSAPublicKey) publicKey).getParams().getG();
     final BigInteger p = ((DSAPublicKey) publicKey).getParams().getP();
     final BigInteger q = ((DSAPublicKey) publicKey).getParams().getQ();
     final BigInteger y = ((DSAPublicKey) publicKey).getY();
     final BigInteger w = s.modInverse(q);
-
     final BigInteger u1 = w.multiply(new BigInteger(1, digestBytes)).mod(q);
     final BigInteger u2 = r.multiply(w).mod(q);
-
     final BigInteger v = g.modPow(u1, p).multiply(y.modPow(u2, p)).mod(p).mod(q);
     return v.equals(r);
   }
diff --git a/libjava/classpath/gnu/java/security/sig/dss/DSSSignatureRawCodec.java b/libjava/classpath/gnu/java/security/sig/dss/DSSSignatureRawCodec.java
index b0590a573dc..903d7aad6c9 100644
--- a/libjava/classpath/gnu/java/security/sig/dss/DSSSignatureRawCodec.java
+++ b/libjava/classpath/gnu/java/security/sig/dss/DSSSignatureRawCodec.java
@@ -45,61 +45,46 @@ import java.io.ByteArrayOutputStream;
 import java.math.BigInteger;
 
 /**
- * <p>An object that implements the {@link ISignatureCodec} operations for the
- * <i>Raw</i> format to use with DSS signatures.</p>
+ * An object that implements the {@link ISignatureCodec} operations for the
+ * <i>Raw</i> format to use with DSS signatures.
  */
-public class DSSSignatureRawCodec implements ISignatureCodec
+public class DSSSignatureRawCodec
+    implements ISignatureCodec
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
-  // implicit 0-arguments constructor
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // gnu.crypto.sig.ISignatureCodec interface implementation -----------------
-
   public int getFormatID()
   {
     return RAW_FORMAT;
   }
 
   /**
-   * <p>Returns the encoded form of the designated DSS (Digital Signature
-   * Standard) signature object according to the <i>Raw</i> format supported by
-   * this library.</p>
-   *
-   * <p>The <i>Raw</i> format for a DSA signature, in this implementation, is a
-   * byte sequence consisting of the following:</p>
-   *
+   * Returns the encoded form of the designated DSS (Digital Signature Standard)
+   * signature object according to the <i>Raw</i> format supported by this
+   * library.
+   * <p>
+   * The <i>Raw</i> format for a DSA signature, in this implementation, is a
+   * byte sequence consisting of the following:
    * <ol>
-   *		<li>4-byte magic consisting of the value of the literal
-   *    {@link Registry#MAGIC_RAW_DSS_SIGNATURE},</li>
-   *		<li>1-byte version consisting of the constant: 0x01,</li>
-   *		<li>4-byte count of following bytes representing the DSS parameter
-   *		<code>r</code> in internet order,</li>
-   *		<li>n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the <code>toByteArray()</code> method on the DSS parameter <code>r</code>,</li>
-   *		<li>4-byte count of following bytes representing the DSS parameter
-   *		<code>s</code>,</li>
-   *		<li>n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the <code>toByteArray()</code> method on the DSS parameter <code>s</code>.</li>
+   * <li>4-byte magic consisting of the value of the literal
+   * {@link Registry#MAGIC_RAW_DSS_SIGNATURE},</li>
+   * <li>1-byte version consisting of the constant: 0x01,</li>
+   * <li>4-byte count of following bytes representing the DSS parameter
+   * <code>r</code> in internet order,</li>
+   * <li>n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the <code>toByteArray()</code> method on the DSS parameter <code>r</code>,
+   * </li>
+   * <li>4-byte count of following bytes representing the DSS parameter
+   * <code>s</code>,</li>
+   * <li>n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the <code>toByteArray()</code> method on the DSS parameter <code>s</code>.
+   * </li>
    * </ol>
-   *
+   * 
    * @param signature the signature to encode, consisting of the two DSS
-   * parameters <code>r</code> and <code>s</code> as a {@link java.math.BigInteger}
-   * array.
+   *          parameters <code>r</code> and <code>s</code> as a
+   *          {@link BigInteger} array.
    * @return the <i>Raw</i> format encoding of the designated signature.
    * @exception IllegalArgumentException if the designated signature is not a
-   * DSS (Digital Signature Standard) one.
+   *              DSS (Digital Signature Standard) one.
    */
   public byte[] encodeSignature(Object signature)
   {
@@ -112,38 +97,32 @@ public class DSSSignatureRawCodec implements ISignatureCodec
       }
     catch (Exception x)
       {
-        throw new IllegalArgumentException("key");
+        throw new IllegalArgumentException("signature");
       }
-
     ByteArrayOutputStream baos = new ByteArrayOutputStream();
-
     // magic
     baos.write(Registry.MAGIC_RAW_DSS_SIGNATURE[0]);
     baos.write(Registry.MAGIC_RAW_DSS_SIGNATURE[1]);
     baos.write(Registry.MAGIC_RAW_DSS_SIGNATURE[2]);
     baos.write(Registry.MAGIC_RAW_DSS_SIGNATURE[3]);
-
     // version
     baos.write(0x01);
-
     // r
     byte[] buffer = r.toByteArray();
     int length = buffer.length;
-    baos.write(length >>> 24);
+    baos.write( length >>> 24);
     baos.write((length >>> 16) & 0xFF);
     baos.write((length >>> 8) & 0xFF);
     baos.write(length & 0xFF);
     baos.write(buffer, 0, length);
-
     // s
     buffer = s.toByteArray();
     length = buffer.length;
-    baos.write(length >>> 24);
+    baos.write( length >>> 24);
     baos.write((length >>> 16) & 0xFF);
     baos.write((length >>> 8) & 0xFF);
     baos.write(length & 0xFF);
     baos.write(buffer, 0, length);
-
     return baos.toByteArray();
   }
 
@@ -154,36 +133,32 @@ public class DSSSignatureRawCodec implements ISignatureCodec
         || k[1] != Registry.MAGIC_RAW_DSS_SIGNATURE[1]
         || k[2] != Registry.MAGIC_RAW_DSS_SIGNATURE[2]
         || k[3] != Registry.MAGIC_RAW_DSS_SIGNATURE[3])
-      {
-        throw new IllegalArgumentException("magic");
-      }
-
+      throw new IllegalArgumentException("magic");
     // version
     if (k[4] != 0x01)
-      {
-        throw new IllegalArgumentException("version");
-      }
+      throw new IllegalArgumentException("version");
 
     int i = 5;
     int l;
     byte[] buffer;
-
     // r
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger r = new BigInteger(1, buffer);
-
     // s
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger s = new BigInteger(1, buffer);
-
     return new BigInteger[] { r, s };
   }
 }
diff --git a/libjava/classpath/gnu/java/security/sig/rsa/EME_PKCS1_V1_5.java b/libjava/classpath/gnu/java/security/sig/rsa/EME_PKCS1_V1_5.java
index efe580d5167..39de01f0213 100644
--- a/libjava/classpath/gnu/java/security/sig/rsa/EME_PKCS1_V1_5.java
+++ b/libjava/classpath/gnu/java/security/sig/rsa/EME_PKCS1_V1_5.java
@@ -47,25 +47,21 @@ import java.security.interfaces.RSAKey;
 import java.util.Random;
 
 /**
- * <p>An implementation of the EME-PKCS1-V1.5 encoding and decoding methods.</p>
- *
- * <p>EME-PKCS1-V1.5 is parameterised by the entity <code>k</code> which is the
- * byte count of an RSA public shared modulus.</p>
- *
- * <p>References:</p>
+ * An implementation of the EME-PKCS1-V1.5 encoding and decoding methods.
+ * <p>
+ * EME-PKCS1-V1.5 is parameterised by the entity <code>k</code> which is the
+ * byte count of an RSA public shared modulus.
+ * <p>
+ * References:
  * <ol>
- *    <li><a href="http://www.ietf.org/rfc/rfc3447.txt">Public-Key Cryptography
- *    Standards (PKCS) #1:</a><br>
- *    RSA Cryptography Specifications Version 2.1.<br>
- *    Jakob Jonsson and Burt Kaliski.</li>
+ * <li><a href="http://www.ietf.org/rfc/rfc3447.txt">Public-Key Cryptography
+ * Standards (PKCS) #1:</a><br>
+ * RSA Cryptography Specifications Version 2.1.<br>
+ * Jakob Jonsson and Burt Kaliski.</li>
  * </ol>
  */
 public class EME_PKCS1_V1_5
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   private int k;
 
   private ByteArrayOutputStream baos = new ByteArrayOutputStream();
@@ -73,9 +69,6 @@ public class EME_PKCS1_V1_5
   /** Our default source of randomness. */
   private PRNG prng = PRNG.getInstance();
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   private EME_PKCS1_V1_5(final int k)
   {
     super();
@@ -83,15 +76,11 @@ public class EME_PKCS1_V1_5
     this.k = k;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   public static final EME_PKCS1_V1_5 getInstance(final int k)
   {
     if (k < 0)
-      {
-        throw new IllegalArgumentException("k must be a positive integer");
-      }
+      throw new IllegalArgumentException("k must be a positive integer");
+
     return new EME_PKCS1_V1_5(k);
   }
 
@@ -102,34 +91,29 @@ public class EME_PKCS1_V1_5
     return EME_PKCS1_V1_5.getInstance(k);
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Generates an octet string <code>PS</code> of length <code>k - mLen -
-   * 3</code> consisting of pseudo-randomly generated nonzero octets. The
-   * length of <code>PS</code> will be at least eight octets.</p>
-   *
-   * <p>The method then concatenates <code>PS</code>, the message <code>M</code>,
+   * Generates an octet string <code>PS</code> of length <code>k - mLen -
+   * 3</code> consisting of pseudo-randomly generated nonzero octets. The length
+   * of <code>PS</code> will be at least eight octets.
+   * <p>
+   * The method then concatenates <code>PS</code>, the message <code>M</code>,
    * and other padding to form an encoded message <code>EM</code> of length
-   * <code>k</code> octets as:</p>
-   *
+   * <code>k</code> octets as:
    * <pre>
-   *    EM = 0x00 || 0x02 || PS || 0x00 || M.
+   *     EM = 0x00 || 0x02 || PS || 0x00 || M.
    * </pre>
-   *
-   * <p>This method uses a default PRNG to obtain the padding bytes.</p>
-   *
+   * <p>
+   * This method uses a default PRNG to obtain the padding bytes.
+   * 
    * @param M the message to encode.
    * @return the encoded message <code>EM</code>.
    */
   public byte[] encode(final byte[] M)
   {
     // a. Generate an octet string PS of length k - mLen - 3 consisting
-    //    of pseudo-randomly generated nonzero octets.  The length of PS
-    //    will be at least eight octets.
+    // of pseudo-randomly generated nonzero octets. The length of PS
+    // will be at least eight octets.
     final byte[] PS = new byte[k - M.length - 3];
-
     // FIXME. This should be configurable, somehow.
     prng.nextBytes(PS);
     int i = 0;
@@ -139,17 +123,17 @@ public class EME_PKCS1_V1_5
           PS[i] = 1;
       }
     // b. Concatenate PS, the message M, and other padding to form an
-    //    encoded message EM of length k octets as
+    // encoded message EM of length k octets as
     //
-    //    EM = 0x00 || 0x02 || PS || 0x00 || M.
+    // EM = 0x00 || 0x02 || PS || 0x00 || M.
     return assembleEM(PS, M);
   }
 
   /**
-   * <p>Similar to {@link #encode(byte[])} method, except that the source of
+   * Similar to {@link #encode(byte[])} method, except that the source of
    * randomness to use for obtaining the padding bytes (an instance of
-   * {@link IRandom}) is given as a parameter.</p>
-   *
+   * {@link IRandom}) is given as a parameter.
+   * 
    * @param M the message to encode.
    * @param irnd the {@link IRandom} instance to use as a source of randomness.
    * @return the encoded message <code>EM</code>.
@@ -183,14 +167,13 @@ public class EME_PKCS1_V1_5
       {
         throw new RuntimeException("encode(): " + String.valueOf(x));
       }
-
     return assembleEM(PS, M);
   }
 
   /**
-   * <p>Similar to the {@link #encode(byte[], IRandom)} method, except that
-   * the source of randmoness is an instance of {@link Random}.
-   *
+   * Similar to the {@link #encode(byte[], IRandom)} method, except that the
+   * source of randmoness is an instance of {@link Random}.
+   * 
    * @param M the message to encode.
    * @param rnd the {@link Random} instance to use as a source of randomness.
    * @return the encoded message <code>EM</code>.
@@ -213,33 +196,31 @@ public class EME_PKCS1_V1_5
           }
         break;
       }
-
     return assembleEM(PS, M);
   }
 
   /**
-   * <p>Separate the encoded message <code>EM</code> into an octet string
+   * Separate the encoded message <code>EM</code> into an octet string
    * <code>PS</code> consisting of nonzero octets and a message <code>M</code>
-   * as:</p>
-   *
+   * as:
    * <pre>
-   *    EM = 0x00 || 0x02 || PS || 0x00 || M.
+   *     EM = 0x00 || 0x02 || PS || 0x00 || M.
    * </pre>
-   *
-   * <p>If the first octet of <code>EM</code> does not have hexadecimal value
-   * <code>0x00</code>, if the second octet of <code>EM</code> does not have
-   * hexadecimal value <code>0x02</code>, if there is no octet with hexadecimal
-   * value <code>0x00</code> to separate <code>PS</code> from <code>M</code>,
-   * or if the length of <code>PS</code> is less than <code>8</code> octets,
-   * output "decryption error" and stop.</p>
-
+   * <p>
+   * If the first octet of <code>EM</code> does not have hexadecimal value
+   * <code>0x00</code>, if the second octet of <code>EM</code> does not
+   * have hexadecimal value <code>0x02</code>, if there is no octet with
+   * hexadecimal value <code>0x00</code> to separate <code>PS</code> from
+   * <code>M</code>, or if the length of <code>PS</code> is less than
+   * <code>8</code> octets, output "decryption error" and stop.
+   * 
    * @param EM the designated encoded message.
    * @return the decoded message <code>M</code> framed in the designated
-   * <code>EM</code> value.
+   *         <code>EM</code> value.
    * @throws IllegalArgumentException if the length of the designated entity
-   * <code>EM</code> is different than <code>k</code> (the length in bytes of
-   * the public shared modulus), or if any of the conditions described above
-   * is detected.
+   *           <code>EM</code> is different than <code>k</code> (the length
+   *           in bytes of the public shared modulus), or if any of the
+   *           conditions described above is detected.
    */
   public byte[] decode(final byte[] EM)
   {
@@ -252,46 +233,34 @@ public class EME_PKCS1_V1_5
     // the second octet of EM does not have hexadecimal value 0x02, if
     // there is no octet with hexadecimal value 0x00 to separate PS from
     // M, or if the length of PS is less than 8 octets, output
-    // "decryption error" and stop.  (See the note below.)
+    // "decryption error" and stop. (See the note below.)
     final int emLen = EM.length;
     if (emLen != k)
-      {
-        throw new IllegalArgumentException("decryption error");
-      }
+      throw new IllegalArgumentException("decryption error");
     if (EM[0] != 0x00)
-      {
-        throw new IllegalArgumentException("decryption error");
-      }
+      throw new IllegalArgumentException("decryption error");
     if (EM[1] != 0x02)
-      {
-        throw new IllegalArgumentException("decryption error");
-      }
+      throw new IllegalArgumentException("decryption error");
     int i = 2;
     for (; i < emLen; i++)
       {
         if (EM[i] == 0x00)
-          {
-            break;
-          }
+          break;
       }
     if (i >= emLen || i < 11)
-      {
-        throw new IllegalArgumentException("decryption error");
-      }
+      throw new IllegalArgumentException("decryption error");
     i++;
     final byte[] result = new byte[emLen - i];
     System.arraycopy(EM, i, result, 0, result.length);
     return result;
   }
 
-  // helper methods ----------------------------------------------------------
-
   private byte[] assembleEM(final byte[] PS, final byte[] M)
   {
     // b. Concatenate PS, the message M, and other padding to form an
-    //    encoded message EM of length k octets as
+    // encoded message EM of length k octets as
     //
-    //    EM = 0x00 || 0x02 || PS || 0x00 || M.
+    // EM = 0x00 || 0x02 || PS || 0x00 || M.
     baos.reset();
     baos.write(0x00);
     baos.write(0x02);
@@ -300,7 +269,6 @@ public class EME_PKCS1_V1_5
     baos.write(M, 0, M.length);
     final byte[] result = baos.toByteArray();
     baos.reset();
-
     return result;
   }
 }
diff --git a/libjava/classpath/gnu/java/security/sig/rsa/EMSA_PKCS1_V1_5.java b/libjava/classpath/gnu/java/security/sig/rsa/EMSA_PKCS1_V1_5.java
index d155fc88fb4..a0c4de17fab 100644
--- a/libjava/classpath/gnu/java/security/sig/rsa/EMSA_PKCS1_V1_5.java
+++ b/libjava/classpath/gnu/java/security/sig/rsa/EMSA_PKCS1_V1_5.java
@@ -45,12 +45,12 @@ import gnu.java.security.hash.IMessageDigest;
 import java.io.ByteArrayOutputStream;
 
 /**
- * <p>An implementation of the EMSA-PKCS1-V1.5 encoding scheme.</p>
- *
- * <p>EMSA-PKCS1-V1.5 is parameterised by the choice of hash function Hash and
- * hLen which denotes the length in octets of the hash function output.</p>
- *
- * <p>References:</p>
+ * An implementation of the EMSA-PKCS1-V1.5 encoding scheme.
+ * <p>
+ * EMSA-PKCS1-V1.5 is parameterised by the choice of hash function Hash and
+ * hLen which denotes the length in octets of the hash function output.
+ * <p>
+ * References:
  * <ol>
  *    <li><a href="http://www.ietf.org/rfc/rfc3447.txt">Public-Key Cryptography
  *    Standards (PKCS) #1:</a><br>
@@ -58,12 +58,9 @@ import java.io.ByteArrayOutputStream;
  *    Jakob Jonsson and Burt Kaliski.</li>
  * </ol>
  */
-public class EMSA_PKCS1_V1_5 implements Cloneable
+public class EMSA_PKCS1_V1_5
+    implements Cloneable
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /* Notes.
    1. For the six hash functions mentioned in Appendix B.1, the DER encoding
    T of the DigestInfo value is equal to the following:
@@ -75,67 +72,46 @@ public class EMSA_PKCS1_V1_5 implements Cloneable
    SHA-384: (0x)30 41 30 0d 06 09 60 86 48 01 65 03 04 02 02 05 00 04 30 || H
    SHA-512: (0x)30 51 30 0d 06 09 60 86 48 01 65 03 04 02 03 05 00 04 40 || H
    */
-  private static final byte[] MD2_PREFIX = { (byte) 0x30, (byte) 0x20,
-                                            (byte) 0x30, (byte) 0x0c,
-                                            (byte) 0x06, (byte) 0x08,
-                                            (byte) 0x2a, (byte) 0x86,
-                                            (byte) 0x48, (byte) 0x86,
-                                            (byte) 0xf7, (byte) 0x0d,
-                                            (byte) 0x02, (byte) 0x02,
-                                            (byte) 0x05, (byte) 0x00,
-                                            (byte) 0x04, (byte) 0x10 };
-
-  private static final byte[] MD5_PREFIX = { (byte) 0x30, (byte) 0x20,
-                                            (byte) 0x30, (byte) 0x0c,
-                                            (byte) 0x06, (byte) 0x08,
-                                            (byte) 0x2a, (byte) 0x86,
-                                            (byte) 0x48, (byte) 0x86,
-                                            (byte) 0xf7, (byte) 0x0d,
-                                            (byte) 0x02, (byte) 0x05,
-                                            (byte) 0x05, (byte) 0x00,
-                                            (byte) 0x04, (byte) 0x10 };
-
-  private static final byte[] SHA160_PREFIX = { (byte) 0x30, (byte) 0x21,
-                                               (byte) 0x30, (byte) 0x09,
-                                               (byte) 0x06, (byte) 0x05,
-                                               (byte) 0x2b, (byte) 0x0e,
-                                               (byte) 0x03, (byte) 0x02,
-                                               (byte) 0x1a, (byte) 0x05,
-                                               (byte) 0x00, (byte) 0x04,
-                                               (byte) 0x14 };
-
-  private static final byte[] SHA256_PREFIX = { (byte) 0x30, (byte) 0x31,
-                                               (byte) 0x30, (byte) 0x0d,
-                                               (byte) 0x06, (byte) 0x09,
-                                               (byte) 0x60, (byte) 0x86,
-                                               (byte) 0x48, (byte) 0x01,
-                                               (byte) 0x65, (byte) 0x03,
-                                               (byte) 0x04, (byte) 0x02,
-                                               (byte) 0x01, (byte) 0x05,
-                                               (byte) 0x00, (byte) 0x04,
-                                               (byte) 0x20 };
-
-  private static final byte[] SHA384_PREFIX = { (byte) 0x30, (byte) 0x41,
-                                               (byte) 0x30, (byte) 0x0d,
-                                               (byte) 0x06, (byte) 0x09,
-                                               (byte) 0x60, (byte) 0x86,
-                                               (byte) 0x48, (byte) 0x01,
-                                               (byte) 0x65, (byte) 0x03,
-                                               (byte) 0x04, (byte) 0x02,
-                                               (byte) 0x02, (byte) 0x05,
-                                               (byte) 0x00, (byte) 0x04,
-                                               (byte) 0x30 };
-
-  private static final byte[] SHA512_PREFIX = { (byte) 0x30, (byte) 0x51,
-                                               (byte) 0x30, (byte) 0x0d,
-                                               (byte) 0x06, (byte) 0x09,
-                                               (byte) 0x60, (byte) 0x86,
-                                               (byte) 0x48, (byte) 0x01,
-                                               (byte) 0x65, (byte) 0x03,
-                                               (byte) 0x04, (byte) 0x02,
-                                               (byte) 0x03, (byte) 0x05,
-                                               (byte) 0x00, (byte) 0x04,
-                                               (byte) 0x40 };
+  private static final byte[] MD2_PREFIX = {
+      (byte) 0x30, (byte) 0x20, (byte) 0x30, (byte) 0x0c, (byte) 0x06,
+      (byte) 0x08, (byte) 0x2a, (byte) 0x86, (byte) 0x48, (byte) 0x86,
+      (byte) 0xf7, (byte) 0x0d, (byte) 0x02, (byte) 0x02, (byte) 0x05,
+      (byte) 0x00, (byte) 0x04, (byte) 0x10
+  };
+
+  private static final byte[] MD5_PREFIX = {
+      (byte) 0x30, (byte) 0x20, (byte) 0x30, (byte) 0x0c, (byte) 0x06,
+      (byte) 0x08, (byte) 0x2a, (byte) 0x86, (byte) 0x48, (byte) 0x86,
+      (byte) 0xf7, (byte) 0x0d, (byte) 0x02, (byte) 0x05, (byte) 0x05,
+      (byte) 0x00, (byte) 0x04, (byte) 0x10
+  };
+
+  private static final byte[] SHA160_PREFIX = {
+      (byte) 0x30, (byte) 0x21, (byte) 0x30, (byte) 0x09, (byte) 0x06,
+      (byte) 0x05, (byte) 0x2b, (byte) 0x0e, (byte) 0x03, (byte) 0x02,
+      (byte) 0x1a, (byte) 0x05, (byte) 0x00, (byte) 0x04, (byte) 0x14
+  };
+
+  private static final byte[] SHA256_PREFIX = {
+      (byte) 0x30, (byte) 0x31, (byte) 0x30, (byte) 0x0d, (byte) 0x06,
+      (byte) 0x09, (byte) 0x60, (byte) 0x86, (byte) 0x48, (byte) 0x01,
+      (byte) 0x65, (byte) 0x03, (byte) 0x04, (byte) 0x02, (byte) 0x01,
+      (byte) 0x05, (byte) 0x00, (byte) 0x04, (byte) 0x20
+  };
+
+  private static final byte[] SHA384_PREFIX = {
+      (byte) 0x30, (byte) 0x41, (byte) 0x30, (byte) 0x0d, (byte) 0x06,
+      (byte) 0x09, (byte) 0x60, (byte) 0x86, (byte) 0x48, (byte) 0x01,
+      (byte) 0x65, (byte) 0x03, (byte) 0x04, (byte) 0x02, (byte) 0x02,
+      (byte) 0x05, (byte) 0x00, (byte) 0x04, (byte) 0x30
+  };
+
+  private static final byte[] SHA512_PREFIX = {
+      (byte) 0x30, (byte) 0x51, (byte) 0x30, (byte) 0x0d, (byte) 0x06,
+      (byte) 0x09, (byte) 0x60, (byte) 0x86, (byte) 0x48, (byte) 0x01,
+      (byte) 0x65, (byte) 0x03, (byte) 0x04, (byte) 0x02, (byte) 0x03,
+      (byte) 0x05, (byte) 0x00, (byte) 0x04, (byte) 0x40
+  };
 
   /** The underlying hash function to use with this instance. */
   private IMessageDigest hash;
@@ -146,11 +122,8 @@ public class EMSA_PKCS1_V1_5 implements Cloneable
   /** The DER part of DigestInfo not containing the hash value itself. */
   private byte[] prefix;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Trivial private constructor to enforce use through Factory method.</p>
+   * Trivial private constructor to enforce use through Factory method.
    *
    * @param hash the message digest instance to use with this scheme instance.
    */
@@ -162,41 +135,24 @@ public class EMSA_PKCS1_V1_5 implements Cloneable
     hLen = hash.hashSize();
     final String name = hash.name();
     if (name.equals(Registry.MD2_HASH))
-      {
-        prefix = MD2_PREFIX;
-      }
+      prefix = MD2_PREFIX;
     else if (name.equals(Registry.MD5_HASH))
-      {
-        prefix = MD5_PREFIX;
-      }
+      prefix = MD5_PREFIX;
     else if (name.equals(Registry.SHA160_HASH))
-      {
-        prefix = SHA160_PREFIX;
-      }
+      prefix = SHA160_PREFIX;
     else if (name.equals(Registry.SHA256_HASH))
-      {
-        prefix = SHA256_PREFIX;
-      }
+      prefix = SHA256_PREFIX;
     else if (name.equals(Registry.SHA384_HASH))
-      {
-        prefix = SHA384_PREFIX;
-      }
+      prefix = SHA384_PREFIX;
     else if (name.equals(Registry.SHA512_HASH))
-      {
-        prefix = SHA512_PREFIX;
-      }
+      prefix = SHA512_PREFIX;
     else
-      {
-        throw new UnsupportedOperationException(); // should not happen
-      }
+      throw new UnsupportedOperationException(); // should not happen
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns an instance of this object given a designated name of a hash
-   * function.</p>
+   * Returns an instance of this object given a designated name of a hash
+   * function.
    *
    * @param mdName the canonical name of a hash function.
    * @return an instance of this object configured for use with the designated
@@ -208,32 +164,26 @@ public class EMSA_PKCS1_V1_5 implements Cloneable
   {
     final IMessageDigest hash = HashFactory.getInstance(mdName);
     final String name = hash.name();
-    if (!(name.equals(Registry.MD2_HASH) || name.equals(Registry.MD5_HASH)
+    if (! (name.equals(Registry.MD2_HASH)
+          || name.equals(Registry.MD5_HASH)
           || name.equals(Registry.SHA160_HASH)
           || name.equals(Registry.SHA256_HASH)
-          || name.equals(Registry.SHA384_HASH) || name.equals(Registry.SHA512_HASH)))
-      {
-        throw new UnsupportedOperationException("hash with no OID: " + name);
-      }
+          || name.equals(Registry.SHA384_HASH)
+          || name.equals(Registry.SHA512_HASH)))
+      throw new UnsupportedOperationException("hash with no OID: " + name);
+
     return new EMSA_PKCS1_V1_5(hash);
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // Cloneable interface implementation --------------------------------------
-
   public Object clone()
   {
     return getInstance(hash.name());
   }
 
-  // own methods -------------------------------------------------------------
-
   /**
-   * <p>Frames the hash of a message, along with an ID of the hash function in
+   * Frames the hash of a message, along with an ID of the hash function in
    * a DER sequence according to the specifications of EMSA-PKCS1-V1.5 as
-   * described in RFC-3447 (see class documentation).</p>
+   * described in RFC-3447 (see class documentation).
    *
    * @param mHash the byte sequence resulting from applying the message digest
    * algorithm Hash to the message <i>M</i>.
@@ -270,17 +220,13 @@ public class EMSA_PKCS1_V1_5 implements Cloneable
     // 3. If emLen < tLen + 11, output "intended encoded message length too
     //    short" and stop.
     if (emLen < tLen + 11)
-      {
-        throw new IllegalArgumentException("emLen too short");
-      }
+      throw new IllegalArgumentException("emLen too short");
     // 4. Generate an octet string PS consisting of emLen - tLen - 3 octets
     //    with hexadecimal value 0xff.  The length of PS will be at least 8
     //    octets.
     final byte[] PS = new byte[emLen - tLen - 3];
     for (int i = 0; i < PS.length; i++)
-      {
-        PS[i] = (byte) 0xFF;
-      }
+      PS[i] = (byte) 0xFF;
     // 5. Concatenate PS, the DER encoding T, and other padding to form the
     //    encoded message EM as: EM = 0x00 || 0x01 || PS || 0x00 || T.
     baos.reset();
diff --git a/libjava/classpath/gnu/java/security/sig/rsa/EMSA_PSS.java b/libjava/classpath/gnu/java/security/sig/rsa/EMSA_PSS.java
index c1c9760ed5c..97b3afcf8c1 100644
--- a/libjava/classpath/gnu/java/security/sig/rsa/EMSA_PSS.java
+++ b/libjava/classpath/gnu/java/security/sig/rsa/EMSA_PSS.java
@@ -38,57 +38,42 @@ exception statement from your version.  */
 
 package gnu.java.security.sig.rsa;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.hash.HashFactory;
 import gnu.java.security.hash.IMessageDigest;
 import gnu.java.security.util.Util;
 
-import java.io.PrintWriter;
 import java.util.Arrays;
+import java.util.logging.Logger;
 
 /**
- * <p>An implementation of the EMSA-PSS encoding/decoding scheme.</p>
- *
- * <p>EMSA-PSS coincides with EMSA4 in IEEE P1363a D5 except that EMSA-PSS acts
- * on octet strings and not on bit strings. In particular, the bit lengths of
- * the hash and the salt must be multiples of 8 in EMSA-PSS. Moreover, EMSA4
- * outputs an integer of a desired bit length rather than an octet string.</p>
- *
- * <p>EMSA-PSS is parameterized by the choice of hash function Hash and mask
+ * An implementation of the EMSA-PSS encoding/decoding scheme.
+ * <p>
+ * EMSA-PSS coincides with EMSA4 in IEEE P1363a D5 except that EMSA-PSS acts on
+ * octet strings and not on bit strings. In particular, the bit lengths of the
+ * hash and the salt must be multiples of 8 in EMSA-PSS. Moreover, EMSA4 outputs
+ * an integer of a desired bit length rather than an octet string.
+ * <p>
+ * EMSA-PSS is parameterized by the choice of hash function Hash and mask
  * generation function MGF. In this submission, MGF is based on a Hash
  * definition that coincides with the corresponding definitions in IEEE Std
  * 1363-2000, PKCS #1 v2.0, and the draft ANSI X9.44. In PKCS #1 v2.0 and the
  * draft ANSI X9.44, the recommended hash function is SHA-1, while IEEE Std
- * 1363-2000 recommends SHA-1 and RIPEMD-160.</p>
- *
- * <p>References:</p>
+ * 1363-2000 recommends SHA-1 and RIPEMD-160.
+ * <p>
+ * References:
  * <ol>
- *    <li><a href="http://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/rsa-pss.zip">
- *    RSA-PSS Signature Scheme with Appendix, part B.</a><br>
- *    Primitive specification and supporting documentation.<br>
- *    Jakob Jonsson and Burt Kaliski.</li>
+ * <li><a
+ * href="http://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/rsa-pss.zip">
+ * RSA-PSS Signature Scheme with Appendix, part B.</a><br>
+ * Primitive specification and supporting documentation.<br>
+ * Jakob Jonsson and Burt Kaliski.</li>
  * </ol>
  */
-public class EMSA_PSS implements Cloneable
+public class EMSA_PSS
+    implements Cloneable
 {
-
-  // Debugging methods and variables
-  // -------------------------------------------------------------------------
-
-  private static final String NAME = "emsa-pss";
-
-  private static final boolean DEBUG = false;
-
-  private static final int debuglevel = 5;
-
-  private static final PrintWriter err = new PrintWriter(System.out, true);
-
-  private static void debug(String s)
-  {
-    err.println(">>> " + NAME + ": " + s);
-  }
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
+  private static final Logger log = Logger.getLogger(EMSA_PSS.class.getName());
 
   /** The underlying hash function to use with this instance. */
   private IMessageDigest hash;
@@ -96,12 +81,9 @@ public class EMSA_PSS implements Cloneable
   /** The output size of the hash function in octets. */
   private int hLen;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Trivial private constructor to enforce use through Factory method.</p>
-   *
+   * Trivial private constructor to enforce use through Factory method.
+   * 
    * @param hash the message digest instance to use with this scheme instance.
    */
   private EMSA_PSS(IMessageDigest hash)
@@ -112,16 +94,13 @@ public class EMSA_PSS implements Cloneable
     hLen = hash.hashSize();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns an instance of this object given a designated name of a hash
-   * function.</p>
-   *
+   * Returns an instance of this object given a designated name of a hash
+   * function.
+   * 
    * @param mdName the canonical name of a hash function.
    * @return an instance of this object configured for use with the designated
-   * options.
+   *         options.
    */
   public static EMSA_PSS getInstance(String mdName)
   {
@@ -129,51 +108,38 @@ public class EMSA_PSS implements Cloneable
     return new EMSA_PSS(hash);
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // Cloneable interface implementation --------------------------------------
-
   public Object clone()
   {
     return getInstance(hash.name());
   }
 
-  // own methods -------------------------------------------------------------
-
   /**
-   * <p>The encoding operation EMSA-PSS-Encode computes the hash of a message
+   * The encoding operation EMSA-PSS-Encode computes the hash of a message
    * <code>M</code> using a hash function and maps the result to an encoded
    * message <code>EM</code> of a specified length using a mask generation
-   * function.</p>
-   *
+   * function.
+   * 
    * @param mHash the byte sequence resulting from applying the message digest
-   * algorithm Hash to the message <i>M</i>.
+   *          algorithm Hash to the message <i>M</i>.
    * @param emBits the maximal bit length of the integer OS2IP(EM), at least
-   * <code>8.hLen + 8.sLen + 9</code>.
+   *          <code>8.hLen + 8.sLen + 9</code>.
    * @param salt the salt to use when encoding the output.
    * @return the encoded message <code>EM</code>, an octet string of length
-   * <code>emLen = CEILING(emBits / 8)</code>.
+   *         <code>emLen = CEILING(emBits / 8)</code>.
    * @exception IllegalArgumentException if an exception occurs.
-   *
    */
   public byte[] encode(byte[] mHash, int emBits, byte[] salt)
   {
     int sLen = salt.length;
-
     // 1. If the length of M is greater than the input limitation for the hash
     // function (2**61 - 1 octets for SHA-1) then output "message too long"
     // and stop.
     // 2. Let mHash = Hash(M), an octet string of length hLen.
     if (hLen != mHash.length)
-      {
-        throw new IllegalArgumentException("wrong hash");
-      }
+      throw new IllegalArgumentException("wrong hash");
     // 3. If emBits < 8.hLen + 8.sLen + 9, output 'encoding error' and stop.
     if (emBits < (8 * hLen + 8 * sLen + 9))
-      {
-        throw new IllegalArgumentException("encoding error");
-      }
+      throw new IllegalArgumentException("encoding error");
     int emLen = (emBits + 7) / 8;
     // 4. Generate a random octet string salt of length sLen; if sLen = 0,
     // then salt is the empty string.
@@ -187,9 +153,8 @@ public class EMSA_PSS implements Cloneable
     synchronized (hash)
       {
         for (i = 0; i < 8; i++)
-          {
-            hash.update((byte) 0x00);
-          }
+          hash.update((byte) 0x00);
+
         hash.update(mHash, 0, hLen);
         hash.update(salt, 0, sLen);
         H = hash.digest();
@@ -202,16 +167,14 @@ public class EMSA_PSS implements Cloneable
     System.arraycopy(salt, 0, DB, emLen - sLen - hLen - 1, sLen);
     // 9. Let dbMask = MGF(H, emLen - hLen - 1).
     byte[] dbMask = MGF(H, emLen - hLen - 1);
-    if (DEBUG && debuglevel > 8)
+    if (Configuration.DEBUG)
       {
-        debug("dbMask (encode): " + Util.toString(dbMask));
-        debug("DB (encode): " + Util.toString(DB));
+        log.fine("dbMask (encode): " + Util.toString(dbMask));
+        log.fine("DB (encode): " + Util.toString(DB));
       }
     // 10. Let maskedDB = DB XOR dbMask.
     for (i = 0; i < DB.length; i++)
-      {
-        DB[i] = (byte) (DB[i] ^ dbMask[i]);
-      }
+      DB[i] = (byte)(DB[i] ^ dbMask[i]);
     // 11. Set the leftmost 8emLen - emBits bits of the leftmost octet in
     // maskedDB to zero.
     DB[0] &= (0xFF >>> (8 * emLen - emBits));
@@ -226,14 +189,14 @@ public class EMSA_PSS implements Cloneable
   }
 
   /**
-   * <p>The decoding operation EMSA-PSS-Decode recovers the message hash from
-   * an encoded message <code>EM</code> and compares it to the hash of
-   * <code>M</code>.</p>
-   *
+   * The decoding operation EMSA-PSS-Decode recovers the message hash from an
+   * encoded message <code>EM</code> and compares it to the hash of
+   * <code>M</code>.
+   * 
    * @param mHash the byte sequence resulting from applying the message digest
-   * algorithm Hash to the message <i>M</i>.
+   *          algorithm Hash to the message <i>M</i>.
    * @param EM the <i>encoded message</i>, an octet string of length
-   * <code>emLen = CEILING(emBits/8).
+   *          <code>emLen = CEILING(emBits/8).
    * @param emBits the maximal bit length of the integer OS2IP(EM), at least
    * <code>8.hLen + 8.sLen + 9</code>.
    * @param sLen the length, in octets, of the expected salt.
@@ -244,60 +207,50 @@ public class EMSA_PSS implements Cloneable
    */
   public boolean decode(byte[] mHash, byte[] EM, int emBits, int sLen)
   {
-    if (DEBUG && debuglevel > 8)
+    if (Configuration.DEBUG)
       {
-        debug("mHash: " + Util.toString(mHash));
-        debug("EM: " + Util.toString(EM));
-        debug("emBits: " + String.valueOf(emBits));
-        debug("sLen: " + String.valueOf(sLen));
+        log.fine("mHash: " + Util.toString(mHash));
+        log.fine("EM: " + Util.toString(EM));
+        log.fine("emBits: " + String.valueOf(emBits));
+        log.fine("sLen: " + String.valueOf(sLen));
       }
     if (sLen < 0)
-      {
-        throw new IllegalArgumentException("sLen");
-      }
-
+      throw new IllegalArgumentException("sLen");
     // 1. If the length of M is greater than the input limitation for the hash
-    //    function (2**61 ? 1 octets for SHA-1) then output 'inconsistent' and
-    //    stop.
+    // function (2**61 ? 1 octets for SHA-1) then output 'inconsistent' and
+    // stop.
     // 2. Let mHash = Hash(M), an octet string of length hLen.
     if (hLen != mHash.length)
       {
-        if (DEBUG && debuglevel > 8)
-          {
-            debug("hLen != mHash.length; hLen: " + String.valueOf(hLen));
-          }
+        if (Configuration.DEBUG)
+          log.fine("hLen != mHash.length; hLen: " + String.valueOf(hLen));
         throw new IllegalArgumentException("wrong hash");
       }
     // 3. If emBits < 8.hLen + 8.sLen + 9, output 'decoding error' and stop.
     if (emBits < (8 * hLen + 8 * sLen + 9))
       {
-        if (DEBUG && debuglevel > 8)
-          {
-            debug("emBits < (8hLen + 8sLen + 9); sLen: " + String.valueOf(sLen));
-          }
+        if (Configuration.DEBUG)
+          log.fine("emBits < (8hLen + 8sLen + 9); sLen: "
+                   + String.valueOf(sLen));
         throw new IllegalArgumentException("decoding error");
       }
     int emLen = (emBits + 7) / 8;
     // 4. If the rightmost octet of EM does not have hexadecimal value bc,
-    //    output 'inconsistent' and stop.
+    // output 'inconsistent' and stop.
     if ((EM[EM.length - 1] & 0xFF) != 0xBC)
       {
-        if (DEBUG && debuglevel > 8)
-          {
-            debug("EM does not end with 0xBC");
-          }
+        if (Configuration.DEBUG)
+          log.fine("EM does not end with 0xBC");
         return false;
       }
     // 5. Let maskedDB be the leftmost emLen ? hLen ? 1 octets of EM, and let
-    //    H be the next hLen octets.
+    // H be the next hLen octets.
     // 6. If the leftmost 8.emLen ? emBits bits of the leftmost octet in
-    //    maskedDB are not all equal to zero, output 'inconsistent' and stop.
+    // maskedDB are not all equal to zero, output 'inconsistent' and stop.
     if ((EM[0] & (0xFF << (8 - (8 * emLen - emBits)))) != 0)
       {
-        if (DEBUG && debuglevel > 8)
-          {
-            debug("Leftmost 8emLen - emBits bits of EM are not 0s");
-          }
+        if (Configuration.DEBUG)
+          log.fine("Leftmost 8emLen - emBits bits of EM are not 0s");
         return false;
       }
     byte[] DB = new byte[emLen - hLen - 1];
@@ -309,56 +262,48 @@ public class EMSA_PSS implements Cloneable
     // 8. Let DB = maskedDB XOR dbMask.
     int i;
     for (i = 0; i < DB.length; i++)
-      {
-        DB[i] = (byte) (DB[i] ^ dbMask[i]);
-      }
+      DB[i] = (byte)(DB[i] ^ dbMask[i]);
     // 9. Set the leftmost 8.emLen ? emBits bits of DB to zero.
     DB[0] &= (0xFF >>> (8 * emLen - emBits));
-    if (DEBUG && debuglevel > 8)
+    if (Configuration.DEBUG)
       {
-        debug("dbMask (decode): " + Util.toString(dbMask));
-        debug("DB (decode): " + Util.toString(DB));
+        log.fine("dbMask (decode): " + Util.toString(dbMask));
+        log.fine("DB (decode): " + Util.toString(DB));
       }
     // 10. If the emLen -hLen -sLen -2 leftmost octets of DB are not zero or
-    //     if the octet at position emLen -hLen -sLen -1 is not equal to 0x01,
-    //     output 'inconsistent' and stop.
+    // if the octet at position emLen -hLen -sLen -1 is not equal to 0x01,
+    // output 'inconsistent' and stop.
     // IMPORTANT (rsn): this is an error in the specs, the index of the 0x01
-    // byte should be emLen -hLen -sLen -2 and not -1! authors have been
-    // advised
+    // byte should be emLen -hLen -sLen -2 and not -1! authors have been advised
     for (i = 0; i < (emLen - hLen - sLen - 2); i++)
       {
         if (DB[i] != 0)
           {
-            if (DEBUG && debuglevel > 8)
-              {
-                debug("DB[" + String.valueOf(i) + "] != 0x00");
-              }
+            if (Configuration.DEBUG)
+              log.fine("DB[" + String.valueOf(i) + "] != 0x00");
             return false;
           }
       }
     if (DB[i] != 0x01)
       { // i == emLen -hLen -sLen -2
-        if (DEBUG && debuglevel > 8)
-          {
-            debug("DB's byte at position (emLen -hLen -sLen -2); i.e. "
-                  + String.valueOf(i) + " is not 0x01");
-          }
+        if (Configuration.DEBUG)
+          log.fine("DB's byte at position (emLen -hLen -sLen -2); i.e. "
+                   + String.valueOf(i) + " is not 0x01");
         return false;
       }
     // 11. Let salt be the last sLen octets of DB.
     byte[] salt = new byte[sLen];
     System.arraycopy(DB, DB.length - sLen, salt, 0, sLen);
     // 12. Let M0 = 00 00 00 00 00 00 00 00 || mHash || salt;
-    //     M0 is an octet string of length 8 + hLen + sLen with eight initial
-    //     zero octets.
+    // M0 is an octet string of length 8 + hLen + sLen with eight initial
+    // zero octets.
     // 13. Let H0 = Hash(M0), an octet string of length hLen.
     byte[] H0;
     synchronized (hash)
       {
         for (i = 0; i < 8; i++)
-          {
-            hash.update((byte) 0x00);
-          }
+          hash.update((byte) 0x00);
+
         hash.update(mHash, 0, hLen);
         hash.update(salt, 0, sLen);
         H0 = hash.digest();
@@ -367,34 +312,30 @@ public class EMSA_PSS implements Cloneable
     return Arrays.equals(H, H0);
   }
 
-  // helper methods ----------------------------------------------------------
-
   /**
-   * <p>A mask generation function takes an octet string of variable length
-   * and a desired output length as input, and outputs an octet string of the
-   * desired length. There may be restrictions on the length of the input and
-   * output octet strings, but such bounds are generally very large. Mask
-   * generation functions are deterministic; the octet string output is
-   * completely determined by the input octet string. The output of a mask
-   * generation function should be pseudorandom, that is, it should be
-   * infeasible to predict, given one part of the output but not the input,
-   * another part of the output. The provable security of RSA-PSS relies on
-   * the random nature of the output of the mask generation function, which in
-   * turn relies on the random nature of the underlying hash function.</p>
-   *
+   * A mask generation function takes an octet string of variable length and a
+   * desired output length as input, and outputs an octet string of the desired
+   * length. There may be restrictions on the length of the input and output
+   * octet strings, but such bounds are generally very large. Mask generation
+   * functions are deterministic; the octet string output is completely
+   * determined by the input octet string. The output of a mask generation
+   * function should be pseudorandom, that is, it should be infeasible to
+   * predict, given one part of the output but not the input, another part of
+   * the output. The provable security of RSA-PSS relies on the random nature of
+   * the output of the mask generation function, which in turn relies on the
+   * random nature of the underlying hash function.
+   * 
    * @param Z a seed.
    * @param l the desired output length in octets.
    * @return the mask.
    * @exception IllegalArgumentException if the desired output length is too
-   * long.
+   *              long.
    */
   private byte[] MGF(byte[] Z, int l)
   {
     // 1. If l > (2**32).hLen, output 'mask too long' and stop.
     if (l < 1 || (l & 0xFFFFFFFFL) > ((hLen & 0xFFFFFFFFL) << 32L))
-      {
-        throw new IllegalArgumentException("mask too long");
-      }
+      throw new IllegalArgumentException("mask too long");
     // 2. Let T be the empty octet string.
     byte[] result = new byte[l];
     // 3. For i = 0 to CEILING(l/hLen) ? 1, do
@@ -409,14 +350,14 @@ public class EMSA_PSS implements Cloneable
     int length;
     for (int i = 0; i < limit; i++)
       {
-        //    3.1 Convert i to an octet string C of length 4 with the primitive
-        //        I2OSP: C = I2OSP(i, 4).
-        //    3.2 Concatenate the hash of the seed Z and C to the octet string T:
-        //        T = T || Hash(Z || C)
+        // 3.1 Convert i to an octet string C of length 4 with the primitive
+        // I2OSP: C = I2OSP(i, 4).
+        // 3.2 Concatenate the hash of the seed Z and C to the octet string T:
+        // T = T || Hash(Z || C)
         hashZC = (IMessageDigest) hashZ.clone();
-        hashZC.update((byte) (i >>> 24));
-        hashZC.update((byte) (i >>> 16));
-        hashZC.update((byte) (i >>> 8));
+        hashZC.update((byte)(i >>> 24));
+        hashZC.update((byte)(i >>> 16));
+        hashZC.update((byte)(i >>> 8));
         hashZC.update((byte) i);
         t = hashZC.digest();
         length = l - sofar;
diff --git a/libjava/classpath/gnu/java/security/sig/rsa/RSA.java b/libjava/classpath/gnu/java/security/sig/rsa/RSA.java
index 7d1707e195d..cdd9eaa5b8a 100644
--- a/libjava/classpath/gnu/java/security/sig/rsa/RSA.java
+++ b/libjava/classpath/gnu/java/security/sig/rsa/RSA.java
@@ -49,31 +49,26 @@ import java.security.interfaces.RSAPrivateKey;
 import java.security.interfaces.RSAPublicKey;
 
 /**
- * <p>Utility methods related to the RSA algorithm.</p>
- *
- * <p>References:</p>
+ * Utility methods related to the RSA algorithm.
+ * <p>
+ * References:
  * <ol>
- *    <li><a href="http://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/rsa-pss.zip">
- *    RSA-PSS Signature Scheme with Appendix, part B.</a><br>
- *    Primitive specification and supporting documentation.<br>
- *    Jakob Jonsson and Burt Kaliski.</li>
- *
- *    <li><a href="http://www.ietf.org/rfc/rfc3447.txt">Public-Key Cryptography
- *    Standards (PKCS) #1:</a><br>
- *    RSA Cryptography Specifications Version 2.1.<br>
- *    Jakob Jonsson and Burt Kaliski.</li>
- *
- *    <li><a href="http://crypto.stanford.edu/~dabo/abstracts/ssl-timing.html">
- *    Remote timing attacks are practical</a><br>
- *    D. Boneh and D. Brumley.</li>
+ * <li><a
+ * href="http://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/rsa-pss.zip">
+ * RSA-PSS Signature Scheme with Appendix, part B.</a><br>
+ * Primitive specification and supporting documentation.<br>
+ * Jakob Jonsson and Burt Kaliski.</li>
+ * <li><a href="http://www.ietf.org/rfc/rfc3447.txt">Public-Key Cryptography
+ * Standards (PKCS) #1:</a><br>
+ * RSA Cryptography Specifications Version 2.1.<br>
+ * Jakob Jonsson and Burt Kaliski.</li>
+ * <li><a href="http://crypto.stanford.edu/~dabo/abstracts/ssl-timing.html">
+ * Remote timing attacks are practical</a><br>
+ * D. Boneh and D. Brumley.</li>
  * </ol>
  */
 public class RSA
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   private static final BigInteger ZERO = BigInteger.ZERO;
 
   private static final BigInteger ONE = BigInteger.ONE;
@@ -81,37 +76,28 @@ public class RSA
   /** Our default source of randomness. */
   private static final PRNG prng = PRNG.getInstance();
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial private constructor to enforce Singleton pattern. */
   private RSA()
   {
     super();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Signature and verification methods --------------------------------------
-
   /**
-   * <p>An implementation of the <b>RSASP</b> method: Assuming that the
-   * designated RSA private key is a valid one, this method computes a
-   * <i>signature representative</i> for a designated <i>message
-   * representative</i> signed by the holder of the designated RSA private
-   * key.<p>
-   *
+   * An implementation of the <b>RSASP</b> method: Assuming that the designated
+   * RSA private key is a valid one, this method computes a <i>signature
+   * representative</i> for a designated <i>message representative</i> signed
+   * by the holder of the designated RSA private key.
+   * 
    * @param K the RSA private key.
    * @param m the <i>message representative</i>: an integer between
-   * <code>0</code> and <code>n - 1</code>, where <code>n</code> is the RSA
-   * <i>modulus</i>.
+   *          <code>0</code> and <code>n - 1</code>, where <code>n</code>
+   *          is the RSA <i>modulus</i>.
    * @return the <i>signature representative</i>, an integer between
-   * <code>0</code> and <code>n - 1</code>, where <code>n</code> is the RSA
-   * <i>modulus</i>.
+   *         <code>0</code> and <code>n - 1</code>, where <code>n</code>
+   *         is the RSA <i>modulus</i>.
    * @throws ClassCastException if <code>K</code> is not an RSA one.
    * @throws IllegalArgumentException if <code>m</code> (the <i>message
-   * representative</i>) is out of range.
+   *           representative</i>) is out of range.
    */
   public static final BigInteger sign(final PrivateKey K, final BigInteger m)
   {
@@ -121,27 +107,27 @@ public class RSA
       }
     catch (IllegalArgumentException x)
       {
-        throw new IllegalArgumentException(
-                                           "message representative out of range");
+        throw new IllegalArgumentException("message representative out of range");
       }
   }
 
   /**
-   * <p>An implementation of the <b>RSAVP</b> method: Assuming that the
-   * designated RSA public key is a valid one, this method computes a
-   * <i>message representative</i> for the designated <i>signature
-   * representative</i> generated by an RSA private key, for a message
-   * intended for the holder of the designated RSA public key.</p>
-   *
+   * An implementation of the <b>RSAVP</b> method: Assuming that the designated
+   * RSA public key is a valid one, this method computes a <i>message
+   * representative</i> for the designated <i>signature representative</i>
+   * generated by an RSA private key, for a message intended for the holder of
+   * the designated RSA public key.
+   * 
    * @param K the RSA public key.
    * @param s the <i>signature representative</i>, an integer between
-   * <code>0</code> and <code>n - 1</code>, where <code>n</code> is the RSA
-   * <i>modulus</i>.
+   *          <code>0</code> and <code>n - 1</code>, where <code>n</code>
+   *          is the RSA <i>modulus</i>.
    * @return a <i>message representative</i>: an integer between <code>0</code>
-   * and <code>n - 1</code>, where <code>n</code> is the RSA <i>modulus</i>.
+   *         and <code>n - 1</code>, where <code>n</code> is the RSA
+   *         <i>modulus</i>.
    * @throws ClassCastException if <code>K</code> is not an RSA one.
    * @throws IllegalArgumentException if <code>s</code> (the <i>signature
-   * representative</i>) is out of range.
+   *           representative</i>) is out of range.
    */
   public static final BigInteger verify(final PublicKey K, final BigInteger s)
   {
@@ -151,25 +137,24 @@ public class RSA
       }
     catch (IllegalArgumentException x)
       {
-        throw new IllegalArgumentException(
-                                           "signature representative out of range");
+        throw new IllegalArgumentException("signature representative out of range");
       }
   }
 
-  // Encryption and decryption methods ---------------------------------------
-
   /**
-   * <p>An implementation of the <code>RSAEP</code> algorithm.</p>
-   *
+   * An implementation of the <code>RSAEP</code> algorithm.
+   * 
    * @param K the recipient's RSA public key.
    * @param m the message representative as an MPI.
    * @return the resulting MPI --an MPI between <code>0</code> and
-   * <code>n - 1</code> (<code>n</code> being the public shared modulus)-- that
-   * will eventually be padded with an appropriate framing/padding scheme.
+   *         <code>n - 1</code> (<code>n</code> being the public shared
+   *         modulus)-- that will eventually be padded with an appropriate
+   *         framing/padding scheme.
    * @throws ClassCastException if <code>K</code> is not an RSA one.
    * @throws IllegalArgumentException if <code>m</code>, the message
-   * representative is not between <code>0</code> and <code>n - 1</code>
-   * (<code>n</code> being the public shared modulus).
+   *           representative is not between <code>0</code> and
+   *           <code>n - 1</code> (<code>n</code> being the public shared
+   *           modulus).
    */
   public static final BigInteger encrypt(final PublicKey K, final BigInteger m)
   {
@@ -179,22 +164,23 @@ public class RSA
       }
     catch (IllegalArgumentException x)
       {
-        throw new IllegalArgumentException(
-                                           "message representative out of range");
+        throw new IllegalArgumentException("message representative out of range");
       }
   }
 
   /**
-   * <p>An implementation of the <code>RSADP</code> algorithm.</p>
-   *
+   * An implementation of the <code>RSADP</code> algorithm.
+   * 
    * @param K the recipient's RSA private key.
    * @param c the ciphertext representative as an MPI.
    * @return the message representative, an MPI between <code>0</code> and
-   * <code>n - 1</code> (<code>n</code> being the shared public modulus).
+   *         <code>n - 1</code> (<code>n</code> being the shared public
+   *         modulus).
    * @throws ClassCastException if <code>K</code> is not an RSA one.
    * @throws IllegalArgumentException if <code>c</code>, the ciphertext
-   * representative is not between <code>0</code> and <code>n - 1</code>
-   * (<code>n</code> being the shared public modulus).
+   *           representative is not between <code>0</code> and
+   *           <code>n - 1</code> (<code>n</code> being the shared public
+   *           modulus).
    */
   public static final BigInteger decrypt(final PrivateKey K, final BigInteger c)
   {
@@ -204,22 +190,19 @@ public class RSA
       }
     catch (IllegalArgumentException x)
       {
-        throw new IllegalArgumentException(
-                                           "ciphertext representative out of range");
+        throw new IllegalArgumentException("ciphertext representative out of range");
       }
   }
 
-  // Conversion methods ------------------------------------------------------
-
   /**
-   * <p>Converts a <i>multi-precision integer</i> (MPI) <code>s</code> into an
-   * octet sequence of length <code>k</code>.</p>
-   *
+   * Converts a <i>multi-precision integer</i> (MPI) <code>s</code> into an
+   * octet sequence of length <code>k</code>.
+   * 
    * @param s the multi-precision integer to convert.
    * @param k the length of the output.
    * @return the result of the transform.
    * @exception IllegalArgumentException if the length in octets of meaningful
-   * bytes of <code>s</code> is greater than <code>k</code>.
+   *              bytes of <code>s</code> is greater than <code>k</code>.
    */
   public static final byte[] I2OSP(final BigInteger s, final int k)
   {
@@ -236,9 +219,7 @@ public class RSA
         for (int i = 0; i < limit; i++)
           {
             if (result[i] != 0x00)
-              {
-                throw new IllegalArgumentException("integer too large");
-              }
+              throw new IllegalArgumentException("integer too large");
           }
         final byte[] newResult = new byte[k];
         System.arraycopy(result, limit, newResult, 0, k);
@@ -247,17 +228,13 @@ public class RSA
     return result;
   }
 
-  // helper methods ----------------------------------------------------------
-
   private static final BigInteger RSAEP(final RSAPublicKey K, final BigInteger m)
   {
     // 1. If the representative m is not between 0 and n - 1, output
-    //    "representative out of range" and stop.
+    // "representative out of range" and stop.
     final BigInteger n = K.getModulus();
     if (m.compareTo(ZERO) < 0 || m.compareTo(n.subtract(ONE)) > 0)
-      {
-        throw new IllegalArgumentException();
-      }
+      throw new IllegalArgumentException();
     // 2. Let c = m^e mod n.
     final BigInteger e = K.getPublicExponent();
     final BigInteger result = m.modPow(e, n);
@@ -268,16 +245,13 @@ public class RSA
   private static final BigInteger RSADP(final RSAPrivateKey K, BigInteger c)
   {
     // 1. If the representative c is not between 0 and n - 1, output
-    //    "representative out of range" and stop.
+    // "representative out of range" and stop.
     final BigInteger n = K.getModulus();
     if (c.compareTo(ZERO) < 0 || c.compareTo(n.subtract(ONE)) > 0)
-      {
-        throw new IllegalArgumentException();
-      }
-
+      throw new IllegalArgumentException();
     // 2. The representative m is computed as follows.
     BigInteger result;
-    if (!(K instanceof RSAPrivateCrtKey))
+    if (! (K instanceof RSAPrivateCrtKey))
       {
         // a. If the first form (n, d) of K is used, let m = c^d mod n.
         final BigInteger d = K.getPrivateExponent();
@@ -303,38 +277,32 @@ public class RSA
             final BigInteger x = r.modPow(e, n).multiply(c).mod(n);
             c = x;
           }
-
         // b. If the second form (p, q, dP, dQ, qInv) and (r_i, d_i, t_i)
-        //    of K is used, proceed as follows:
+        // of K is used, proceed as follows:
         final BigInteger p = ((RSAPrivateCrtKey) K).getPrimeP();
         final BigInteger q = ((RSAPrivateCrtKey) K).getPrimeQ();
         final BigInteger dP = ((RSAPrivateCrtKey) K).getPrimeExponentP();
         final BigInteger dQ = ((RSAPrivateCrtKey) K).getPrimeExponentQ();
         final BigInteger qInv = ((RSAPrivateCrtKey) K).getCrtCoefficient();
-
-        // i.    Let m_1 = c^dP mod p and m_2 = c^dQ mod q.
+        // i. Let m_1 = c^dP mod p and m_2 = c^dQ mod q.
         final BigInteger m_1 = c.modPow(dP, p);
         final BigInteger m_2 = c.modPow(dQ, q);
-        // ii.   If u > 2, let m_i = c^(d_i) mod r_i, i = 3, ..., u.
-        // iii.  Let h = (m_1 - m_2) * qInv mod p.
+        // ii. If u > 2, let m_i = c^(d_i) mod r_i, i = 3, ..., u.
+        // iii. Let h = (m_1 - m_2) * qInv mod p.
         final BigInteger h = m_1.subtract(m_2).multiply(qInv).mod(p);
-        // iv.   Let m = m_2 + q * h.
+        // iv. Let m = m_2 + q * h.
         result = m_2.add(q.multiply(h));
-
-        if (rsaBlinding)
-          { // post-decryption
-            result = result.multiply(r.modInverse(n)).mod(n);
-          }
+        if (rsaBlinding) // post-decryption
+          result = result.multiply(r.modInverse(n)).mod(n);
       }
-
     // 3. Output m
     return result;
   }
 
   /**
-   * <p>Returns a random MPI with a random bit-length of the form <code>8b</code>,
-   * where <code>b</code> is in the range <code>[32..64]</code>.</p>
-   *
+   * Returns a random MPI with a random bit-length of the form <code>8b</code>,
+   * where <code>b</code> is in the range <code>[32..64]</code>.
+   * 
    * @return a random MPI whose length in bytes is between 32 and 64 inclusive.
    */
   private static final BigInteger newR(final BigInteger N)
diff --git a/libjava/classpath/gnu/java/security/sig/rsa/RSAPKCS1V1_5Signature.java b/libjava/classpath/gnu/java/security/sig/rsa/RSAPKCS1V1_5Signature.java
index e64d30b6937..76460c0cafa 100644
--- a/libjava/classpath/gnu/java/security/sig/rsa/RSAPKCS1V1_5Signature.java
+++ b/libjava/classpath/gnu/java/security/sig/rsa/RSAPKCS1V1_5Signature.java
@@ -51,35 +51,29 @@ import java.security.interfaces.RSAPublicKey;
 import java.util.Arrays;
 
 /**
- * <p>The RSA-PKCS1-V1.5 signature scheme is a digital signature scheme with
+ * The RSA-PKCS1-V1.5 signature scheme is a digital signature scheme with
  * appendix (SSA) combining the RSA algorithm with the EMSA-PKCS1-v1_5 encoding
- * method.</p>
- *
- * <p>References:</p>
+ * method.
+ * <p>
+ * References:
  * <ol>
- *    <li><a href="http://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/rsa-pss.zip">
- *    RSA-PSS Signature Scheme with Appendix, part B.</a><br>
- *    Primitive specification and supporting documentation.<br>
- *    Jakob Jonsson and Burt Kaliski.</li>
- *
- *    <li><a href="http://www.ietf.org/rfc/rfc3447.txt">Public-Key Cryptography
- *    Standards (PKCS) #1:</a><br>
- *    RSA Cryptography Specifications Version 2.1.<br>
- *    Jakob Jonsson and Burt Kaliski.</li>
+ * <li><a
+ * href="http://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/rsa-pss.zip">
+ * RSA-PSS Signature Scheme with Appendix, part B.</a><br>
+ * Primitive specification and supporting documentation.<br>
+ * Jakob Jonsson and Burt Kaliski.</li>
+ * <li><a href="http://www.ietf.org/rfc/rfc3447.txt">Public-Key Cryptography
+ * Standards (PKCS) #1:</a><br>
+ * RSA Cryptography Specifications Version 2.1.<br>
+ * Jakob Jonsson and Burt Kaliski.</li>
  * </ol>
  */
-public class RSAPKCS1V1_5Signature extends BaseSignature
+public class RSAPKCS1V1_5Signature
+    extends BaseSignature
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** The underlying EMSA-PKCS1-v1.5 instance for this object. */
   private EMSA_PKCS1_V1_5 pkcs1;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
    * Default 0-arguments constructor. Uses SHA-1 as the default hash.
    */
@@ -89,9 +83,9 @@ public class RSAPKCS1V1_5Signature extends BaseSignature
   }
 
   /**
-   * <p>Constructs an instance of this object using the designated message
-   * digest algorithm as its underlying hash function.</p>
-   *
+   * Constructs an instance of this object using the designated message digest
+   * algorithm as its underlying hash function.
+   * 
    * @param mdName the canonical name of the underlying hash function.
    */
   public RSAPKCS1V1_5Signature(final String mdName)
@@ -117,14 +111,6 @@ public class RSAPKCS1V1_5Signature extends BaseSignature
     this.pkcs1 = (EMSA_PKCS1_V1_5) that.pkcs1.clone();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // Implementation of abstract methods in superclass ------------------------
-
   public Object clone()
   {
     return new RSAPKCS1V1_5Signature(this);
@@ -133,49 +119,46 @@ public class RSAPKCS1V1_5Signature extends BaseSignature
   protected void setupForVerification(final PublicKey k)
       throws IllegalArgumentException
   {
-    if (!(k instanceof RSAPublicKey))
-      {
-        throw new IllegalArgumentException();
-      }
+    if (! (k instanceof RSAPublicKey))
+      throw new IllegalArgumentException();
+
     publicKey = k;
   }
 
   protected void setupForSigning(final PrivateKey k)
       throws IllegalArgumentException
   {
-    if (!(k instanceof RSAPrivateKey))
-      {
-        throw new IllegalArgumentException();
-      }
+    if (! (k instanceof RSAPrivateKey))
+      throw new IllegalArgumentException();
+
     privateKey = k;
   }
 
   protected Object generateSignature() throws IllegalStateException
   {
     // 1. EMSA-PKCS1-v1_5 encoding: Apply the EMSA-PKCS1-v1_5 encoding
-    //    operation (Section 9.2) to the message M to produce an encoded
-    //    message EM of length k octets:
+    // operation (Section 9.2) to the message M to produce an encoded
+    // message EM of length k octets:
     //
-    //    EM = EMSA-PKCS1-V1_5-ENCODE (M, k).
+    // EM = EMSA-PKCS1-V1_5-ENCODE (M, k).
     //
-    //    If the encoding operation outputs "message too long," output
-    //    "message too long" and stop.  If the encoding operation outputs
-    //    "intended encoded message length too short," output "RSA modulus
-    //    too short" and stop.
+    // If the encoding operation outputs "message too long," output
+    // "message too long" and stop. If the encoding operation outputs
+    // "intended encoded message length too short," output "RSA modulus
+    // too short" and stop.
     final int modBits = ((RSAPrivateKey) privateKey).getModulus().bitLength();
     final int k = (modBits + 7) / 8;
     final byte[] EM = pkcs1.encode(md.digest(), k);
-
     // 2. RSA signature:
-    //    a. Convert the encoded message EM to an integer message epresentative
-    //       m (see Section 4.2):  m = OS2IP (EM).
+    // a. Convert the encoded message EM to an integer message epresentative
+    // m (see Section 4.2): m = OS2IP (EM).
     final BigInteger m = new BigInteger(1, EM);
-    //    b. Apply the RSASP1 signature primitive (Section 5.2.1) to the RSA
-    //       private key K and the message representative m to produce an
-    //       integer signature representative s:  s = RSASP1 (K, m).
+    // b. Apply the RSASP1 signature primitive (Section 5.2.1) to the RSA
+    // private key K and the message representative m to produce an
+    // integer signature representative s: s = RSASP1 (K, m).
     final BigInteger s = RSA.sign(privateKey, m);
-    //    c. Convert the signature representative s to a signature S of length
-    //       k octets (see Section 4.1):  S = I2OSP (s, k).
+    // c. Convert the signature representative s to a signature S of length
+    // k octets (see Section 4.1): S = I2OSP (s, k).
     // 3. Output the signature S.
     return RSA.I2OSP(s, k);
   }
@@ -184,28 +167,24 @@ public class RSAPKCS1V1_5Signature extends BaseSignature
       throws IllegalStateException
   {
     if (publicKey == null)
-      {
-        throw new IllegalStateException();
-      }
+      throw new IllegalStateException();
     final byte[] S = (byte[]) sig;
     // 1. Length checking: If the length of the signature S is not k octets,
-    //    output "invalid signature" and stop.
+    // output "invalid signature" and stop.
     final int modBits = ((RSAPublicKey) publicKey).getModulus().bitLength();
     final int k = (modBits + 7) / 8;
     if (S.length != k)
-      {
-        return false;
-      }
+      return false;
     // 2. RSA verification:
-    //    a. Convert the signature S to an integer signature representative
-    //       s (see Section 4.2): s = OS2IP (S).
+    // a. Convert the signature S to an integer signature representative
+    // s (see Section 4.2): s = OS2IP (S).
     final BigInteger s = new BigInteger(1, S);
-    //    b. Apply the RSAVP1 verification primitive (Section 5.2.2) to the
-    //       RSA public key (n, e) and the signature representative s to
-    //       produce an integer message representative m:
-    //          m = RSAVP1 ((n, e), s).
-    //       If RSAVP1 outputs "signature representative out of range,"
-    //       output "invalid signature" and stop.
+    // b. Apply the RSAVP1 verification primitive (Section 5.2.2) to the
+    // RSA public key (n, e) and the signature representative s to
+    // produce an integer message representative m:
+    // m = RSAVP1 ((n, e), s).
+    // If RSAVP1 outputs "signature representative out of range,"
+    // output "invalid signature" and stop.
     final BigInteger m;
     try
       {
@@ -215,10 +194,10 @@ public class RSAPKCS1V1_5Signature extends BaseSignature
       {
         return false;
       }
-    //    c. Convert the message representative m to an encoded message EM
-    //       of length k octets (see Section 4.1): EM = I2OSP (m, k).
-    //       If I2OSP outputs "integer too large," output "invalid signature"
-    //       and stop.
+    // c. Convert the message representative m to an encoded message EM
+    // of length k octets (see Section 4.1): EM = I2OSP (m, k).
+    // If I2OSP outputs "integer too large," output "invalid signature"
+    // and stop.
     final byte[] EM;
     try
       {
@@ -229,17 +208,17 @@ public class RSAPKCS1V1_5Signature extends BaseSignature
         return false;
       }
     // 3. EMSA-PKCS1-v1_5 encoding: Apply the EMSA-PKCS1-v1_5 encoding
-    //    operation (Section 9.2) to the message M to produce a second
-    //    encoded message EM' of length k octets:
-    //       EM' = EMSA-PKCS1-V1_5-ENCODE (M, k).
-    //    If the encoding operation outputs "message too long," output
-    //    "message too long" and stop.  If the encoding operation outputs
-    //    "intended encoded message length too short," output "RSA modulus
-    //    too short" and stop.
+    // operation (Section 9.2) to the message M to produce a second
+    // encoded message EM' of length k octets:
+    // EM' = EMSA-PKCS1-V1_5-ENCODE (M, k).
+    // If the encoding operation outputs "message too long," output
+    // "message too long" and stop. If the encoding operation outputs
+    // "intended encoded message length too short," output "RSA modulus
+    // too short" and stop.
     final byte[] EMp = pkcs1.encode(md.digest(), k);
     // 4. Compare the encoded message EM and the second encoded message EM'.
-    //    If they are the same, output "valid signature"; otherwise, output
-    //    "invalid signature."
+    // If they are the same, output "valid signature"; otherwise, output
+    // "invalid signature."
     return Arrays.equals(EM, EMp);
   }
 }
diff --git a/libjava/classpath/gnu/java/security/sig/rsa/RSAPSSSignature.java b/libjava/classpath/gnu/java/security/sig/rsa/RSAPSSSignature.java
index 7ec62568a98..27c7fe620fd 100644
--- a/libjava/classpath/gnu/java/security/sig/rsa/RSAPSSSignature.java
+++ b/libjava/classpath/gnu/java/security/sig/rsa/RSAPSSSignature.java
@@ -38,60 +38,44 @@ exception statement from your version.  */
 
 package gnu.java.security.sig.rsa;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.Registry;
 import gnu.java.security.hash.HashFactory;
 import gnu.java.security.hash.IMessageDigest;
 import gnu.java.security.sig.BaseSignature;
 import gnu.java.security.util.Util;
 
-import java.io.PrintWriter;
 import java.math.BigInteger;
 import java.security.PrivateKey;
 import java.security.PublicKey;
 import java.security.interfaces.RSAPrivateKey;
 import java.security.interfaces.RSAPublicKey;
+import java.util.logging.Logger;
 
 /**
- * <p>The RSA-PSS signature scheme is a public-key encryption scheme combining
- * the RSA algorithm with the Probabilistic Signature Scheme (PSS) encoding
- * method.</p>
- *
- * <p>The inventors of RSA are Ronald L. Rivest, Adi Shamir, and Leonard Adleman,
+ * The RSA-PSS signature scheme is a public-key encryption scheme combining the
+ * RSA algorithm with the Probabilistic Signature Scheme (PSS) encoding method.
+ * <p>
+ * The inventors of RSA are Ronald L. Rivest, Adi Shamir, and Leonard Adleman,
  * while the inventors of the PSS encoding method are Mihir Bellare and Phillip
  * Rogaway. During efforts to adopt RSA-PSS into the P1363a standards effort,
  * certain adaptations to the original version of RSA-PSS were made by Mihir
  * Bellare and Phillip Rogaway and also by Burt Kaliski (the editor of IEEE
- * P1363a) to facilitate implementation and integration into existing protocols.</p>
- *
- * <p>References:</pr>
+ * P1363a) to facilitate implementation and integration into existing protocols.
+ * <p>
+ * References:
  * <ol>
- *    <li><a href="http://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/rsa-pss.zip">
- *    RSA-PSS Signature Scheme with Appendix, part B.</a><br>
- *    Primitive specification and supporting documentation.<br>
- *    Jakob Jonsson and Burt Kaliski.</li>
+ * <li><a
+ * href="http://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/rsa-pss.zip">
+ * RSA-PSS Signature Scheme with Appendix, part B.</a><br>
+ * Primitive specification and supporting documentation.<br>
+ * Jakob Jonsson and Burt Kaliski.</li>
  * </ol>
  */
-public class RSAPSSSignature extends BaseSignature
+public class RSAPSSSignature
+    extends BaseSignature
 {
-
-  // Debugging methods and variables
-  // -------------------------------------------------------------------------
-
-  private static final String NAME = "rsa-pss";
-
-  private static final boolean DEBUG = false;
-
-  private static final int debuglevel = 1;
-
-  private static final PrintWriter err = new PrintWriter(System.out, true);
-
-  private static void debug(String s)
-  {
-    err.println(">>> " + NAME + ": " + s);
-  }
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
+  private static final Logger log = Logger.getLogger(RSAPSSSignature.class.getName());
 
   /** The underlying EMSA-PSS instance for this object. */
   private EMSA_PSS pss;
@@ -99,9 +83,6 @@ public class RSAPSSSignature extends BaseSignature
   /** The desired length in octets of the EMSA-PSS salt. */
   private int sLen;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
    * Default 0-arguments constructor. Uses SHA-1 as the default hash and a
    * 0-octet <i>salt</i>.
@@ -112,10 +93,9 @@ public class RSAPSSSignature extends BaseSignature
   }
 
   /**
-   * <p>Constructs an instance of this object using the designated message
-   * digest algorithm as its underlying hash function, and having 0-octet
-   * <i>salt</i>.</p>
-   *
+   * Constructs an instance of this object using the designated message digest
+   * algorithm as its underlying hash function, and having 0-octet <i>salt</i>.
+   * 
    * @param mdName the canonical name of the underlying hash function.
    */
   public RSAPSSSignature(String mdName)
@@ -124,12 +104,12 @@ public class RSAPSSSignature extends BaseSignature
   }
 
   /**
-   * <p>Constructs an instance of this object using the designated message
-   * digest algorithm as its underlying hash function.</p>
-   *
+   * Constructs an instance of this object using the designated message digest
+   * algorithm as its underlying hash function.
+   * 
    * @param mdName the canonical name of the underlying hash function.
    * @param sLen the desired length in octets of the salt to use for encoding /
-   * decoding signatures.
+   *          decoding signatures.
    */
   public RSAPSSSignature(String mdName, int sLen)
   {
@@ -155,14 +135,6 @@ public class RSAPSSSignature extends BaseSignature
     this.pss = (EMSA_PSS) that.pss.clone();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // Implementation of abstract methods in superclass ------------------------
-
   public Object clone()
   {
     return new RSAPSSSignature(this);
@@ -171,79 +143,71 @@ public class RSAPSSSignature extends BaseSignature
   protected void setupForVerification(PublicKey k)
       throws IllegalArgumentException
   {
-    if (!(k instanceof RSAPublicKey))
-      {
-        throw new IllegalArgumentException();
-      }
+    if (! (k instanceof RSAPublicKey))
+      throw new IllegalArgumentException();
+
     publicKey = (RSAPublicKey) k;
   }
 
   protected void setupForSigning(PrivateKey k) throws IllegalArgumentException
   {
-    if (!(k instanceof RSAPrivateKey))
-      {
-        throw new IllegalArgumentException();
-      }
+    if (! (k instanceof RSAPrivateKey))
+      throw new IllegalArgumentException();
+
     privateKey = (RSAPrivateKey) k;
   }
 
   protected Object generateSignature() throws IllegalStateException
   {
     // 1. Apply the EMSA-PSS encoding operation to the message M to produce an
-    //    encoded message EM of length CEILING((modBits ? 1)/8) octets such
-    //    that the bit length of the integer OS2IP(EM) is at most modBits ? 1:
-    //    EM = EMSA-PSS-Encode(M,modBits ? 1).
-    //    Note that the octet length of EM will be one less than k if
-    //    modBits ? 1 is divisible by 8. If the encoding operation outputs
-    //    'message too long' or 'encoding error,' then output 'message too
-    //    long' or 'encoding error' and stop.
+    // encoded message EM of length CEILING((modBits ? 1)/8) octets such
+    // that the bit length of the integer OS2IP(EM) is at most modBits ? 1:
+    // EM = EMSA-PSS-Encode(M,modBits ? 1).
+    // Note that the octet length of EM will be one less than k if
+    // modBits ? 1 is divisible by 8. If the encoding operation outputs
+    // 'message too long' or 'encoding error,' then output 'message too
+    // long' or 'encoding error' and stop.
     int modBits = ((RSAPrivateKey) privateKey).getModulus().bitLength();
     byte[] salt = new byte[sLen];
     this.nextRandomBytes(salt);
     byte[] EM = pss.encode(md.digest(), modBits - 1, salt);
-    if (DEBUG && debuglevel > 8)
-      {
-        debug("EM (sign): " + Util.toString(EM));
-      }
+    if (Configuration.DEBUG)
+      log.fine("EM (sign): " + Util.toString(EM));
     // 2. Convert the encoded message EM to an integer message representative
-    //    m (see Section 1.2.2): m = OS2IP(EM).
+    // m (see Section 1.2.2): m = OS2IP(EM).
     BigInteger m = new BigInteger(1, EM);
     // 3. Apply the RSASP signature primitive to the public key K and the
-    //    message representative m to produce an integer signature
-    //    representative s: s = RSASP(K,m).
+    // message representative m to produce an integer signature
+    // representative s: s = RSASP(K,m).
     BigInteger s = RSA.sign(privateKey, m);
     // 4. Convert the signature representative s to a signature S of length k
-    //    octets (see Section 1.2.1): S = I2OSP(s, k).
+    // octets (see Section 1.2.1): S = I2OSP(s, k).
     // 5. Output the signature S.
     int k = (modBits + 7) / 8;
-    //      return encodeSignature(s, k);
+    // return encodeSignature(s, k);
     return RSA.I2OSP(s, k);
   }
 
   protected boolean verifySignature(Object sig) throws IllegalStateException
   {
     if (publicKey == null)
-      {
-        throw new IllegalStateException();
-      }
-    //      byte[] S = decodeSignature(sig);
+      throw new IllegalStateException();
+    // byte[] S = decodeSignature(sig);
     byte[] S = (byte[]) sig;
     // 1. If the length of the signature S is not k octets, output 'signature
-    //    invalid' and stop.
+    // invalid' and stop.
     int modBits = ((RSAPublicKey) publicKey).getModulus().bitLength();
     int k = (modBits + 7) / 8;
     if (S.length != k)
-      {
-        return false;
-      }
+      return false;
     // 2. Convert the signature S to an integer signature representative s:
-    //    s = OS2IP(S).
+    // s = OS2IP(S).
     BigInteger s = new BigInteger(1, S);
     // 3. Apply the RSAVP verification primitive to the public key (n, e) and
-    //    the signature representative s to produce an integer message
-    //    representative m: m = RSAVP((n, e), s).
-    //    If RSAVP outputs 'signature representative out of range,' then
-    //    output 'signature invalid' and stop.
+    // the signature representative s to produce an integer message
+    // representative m: m = RSAVP((n, e), s).
+    // If RSAVP outputs 'signature representative out of range,' then
+    // output 'signature invalid' and stop.
     BigInteger m = null;
     try
       {
@@ -254,22 +218,18 @@ public class RSAPSSSignature extends BaseSignature
         return false;
       }
     // 4. Convert the message representative m to an encoded message EM of
-    //    length emLen = CEILING((modBits - 1)/8) octets, where modBits is
-    //    equal to the bit length of the modulus: EM = I2OSP(m, emLen).
-    //    Note that emLen will be one less than k if modBits - 1 is divisible
-    //    by 8. If I2OSP outputs 'integer too large,' then output 'signature
-    //    invalid' and stop.
+    // length emLen = CEILING((modBits - 1)/8) octets, where modBits is
+    // equal to the bit length of the modulus: EM = I2OSP(m, emLen).
+    // Note that emLen will be one less than k if modBits - 1 is divisible
+    // by 8. If I2OSP outputs 'integer too large,' then output 'signature
+    // invalid' and stop.
     int emBits = modBits - 1;
     int emLen = (emBits + 7) / 8;
     byte[] EM = m.toByteArray();
-    if (DEBUG && debuglevel > 8)
-      {
-        debug("EM (verify): " + Util.toString(EM));
-      }
+    if (Configuration.DEBUG)
+      log.fine("EM (verify): " + Util.toString(EM));
     if (EM.length > emLen)
-      {
-        return false;
-      }
+      return false;
     else if (EM.length < emLen)
       {
         byte[] newEM = new byte[emLen];
@@ -277,9 +237,9 @@ public class RSAPSSSignature extends BaseSignature
         EM = newEM;
       }
     // 5. Apply the EMSA-PSS decoding operation to the message M and the
-    //    encoded message EM: Result = EMSA-PSS-Decode(M, EM, emBits). If
-    //    Result = 'consistent,' output 'signature verified.' Otherwise,
-    //    output 'signature invalid.'
+    // encoded message EM: Result = EMSA-PSS-Decode(M, EM, emBits). If
+    // Result = 'consistent,' output 'signature verified.' Otherwise,
+    // output 'signature invalid.'
     byte[] mHash = md.digest();
     boolean result = false;
     try
@@ -292,55 +252,4 @@ public class RSAPSSSignature extends BaseSignature
       }
     return result;
   }
-
-  // Other instance methods --------------------------------------------------
-
-  /**
-   * Converts the <i>signature representative</i> <code>s</code> to a signature
-   * <code>S</code> of length <code>k</code> octets; i.e.
-   * <code>S = I2OSP(s, k)</code>, where <code>k = CEILING(modBits/8)</code>.
-   *
-   * @param s the <i>signature representative</i>.
-   * @param k the length of the output.
-   * @return the signature as an octet sequence.
-   * @exception IllegalArgumentException if the length in octets of meaningful
-   * bytes of <code>s</code> is greater than <code>k</code>, implying that
-   * <code>s</code> is not less than the RSA <i>modulus</i>.
-   */
-  //   private Object encodeSignature(BigInteger s, int k) {
-  //      if (DEBUG && debuglevel > 8) {
-  //         debug("s.bitLength(): "+String.valueOf(s.bitLength()));
-  //         debug("k: "+String.valueOf(k));
-  //      }
-  //      byte[] result = s.toByteArray();
-  //      if (DEBUG && debuglevel > 8) {
-  //         debug("s: "+Util.toString(result));
-  //         debug("s (bytes): "+String.valueOf(result.length));
-  //      }
-  //      if (result.length < k) {
-  //         byte[] newResult = new byte[k];
-  //         System.arraycopy(result, 0, newResult, k-result.length, result.length);
-  //         result = newResult;
-  //      } else if (result.length > k) { // leftmost extra bytes should all be 0
-  //         int limit = result.length - k;
-  //         for (int i = 0; i < limit; i++) {
-  //            if (result[i] != 0x00) {
-  //               throw new IllegalArgumentException("integer too large");
-  //            }
-  //         }
-  //         byte[] newResult = new byte[k];
-  //         System.arraycopy(result, limit, newResult, 0, k);
-  //         result = newResult;
-  //      }
-  //      return result;
-  //   }
-  /**
-   * Returns the output of a previously generated signature object as an octet
-   * sequence.<p>
-   *
-   * @return the octet sequence <code>S</code>.
-   */
-  //   private byte[] decodeSignature(Object signature) {
-  //      return (byte[]) signature;
-  //   }
 }
diff --git a/libjava/classpath/gnu/java/security/sig/rsa/RSAPSSSignatureRawCodec.java b/libjava/classpath/gnu/java/security/sig/rsa/RSAPSSSignatureRawCodec.java
index 2be79165f18..b5e059c20e0 100644
--- a/libjava/classpath/gnu/java/security/sig/rsa/RSAPSSSignatureRawCodec.java
+++ b/libjava/classpath/gnu/java/security/sig/rsa/RSAPSSSignatureRawCodec.java
@@ -44,53 +44,41 @@ import gnu.java.security.sig.ISignatureCodec;
 import java.io.ByteArrayOutputStream;
 
 /**
- * <p>An object that implements the {@link gnu.crypto.sig.ISignatureCodec}
- * operations for the <i>Raw</i> format to use with RSA-PSS signatures.</p>
+ * An object that implements the {@link ISignatureCodec} operations for the
+ * <i>Raw</i> format to use with RSA-PSS signatures.
  */
-public class RSAPSSSignatureRawCodec implements ISignatureCodec
+public class RSAPSSSignatureRawCodec
+    implements ISignatureCodec
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   // implicit 0-arguments constructor
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // gnu.crypto.keys.IKeyPairCodec interface implementation
-  // -------------------------------------------------------------------------
-
   public int getFormatID()
   {
     return RAW_FORMAT;
   }
 
   /**
-   * <p>Returns the encoded form of the designated RSA-PSS signature object
-   * according to the <i>Raw</i> format supported by this library.</p>
-   *
-   * <p>The <i>Raw</i> format for an RSA-PSS signature, in this implementation,
-   * is a byte sequence consisting of the following:</p>
-   *
+   * Returns the encoded form of the designated RSA-PSS signature object
+   * according to the <i>Raw</i> format supported by this library.
+   * <p>
+   * The <i>Raw</i> format for an RSA-PSS signature, in this implementation, is
+   * a byte sequence consisting of the following:
    * <ol>
-   *		<li>4-byte magic consisting of the value of the literal
-   *    {@link Registry#MAGIC_RAW_RSA_PSS_SIGNATURE},<li>
-   *		<li>1-byte version consisting of the constant: 0x01,</li>
-   *		<li>4-byte count of following bytes representing the RSA-PSS signature
-   *    bytes in internet order,</li>
-   *		<li>the RSA-PSS signature bytes in internet order.</li>
+   * <li>4-byte magic consisting of the value of the literal
+   * {@link Registry#MAGIC_RAW_RSA_PSS_SIGNATURE},
+   * <li>
+   * <li>1-byte version consisting of the constant: 0x01,</li>
+   * <li>4-byte count of following bytes representing the RSA-PSS signature
+   * bytes in internet order,</li>
+   * <li>the RSA-PSS signature bytes in internet order.</li>
    * </ol>
-   *
+   * 
    * @param signature the signature to encode, consisting of the output of the
-   * <code>sign()</code> method of a {@link RSAPSSSignature} instance --a byte
-   * array.
+   *          <code>sign()</code> method of a {@link RSAPSSSignature} instance
+   *          --a byte array.
    * @return the <i>Raw</i> format encoding of the designated signature.
    * @exception IllegalArgumentException if the designated signature is not an
-   * RSA-PSS one.
+   *              RSA-PSS one.
    */
   public byte[] encodeSignature(Object signature)
   {
@@ -101,28 +89,23 @@ public class RSAPSSSignatureRawCodec implements ISignatureCodec
       }
     catch (Exception x)
       {
-        throw new IllegalArgumentException("key");
+        throw new IllegalArgumentException("signature");
       }
-
     ByteArrayOutputStream baos = new ByteArrayOutputStream();
-
     // magic
     baos.write(Registry.MAGIC_RAW_RSA_PSS_SIGNATURE[0]);
     baos.write(Registry.MAGIC_RAW_RSA_PSS_SIGNATURE[1]);
     baos.write(Registry.MAGIC_RAW_RSA_PSS_SIGNATURE[2]);
     baos.write(Registry.MAGIC_RAW_RSA_PSS_SIGNATURE[3]);
-
     // version
     baos.write(0x01);
-
     // signature bytes
     int length = buffer.length;
-    baos.write(length >>> 24);
+    baos.write( length >>> 24);
     baos.write((length >>> 16) & 0xFF);
     baos.write((length >>> 8) & 0xFF);
     baos.write(length & 0xFF);
     baos.write(buffer, 0, length);
-
     return baos.toByteArray();
   }
 
@@ -133,25 +116,19 @@ public class RSAPSSSignatureRawCodec implements ISignatureCodec
         || k[1] != Registry.MAGIC_RAW_RSA_PSS_SIGNATURE[1]
         || k[2] != Registry.MAGIC_RAW_RSA_PSS_SIGNATURE[2]
         || k[3] != Registry.MAGIC_RAW_RSA_PSS_SIGNATURE[3])
-      {
-        throw new IllegalArgumentException("magic");
-      }
-
+      throw new IllegalArgumentException("magic");
     // version
     if (k[4] != 0x01)
-      {
-        throw new IllegalArgumentException("version");
-      }
-
+      throw new IllegalArgumentException("version");
     int i = 5;
     int l;
-
     // signature bytes
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     byte[] result = new byte[l];
     System.arraycopy(k, i, result, 0, l);
-
     return result;
   }
 }
diff --git a/libjava/classpath/gnu/java/security/util/Base64.java b/libjava/classpath/gnu/java/security/util/Base64.java
index f9998c38f48..9b2ae12dc27 100644
--- a/libjava/classpath/gnu/java/security/util/Base64.java
+++ b/libjava/classpath/gnu/java/security/util/Base64.java
@@ -38,8 +38,10 @@ exception statement from your version.  */
 
 package gnu.java.security.util;
 
-import java.io.PrintWriter;
+import gnu.java.security.Configuration;
+
 import java.io.UnsupportedEncodingException;
+import java.util.logging.Logger;
 
 /**
  * Most of this implementation is from Robert Harder's public domain Base64
@@ -47,25 +49,7 @@ import java.io.UnsupportedEncodingException;
  */
 public class Base64
 {
-
-  // Debugging methods and variables
-  // -------------------------------------------------------------------------
-
-  private static final String NAME = "Base64";
-
-  private static final boolean DEBUG = true;
-
-  private static final int debuglevel = 9;
-
-  private static final PrintWriter err = new PrintWriter(System.out, true);
-
-  private static void debug(String s)
-  {
-    err.println(">>> " + NAME + ": " + s);
-  }
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
+  private static final Logger log = Logger.getLogger(Base64.class.getName());
 
   /** Maximum line length (76) of Base64 output. */
   private static final int MAX_LINE_LENGTH = 76;
@@ -81,79 +65,58 @@ public class Base64
   private static final byte EQUALS_SIGN_ENC = -1; // equals sign in encoding
 
   /** The 64 valid Base64 values. */
-  private static final byte[] ALPHABET = { (byte) 'A', (byte) 'B', (byte) 'C',
-                                          (byte) 'D', (byte) 'E', (byte) 'F',
-                                          (byte) 'G', (byte) 'H', (byte) 'I',
-                                          (byte) 'J', (byte) 'K', (byte) 'L',
-                                          (byte) 'M', (byte) 'N', (byte) 'O',
-                                          (byte) 'P', (byte) 'Q', (byte) 'R',
-                                          (byte) 'S', (byte) 'T', (byte) 'U',
-                                          (byte) 'V', (byte) 'W', (byte) 'X',
-                                          (byte) 'Y', (byte) 'Z', (byte) 'a',
-                                          (byte) 'b', (byte) 'c', (byte) 'd',
-                                          (byte) 'e', (byte) 'f', (byte) 'g',
-                                          (byte) 'h', (byte) 'i', (byte) 'j',
-                                          (byte) 'k', (byte) 'l', (byte) 'm',
-                                          (byte) 'n', (byte) 'o', (byte) 'p',
-                                          (byte) 'q', (byte) 'r', (byte) 's',
-                                          (byte) 't', (byte) 'u', (byte) 'v',
-                                          (byte) 'w', (byte) 'x', (byte) 'y',
-                                          (byte) 'z', (byte) '0', (byte) '1',
-                                          (byte) '2', (byte) '3', (byte) '4',
-                                          (byte) '5', (byte) '6', (byte) '7',
-                                          (byte) '8', (byte) '9', (byte) '+',
-                                          (byte) '/' };
+  private static final byte[] ALPHABET = {
+      (byte) 'A', (byte) 'B', (byte) 'C', (byte) 'D', (byte) 'E', (byte) 'F',
+      (byte) 'G', (byte) 'H', (byte) 'I', (byte) 'J', (byte) 'K', (byte) 'L',
+      (byte) 'M', (byte) 'N', (byte) 'O', (byte) 'P', (byte) 'Q', (byte) 'R',
+      (byte) 'S', (byte) 'T', (byte) 'U', (byte) 'V', (byte) 'W', (byte) 'X',
+      (byte) 'Y', (byte) 'Z', (byte) 'a', (byte) 'b', (byte) 'c', (byte) 'd',
+      (byte) 'e', (byte) 'f', (byte) 'g', (byte) 'h', (byte) 'i', (byte) 'j',
+      (byte) 'k', (byte) 'l', (byte) 'm', (byte) 'n', (byte) 'o', (byte) 'p',
+      (byte) 'q', (byte) 'r', (byte) 's', (byte) 't', (byte) 'u', (byte) 'v',
+      (byte) 'w', (byte) 'x', (byte) 'y', (byte) 'z', (byte) '0', (byte) '1',
+      (byte) '2', (byte) '3', (byte) '4', (byte) '5', (byte) '6', (byte) '7',
+      (byte) '8', (byte) '9', (byte) '+', (byte) '/'
+  };
 
   /**
    * Translates a Base64 value to either its 6-bit reconstruction value or a
    * negative number indicating some other meaning.
    */
-  private static final byte[] DECODABET = { -9, -9, -9, -9, -9, -9, -9, -9, -9, // Decimal  0 -  8
-                                           -5, -5, // Whitespace: Tab and Linefeed
-                                           -9, -9, // Decimal 11 - 12
-                                           -5, // Whitespace: Carriage Return
-                                           -9, -9, -9, -9, -9, -9, -9, -9, -9,
-                                           -9, -9, -9, -9, // Decimal 14 - 26
-                                           -9, -9, -9, -9, -9, // Decimal 27 - 31
-                                           -5, // Whitespace: Space
-                                           -9, -9, -9, -9, -9, -9, -9, -9, -9,
-                                           -9, // Decimal 33 - 42
-                                           62, // Plus sign at decimal 43
-                                           -9, -9, -9, // Decimal 44 - 46
-                                           63, // Slash at decimal 47
-                                           52, 53, 54, 55, 56, 57, 58, 59, 60,
-                                           61, // Numbers zero through nine
-                                           -9, -9, -9, // Decimal 58 - 60
-                                           -1, // Equals sign at decimal 61
-                                           -9, -9, -9, // Decimal 62 - 64
-                                           0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10,
-                                           11, 12, 13, // Letters 'A' through 'N'
-                                           14, 15, 16, 17, 18, 19, 20, 21, 22,
-                                           23, 24, 25, // Letters 'O' through 'Z'
-                                           -9, -9, -9, -9, -9, -9, // Decimal 91 - 96
-                                           26, 27, 28, 29, 30, 31, 32, 33, 34,
-                                           35, 36, 37, 38, // Letters 'a' through 'm'
-                                           39, 40, 41, 42, 43, 44, 45, 46, 47,
-                                           48, 49, 50, 51, // Letters 'n' through 'z'
-                                           -9, -9, -9, -9 // Decimal 123 - 126
+  private static final byte[] DECODABET = {
+      -9, -9, -9, -9, -9, -9, -9, -9, -9, // Decimal 0 - 8
+      -5, -5, // Whitespace: Tab and Linefeed
+      -9, -9, // Decimal 11 - 12
+      -5, // Whitespace: Carriage Return
+      -9, -9, -9, -9, -9, -9, -9, -9, -9, -9, -9, -9, -9, // Decimal 14 - 26
+      -9, -9, -9, -9, -9, // Decimal 27 - 31
+      -5, // Whitespace: Space
+      -9, -9, -9, -9, -9, -9, -9, -9, -9, -9, // Decimal 33 - 42
+      62, // Plus sign at decimal 43
+      -9, -9, -9, // Decimal 44 - 46
+      63, // Slash at decimal 47
+      52, 53, 54, 55, 56, 57, 58, 59, 60, 61, // Numbers zero through nine
+      -9, -9, -9, // Decimal 58 - 60
+      -1, // Equals sign at decimal 61
+      -9, -9, -9, // Decimal 62 - 64
+      0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, // Letters 'A' through 'N'
+      14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, // Letters 'O' through 'Z'
+      -9, -9, -9, -9, -9, -9, // Decimal 91 - 96
+      26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, // Letters 'a' through 'm'
+      39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, // Letters 'n' through 'z'
+      -9, -9, -9, -9 // Decimal 123 - 126
   };
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial private ctor to enfore Singleton pattern. */
   private Base64()
   {
     super();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
    * Encodes a byte array into Base64 notation. Equivalent to calling
    * <code>encode(source, 0, source.length)</code>.
-   *
+   * 
    * @param src the data to convert.
    */
   public static final String encode(final byte[] src)
@@ -163,7 +126,7 @@ public class Base64
 
   /**
    * Encodes a byte array into Base64 notation.
-   *
+   * 
    * @param src the data to convert.
    * @param off offset in array where conversion should begin.
    * @param len length of data to convert.
@@ -176,7 +139,7 @@ public class Base64
     final byte[] outBuff = new byte[len43 // Main 4:3
                                     + ((len % 3) > 0 ? 4 : 0) // Account for padding
                                     + (breakLines ? (len43 / MAX_LINE_LENGTH)
-                                                 : 0)]; // New lines
+                                                  : 0)]; // New lines
     int d = 0;
     int e = 0;
     final int len2 = len - 2;
@@ -192,13 +155,11 @@ public class Base64
             lineLength = 0;
           }
       }
-
-    if (d < len)
-      { // padding needed
+    if (d < len) // padding needed
+      {
         encode3to4(src, d + off, len - d, outBuff, e);
         e += 4;
       }
-
     return new String(outBuff, 0, e);
   }
 
@@ -255,31 +216,26 @@ public class Base64
                   } // end if: quartet built
               } // end if: equals sign or better
           }
-        else
-          {
-            throw new IllegalArgumentException("Illegal BASE-64 character at #"
-                                               + i + ": " + src[i]
-                                               + "(decimal)");
-          }
+        throw new IllegalArgumentException("Illegal BASE-64 character at #"
+                                           + i + ": " + src[i] + "(decimal)");
       }
-
     final byte[] result = new byte[outBuffPosn];
     System.arraycopy(outBuff, 0, result, 0, outBuffPosn);
     return result;
   }
 
   /**
-   * <p>Encodes up to three bytes of the array <code>src</code> and writes
-   * the resulting four Base64 bytes to <code>dest</code>. The source and
+   * Encodes up to three bytes of the array <code>src</code> and writes the
+   * resulting four Base64 bytes to <code>dest</code>. The source and
    * destination arrays can be manipulated anywhere along their length by
-   * specifying <code>sOffset</code> and <code>dOffset</code>.</p>
-   *
-   * <p>This method does not check to make sure the arrays are large enough to
+   * specifying <code>sOffset</code> and <code>dOffset</code>.
+   * <p>
+   * This method does not check to make sure the arrays are large enough to
    * accomodate <code>sOffset + 3</code> for the <code>src</code> array or
    * <code>dOffset + 4</code> for the <code>dest</code> array. The actual
    * number of significant bytes in the input array is given by
-   * <code>numBytes</code>.</p>
-   *
+   * <code>numBytes</code>.
+   * 
    * @param src the array to convert.
    * @param sOffset the index where conversion begins.
    * @param numBytes the number of significant bytes in your array.
@@ -302,25 +258,25 @@ public class Base64
     // significant bytes passed in the array.
     // We have to shift left 24 in order to flush out the 1's that appear
     // when Java treats a value as negative that is cast from a byte to an int.
-    final int inBuff = (numBytes > 0 ? ((src[sOffset] << 24) >>> 8) : 0)
+    final int inBuff =   (numBytes > 0 ? ((src[sOffset]     << 24) >>>  8) : 0)
                        | (numBytes > 1 ? ((src[sOffset + 1] << 24) >>> 16) : 0)
                        | (numBytes > 2 ? ((src[sOffset + 2] << 24) >>> 24) : 0);
     switch (numBytes)
       {
       case 3:
-        dest[dOffset] = ALPHABET[(inBuff >>> 18)];
+        dest[dOffset    ] = ALPHABET[(inBuff >>> 18)];
         dest[dOffset + 1] = ALPHABET[(inBuff >>> 12) & 0x3F];
-        dest[dOffset + 2] = ALPHABET[(inBuff >>> 6) & 0x3F];
-        dest[dOffset + 3] = ALPHABET[(inBuff) & 0x3F];
+        dest[dOffset + 2] = ALPHABET[(inBuff >>>  6) & 0x3F];
+        dest[dOffset + 3] = ALPHABET[(inBuff)        & 0x3F];
         break;
       case 2:
-        dest[dOffset] = ALPHABET[(inBuff >>> 18)];
+        dest[dOffset    ] = ALPHABET[(inBuff >>> 18)];
         dest[dOffset + 1] = ALPHABET[(inBuff >>> 12) & 0x3F];
-        dest[dOffset + 2] = ALPHABET[(inBuff >>> 6) & 0x3F];
+        dest[dOffset + 2] = ALPHABET[(inBuff >>>  6) & 0x3F];
         dest[dOffset + 3] = EQUALS_SIGN;
         break;
       case 1:
-        dest[dOffset] = ALPHABET[(inBuff >>> 18)];
+        dest[dOffset    ] = ALPHABET[(inBuff >>> 18)];
         dest[dOffset + 1] = ALPHABET[(inBuff >>> 12) & 0x3F];
         dest[dOffset + 2] = EQUALS_SIGN;
         dest[dOffset + 3] = EQUALS_SIGN;
@@ -330,19 +286,18 @@ public class Base64
   }
 
   /**
-   * <p>Decodes four bytes from array <code>src</code> and writes the
-   * resulting bytes (up to three of them) to <code>dest</code>.</p>
-   *
-   * <p>The source and destination arrays can be manipulated anywhere along
-   * their length by specifying <code>sOffset</code> and <code>dOffset</code>.
-   * </p>
-   *
-   * <p>This method does not check to make sure your arrays are large enough
-   * to accomodate <code>sOffset + 4</code> for the <code>src</code> array or
+   * Decodes four bytes from array <code>src</code> and writes the resulting
+   * bytes (up to three of them) to <code>dest</code>.
+   * <p>
+   * The source and destination arrays can be manipulated anywhere along their
+   * length by specifying <code>sOffset</code> and <code>dOffset</code>.
+   * <p>
+   * This method does not check to make sure your arrays are large enough to
+   * accomodate <code>sOffset + 4</code> for the <code>src</code> array or
    * <code>dOffset + 3</code> for the <code>dest</code> array. This method
    * returns the actual number of bytes that were converted from the Base64
-   * encoding.</p>
-   *
+   * encoding.
+   * 
    * @param src the array to convert.
    * @param sOffset the index where conversion begins.
    * @param dest the array to hold the conversion.
@@ -352,43 +307,41 @@ public class Base64
   private static final int decode4to3(final byte[] src, final int sOffset,
                                       final byte[] dest, final int dOffset)
   {
-    if (src[sOffset + 2] == EQUALS_SIGN)
-      { // Example: Dk==
-        final int outBuff = ((DECODABET[src[sOffset]] & 0xFF) << 18)
-                            | ((DECODABET[src[sOffset + 1]] & 0xFF) << 12);
-        dest[dOffset] = (byte) (outBuff >>> 16);
+    if (src[sOffset + 2] == EQUALS_SIGN) // Example: Dk==
+      {
+        final int outBuff = ((DECODABET[src[sOffset    ]] & 0xFF) << 18)
+                          | ((DECODABET[src[sOffset + 1]] & 0xFF) << 12);
+        dest[dOffset] = (byte)(outBuff >>> 16);
         return 1;
       }
-
-    if (src[sOffset + 3] == EQUALS_SIGN)
-      { // Example: DkL=
-        final int outBuff = ((DECODABET[src[sOffset]] & 0xFF) << 18)
-                            | ((DECODABET[src[sOffset + 1]] & 0xFF) << 12)
-                            | ((DECODABET[src[sOffset + 2]] & 0xFF) << 6);
-        dest[dOffset] = (byte) (outBuff >>> 16);
-        dest[dOffset + 1] = (byte) (outBuff >>> 8);
+    if (src[sOffset + 3] == EQUALS_SIGN) // Example: DkL=
+      {
+        final int outBuff = ((DECODABET[src[sOffset    ]] & 0xFF) << 18)
+                          | ((DECODABET[src[sOffset + 1]] & 0xFF) << 12)
+                          | ((DECODABET[src[sOffset + 2]] & 0xFF) << 6);
+        dest[dOffset    ] = (byte)(outBuff >>> 16);
+        dest[dOffset + 1] = (byte)(outBuff >>> 8);
         return 2;
       }
-
-    try
-      { // Example: DkLE
-        final int outBuff = ((DECODABET[src[sOffset]] & 0xFF) << 18)
-                            | ((DECODABET[src[sOffset + 1]] & 0xFF) << 12)
-                            | ((DECODABET[src[sOffset + 2]] & 0xFF) << 6)
-                            | ((DECODABET[src[sOffset + 3]] & 0xFF));
-        dest[dOffset] = (byte) (outBuff >> 16);
-        dest[dOffset + 1] = (byte) (outBuff >> 8);
+    try // Example: DkLE
+      {
+        final int outBuff = ((DECODABET[src[sOffset    ]] & 0xFF) << 18)
+                          | ((DECODABET[src[sOffset + 1]] & 0xFF) << 12)
+                          | ((DECODABET[src[sOffset + 2]] & 0xFF) << 6)
+                          | ((DECODABET[src[sOffset + 3]] & 0xFF));
+        dest[dOffset    ] = (byte)(outBuff >> 16);
+        dest[dOffset + 1] = (byte)(outBuff >> 8);
         dest[dOffset + 2] = (byte) outBuff;
         return 3;
       }
     catch (Exception x)
       {
-        if (DEBUG && debuglevel > 8)
+        if (Configuration.DEBUG)
           {
-            debug("" + src[sOffset] + ": " + (DECODABET[src[sOffset]]));
-            debug("" + src[sOffset + 1] + ": " + (DECODABET[src[sOffset + 1]]));
-            debug("" + src[sOffset + 2] + ": " + (DECODABET[src[sOffset + 2]]));
-            debug("" + src[sOffset + 3] + ": " + (DECODABET[src[sOffset + 3]]));
+            log.fine("" + src[sOffset    ] + ": " + (DECODABET[src[sOffset    ]]));
+            log.fine("" + src[sOffset + 1] + ": " + (DECODABET[src[sOffset + 1]]));
+            log.fine("" + src[sOffset + 2] + ": " + (DECODABET[src[sOffset + 2]]));
+            log.fine("" + src[sOffset + 3] + ": " + (DECODABET[src[sOffset + 3]]));
           }
         return -1;
       }
diff --git a/libjava/classpath/gnu/classpath/ByteArray.java b/libjava/classpath/gnu/java/security/util/ByteArray.java
index 6307b8abd79..0d04d9127ae 100644
--- a/libjava/classpath/gnu/classpath/ByteArray.java
+++ b/libjava/classpath/gnu/java/security/util/ByteArray.java
@@ -36,7 +36,7 @@ obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
 
-package gnu.classpath;
+package gnu.java.security.util;
 
 import java.io.PrintWriter;
 import java.io.StringWriter;
diff --git a/libjava/classpath/gnu/java/security/util/ExpirableObject.java b/libjava/classpath/gnu/java/security/util/ExpirableObject.java
index 2d4452015af..e0c4e6b5984 100644
--- a/libjava/classpath/gnu/java/security/util/ExpirableObject.java
+++ b/libjava/classpath/gnu/java/security/util/ExpirableObject.java
@@ -46,26 +46,23 @@ import javax.security.auth.Destroyable;
 
 /**
  * The base class for objects with sensitive data that are automatically
- * destroyed after a timeout elapses. On creation, an object that extends
- * this class will automatically be added to a {@link Timer} object that,
- * once a timeout elapses, will automatically call the {@link
- * Destroyable#destroy()} method.
- *
- * <p>Concrete subclasses must implement the {@link doDestroy()} method
- * instead of {@link Destroyable#destroy()}; the behavior of that method
- * should match exactly the behavior desired of <code>destroy()</code>.
- *
- * <p>Note that if a {@link DestroyFailedException} occurs when the timeout
+ * destroyed after a timeout elapses. On creation, an object that extends this
+ * class will automatically be added to a {@link Timer} object that, once a
+ * timeout elapses, will automatically call the {@link Destroyable#destroy()}
+ * method.
+ * <p>
+ * Concrete subclasses must implement the {@link #doDestroy()} method instead of
+ * {@link Destroyable#destroy()}; the behavior of that method should match
+ * exactly the behavior desired of <code>destroy()</code>.
+ * <p>
+ * Note that if a {@link DestroyFailedException} occurs when the timeout
  * expires, it will not be reported.
- *
+ * 
  * @see Destroyable
  */
-public abstract class ExpirableObject implements Destroyable
+public abstract class ExpirableObject
+    implements Destroyable
 {
-
-  // Constants and fields.
-  // -------------------------------------------------------------------------
-
   /**
    * The default timeout, used in the default constructor.
    */
@@ -82,9 +79,6 @@ public abstract class ExpirableObject implements Destroyable
    */
   private final Destroyer destroyer;
 
-  // Constructors.
-  // -------------------------------------------------------------------------
-
   /**
    * Create a new expirable object that will expire after one hour.
    */
@@ -94,12 +88,11 @@ public abstract class ExpirableObject implements Destroyable
   }
 
   /**
-   * Create a new expirable object that will expire after the specified
-   * timeout.
-   *
+   * Create a new expirable object that will expire after the specified timeout.
+   * 
    * @param delay The delay before expiration.
    * @throws IllegalArgumentException If <i>delay</i> is negative, or if
-   *  <code>delay + System.currentTimeMillis()</code> is negative.
+   *           <code>delay + System.currentTimeMillis()</code> is negative.
    */
   protected ExpirableObject(final long delay)
   {
@@ -107,14 +100,11 @@ public abstract class ExpirableObject implements Destroyable
     EXPIRER.schedule(destroyer, delay);
   }
 
-  // Instance methods.
-  // -------------------------------------------------------------------------
-
   /**
-   * Destroys this object. This method calls {@link doDestroy}, then, if
-   * no exception is thrown, cancels the task that would destroy this object
-   * when the timeout is reached.
-   *
+   * Destroys this object. This method calls {@link #doDestroy}, then, if no
+   * exception is thrown, cancels the task that would destroy this object when
+   * the timeout is reached.
+   * 
    * @throws DestroyFailedException If this operation fails.
    */
   public final void destroy() throws DestroyFailedException
@@ -126,42 +116,30 @@ public abstract class ExpirableObject implements Destroyable
   /**
    * Subclasses must implement this method instead of the {@link
    * Destroyable#destroy()} method.
-   *
+   * 
    * @throws DestroyFailedException If this operation fails.
    */
   protected abstract void doDestroy() throws DestroyFailedException;
 
-  // Inner classes.
-  // -------------------------------------------------------------------------
-
   /**
    * The task that destroys the target when the timeout elapses.
    */
-  private final class Destroyer extends TimerTask
+  private final class Destroyer
+      extends TimerTask
   {
-
-    // Fields.
-    // -----------------------------------------------------------------------
-
     private final ExpirableObject target;
 
-    // Constructor.
-    // -----------------------------------------------------------------------
-
     Destroyer(final ExpirableObject target)
     {
       super();
       this.target = target;
     }
 
-    // Instance methods.
-    // -----------------------------------------------------------------------
-
     public void run()
     {
       try
         {
-          if (!target.isDestroyed())
+          if (! target.isDestroyed())
             target.doDestroy();
         }
       catch (DestroyFailedException dfe)
diff --git a/libjava/classpath/gnu/java/security/util/IntegerUtil.java b/libjava/classpath/gnu/java/security/util/IntegerUtil.java
new file mode 100644
index 00000000000..f071308084c
--- /dev/null
+++ b/libjava/classpath/gnu/java/security/util/IntegerUtil.java
@@ -0,0 +1,109 @@
+/* IntegerUtil.java -- JDK 5 Integer methods with 1.4 API
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.java.security.util;
+
+import java.util.LinkedHashMap;
+import java.util.Map;
+
+/**
+ * Utility class which offers Integer related methods found in RI's version 5
+ * but written with RI's 1.4 API.
+ */
+public abstract class IntegerUtil
+{
+  /** Maximum size of our cache of constructed Integers. */
+  private static final int CACHE_SIZE = 100;
+  /** LRU (Least Recently Used) cache, of the last accessed 100 Integers. */
+  private static final Map cache = new LinkedHashMap(CACHE_SIZE + 1, 0.75F, true)
+  {
+    public boolean removeEldestEntry(Map.Entry entry)
+    {
+      return size() > CACHE_SIZE;
+    }
+  };
+
+  /** Trivial private constructor to enforce Singleton usage. */
+  private IntegerUtil()
+  {
+    super();
+  }
+
+  /**
+   * Similar to {@link Integer#valueOf(String)} except it caches the result in
+   * a local LRU cache of 100 elements, organized by access order.
+   * <p>
+   * This method MUST be used in the gnu.java.security and gnu.javax.crypto
+   * packages to ensure they would work with a version 1.4 only of the Java
+   * class library API.
+   * 
+   * @param aString a string representation of an integer.
+   * @return the {@link Integer} object representing the designated string.
+   */
+  public static final Integer valueOf(String aString)
+  {
+    Integer result;
+    synchronized (cache)
+    {
+      result = (Integer) cache.get(aString);
+      if (result == null)
+        {
+          result = Integer.valueOf(aString);
+          cache.put(aString, result);
+        }
+    }
+    return result;
+  }
+
+  /**
+   * Simulates the <code>valueOf(int)</code> method found in {@link Integer} of
+   * the RI's version 1.5 using a local LRU cache of 100 elements, organized by
+   * access order.
+   * <p>
+   * This method MUST be used in the gnu.java.security and gnu.javax.crypto
+   * packages to ensure they would work with a version 1.4 only of the Java
+   * class library API.
+   * 
+   * @param anInt a decimal integer.
+   * @return the {@link Integer} object representing the designated primitive.
+   */
+  public static final Integer valueOf(int anInt)
+  {
+    return valueOf(Integer.toString(anInt, 10));
+  }
+}
diff --git a/libjava/classpath/gnu/java/security/util/PRNG.java b/libjava/classpath/gnu/java/security/util/PRNG.java
index 138cc6bcb0c..7bb27cbf452 100644
--- a/libjava/classpath/gnu/java/security/util/PRNG.java
+++ b/libjava/classpath/gnu/java/security/util/PRNG.java
@@ -45,27 +45,20 @@ import gnu.java.security.prng.LimitReachedException;
 import gnu.java.security.prng.MDGenerator;
 
 /**
- * A useful hash-based (SHA) pseudo-random number generator used
- * throughout this library.
+ * A useful hash-based (SHA) pseudo-random number generator used throughout this
+ * library.
  * 
  * @see MDGenerator
  */
 public class PRNG
 {
-  // Constans and fields
-  // --------------------------------------------------------------------------
-
   /** The underlying {@link IRandom}. */
   private IRandom delegate;
 
-  // Constructor(s)
-  // --------------------------------------------------------------------------
-
   /**
    * Private constructor to enforce using the Factory method.
    * 
-   * @param delegate
-   *          the undelying {@link IRandom} object used.
+   * @param delegate the undelying {@link IRandom} object used.
    */
   private PRNG(IRandom delegate)
   {
@@ -74,9 +67,6 @@ public class PRNG
     this.delegate = delegate;
   }
 
-  // Class methods
-  // --------------------------------------------------------------------------
-
   public static final PRNG getInstance()
   {
     IRandom delegate = new MDGenerator();
@@ -86,10 +76,10 @@ public class PRNG
         // initialise it with a seed
         long t = System.currentTimeMillis();
         byte[] seed = new byte[] {
-            (byte) (t >>> 56), (byte) (t >>> 48),
-            (byte) (t >>> 40), (byte) (t >>> 32),
-            (byte) (t >>> 24), (byte) (t >>> 16),
-            (byte) (t >>>  8), (byte)  t};
+            (byte)(t >>> 56), (byte)(t >>> 48),
+            (byte)(t >>> 40), (byte)(t >>> 32),
+            (byte)(t >>> 24), (byte)(t >>> 16),
+            (byte)(t >>>  8), (byte) t };
         map.put(MDGenerator.SEEED, seed);
         delegate.init(map); // default is to use SHA-1 hash
       }
@@ -97,19 +87,14 @@ public class PRNG
       {
         throw new ExceptionInInitializerError(x);
       }
-
     return new PRNG(delegate);
   }
 
-  // Instance methods
-  // --------------------------------------------------------------------------
-
   /**
    * Completely fills the designated <code>buffer</code> with random data
    * generated by the underlying delegate.
    * 
-   * @param buffer
-   *          the place holder of random bytes generated by the underlying
+   * @param buffer the place holder of random bytes generated by the underlying
    *          delegate. On output, the contents of <code>buffer</code> are
    *          replaced with pseudo-random data, iff the <code>buffer</code>
    *          size is not zero.
diff --git a/libjava/classpath/gnu/java/security/util/Prime2.java b/libjava/classpath/gnu/java/security/util/Prime2.java
deleted file mode 100644
index 6e46f5fcadc..00000000000
--- a/libjava/classpath/gnu/java/security/util/Prime2.java
+++ /dev/null
@@ -1,417 +0,0 @@
-/* Prime2.java -- 
-   Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc.
-
-This file is a part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2 of the License, or (at
-your option) any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; if not, write to the Free Software
-Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
-USA
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version.  */
-
-
-package gnu.java.security.util;
-
-import java.io.PrintWriter;
-import java.lang.ref.WeakReference;
-import java.math.BigInteger;
-import java.util.Map;
-import java.util.WeakHashMap;
-
-/**
- * <p>A collection of prime number related utilities used in this library.</p>
- */
-public class Prime2
-{
-
-  // Debugging methods and variables
-  // -------------------------------------------------------------------------
-
-  private static final String NAME = "prime";
-
-  private static final boolean DEBUG = false;
-
-  private static final int debuglevel = 5;
-
-  private static final PrintWriter err = new PrintWriter(System.out, true);
-
-  private static void debug(String s)
-  {
-    err.println(">>> " + NAME + ": " + s);
-  }
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  private static final int DEFAULT_CERTAINTY = 20; // XXX is this a good value?
-
-  private static final BigInteger ZERO = BigInteger.ZERO;
-
-  private static final BigInteger ONE = BigInteger.ONE;
-
-  private static final BigInteger TWO = BigInteger.valueOf(2L);
-
-  /**
-   * The first SMALL_PRIME primes: Algorithm P, section 1.3.2, The Art of
-   * Computer Programming, Donald E. Knuth.
-   */
-  private static final int SMALL_PRIME_COUNT = 1000;
-
-  private static final BigInteger[] SMALL_PRIME = new BigInteger[SMALL_PRIME_COUNT];
-  static
-    {
-      long time = -System.currentTimeMillis();
-      SMALL_PRIME[0] = TWO;
-      int N = 3;
-      int J = 0;
-      int prime;
-      P2: while (true)
-        {
-          SMALL_PRIME[++J] = BigInteger.valueOf(N);
-          if (J >= 999)
-            {
-              break P2;
-            }
-          P4: while (true)
-            {
-              N += 2;
-              P6: for (int K = 1; true; K++)
-                {
-                  prime = SMALL_PRIME[K].intValue();
-                  if ((N % prime) == 0)
-                    {
-                      continue P4;
-                    }
-                  else if ((N / prime) <= prime)
-                    {
-                      continue P2;
-                    }
-                }
-            }
-        }
-      time += System.currentTimeMillis();
-      if (DEBUG && debuglevel > 8)
-        {
-          StringBuffer sb;
-          for (int i = 0; i < (SMALL_PRIME_COUNT / 10); i++)
-            {
-              sb = new StringBuffer();
-              for (int j = 0; j < 10; j++)
-                {
-                  sb.append(String.valueOf(SMALL_PRIME[i * 10 + j])).append(" ");
-                }
-              debug(sb.toString());
-            }
-        }
-      if (DEBUG && debuglevel > 4)
-        {
-          debug("Generating first " + String.valueOf(SMALL_PRIME_COUNT)
-                + " primes took: " + String.valueOf(time) + " ms.");
-        }
-    }
-
-  private static final Map knownPrimes = new WeakHashMap();
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
-  /** Trivial constructor to enforce Singleton pattern. */
-  private Prime2()
-  {
-    super();
-  }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  /**
-   * <p>Trial division for the first 1000 small primes.</p>
-   *
-   * <p>Returns <code>true</code> if at least one small prime, among the first
-   * 1000 ones, was found to divide the designated number. Retuens <code>false</code>
-   * otherwise.</p>
-   *
-   * @param w the number to test.
-   * @return <code>true</code> if at least one small prime was found to divide
-   * the designated number.
-   */
-  public static boolean hasSmallPrimeDivisor(BigInteger w)
-  {
-    BigInteger prime;
-    for (int i = 0; i < SMALL_PRIME_COUNT; i++)
-      {
-        prime = SMALL_PRIME[i];
-        if (w.mod(prime).equals(ZERO))
-          {
-            if (DEBUG && debuglevel > 4)
-              {
-                debug(prime.toString(16) + " | " + w.toString(16) + "...");
-              }
-            return true;
-          }
-      }
-    if (DEBUG && debuglevel > 4)
-      {
-        debug(w.toString(16) + " has no small prime divisors...");
-      }
-    return false;
-  }
-
-  /**
-   * <p>Java port of Colin Plumb primality test (Euler Criterion)
-   * implementation for a base of 2 --from bnlib-1.1 release, function
-   * primeTest() in prime.c. this is his comments.</p>
-   *
-   * <p>"Now, check that bn is prime. If it passes to the base 2, it's prime
-   * beyond all reasonable doubt, and everything else is just gravy, but it
-   * gives people warm fuzzies to do it.</p>
-   *
-   * <p>This starts with verifying Euler's criterion for a base of 2. This is
-   * the fastest pseudoprimality test that I know of, saving a modular squaring
-   * over a Fermat test, as well as being stronger. 7/8 of the time, it's as
-   * strong as a strong pseudoprimality test, too. (The exception being when
-   * <code>bn == 1 mod 8</code> and <code>2</code> is a quartic residue, i.e.
-   * <code>bn</code> is of the form <code>a^2 + (8*b)^2</code>.) The precise
-   * series of tricks used here is not documented anywhere, so here's an
-   * explanation. Euler's criterion states that if <code>p</code> is prime
-   * then <code>a^((p-1)/2)</code> is congruent to <code>Jacobi(a,p)</code>,
-   * modulo <code>p</code>. <code>Jacobi(a, p)</code> is a function which is
-   * <code>+1</code> if a is a square modulo <code>p</code>, and <code>-1</code>
-   * if it is not. For <code>a = 2</code>, this is particularly simple. It's
-   * <code>+1</code> if <code>p == +/-1 (mod 8)</code>, and <code>-1</code> if
-   * <code>m == +/-3 (mod 8)</code>. If <code>p == 3 (mod 4)</code>, then all
-   * a strong test does is compute <code>2^((p-1)/2)</code>. and see if it's
-   * <code>+1</code> or <code>-1</code>. (Euler's criterion says <i>which</i>
-   * it should be.) If <code>p == 5 (mod 8)</code>, then <code>2^((p-1)/2)</code>
-   * is <code>-1</code>, so the initial step in a strong test, looking at
-   * <code>2^((p-1)/4)</code>, is wasted --you're not going to find a
-   * <code>+/-1</code> before then if it <b>is</b> prime, and it shouldn't
-   * have either of those values if it isn't. So don't bother.</p>
-   *
-   * <p>The remaining case is <code>p == 1 (mod 8)</code>. In this case, we
-   * expect <code>2^((p-1)/2) == 1 (mod p)</code>, so we expect that the
-   * square root of this, <code>2^((p-1)/4)</code>, will be <code>+/-1 (mod p)
-   * </code>. Evaluating this saves us a modular squaring 1/4 of the time. If
-   * it's <code>-1</code>, a strong pseudoprimality test would call <code>p</code>
-   * prime as well. Only if the result is <code>+1</code>, indicating that
-   * <code>2</code> is not only a quadratic residue, but a quartic one as well,
-   * does a strong pseudoprimality test verify more things than this test does.
-   * Good enough.</p>
-   *
-   * <p>We could back that down another step, looking at <code>2^((p-1)/8)</code>
-   * if there was a cheap way to determine if <code>2</code> were expected to
-   * be a quartic residue or not. Dirichlet proved that <code>2</code> is a
-   * quadratic residue iff <code>p</code> is of the form <code>a^2 + (8*b^2)</code>.
-   * All primes <code>== 1 (mod 4)</code> can be expressed as <code>a^2 +
-   * (2*b)^2</code>, but I see no cheap way to evaluate this condition."</p>
-   *
-   * @param bn the number to test.
-   * @return <code>true</code> iff the designated number passes Euler criterion
-   * as implemented by Colin Plumb in his <i>bnlib</i> version 1.1.
-   */
-  public static boolean passEulerCriterion(final BigInteger bn)
-  {
-    BigInteger bn_minus_one = bn.subtract(ONE);
-    BigInteger e = bn_minus_one;
-    // l is the 3 least-significant bits of e
-    int l = e.and(BigInteger.valueOf(7L)).intValue();
-    int j = 1; // Where to start in prime array for strong prime tests
-    BigInteger a;
-    int k;
-
-    if (l != 0)
-      {
-        e = e.shiftRight(1);
-        a = TWO.modPow(e, bn);
-        if (l == 6) // bn == 7 mod 8, expect +1
-          {
-            if (a.bitLength() != 1)
-              {
-                debugBI("Fails Euler criterion #1", bn);
-                return false; // Not prime
-              }
-            k = 1;
-          }
-        else // bn == 3 or 5 mod 8, expect -1 == bn-1
-          {
-            a = a.add(ONE);
-            if (a.compareTo(bn) != 0)
-              {
-                debugBI("Fails Euler criterion #2", bn);
-                return false; // Not prime
-              }
-            k = 1;
-            if ((l & 4) != 0) // bn == 5 mod 8, make odd for strong tests
-              {
-                e = e.shiftRight(1);
-                k = 2;
-              }
-          }
-      }
-    else // bn == 1 mod 8, expect 2^((bn-1)/4) == +/-1 mod bn
-      {
-        e = e.shiftRight(2);
-        a = TWO.modPow(e, bn);
-        if (a.bitLength() == 1)
-          j = 0; // Re-do strong prime test to base 2
-        else
-          {
-            a = a.add(ONE);
-            if (a.compareTo(bn) != 0)
-              {
-                debugBI("Fails Euler criterion #3", bn);
-                return false; // Not prime
-              }
-          }
-        // bnMakeOdd(n) = d * 2^s. Replaces n with d and returns s.
-        k = e.getLowestSetBit();
-        e = e.shiftRight(k);
-        k += 2;
-      }
-    // It's prime!  Now go on to confirmation tests
-
-    // Now, e = (bn-1)/2^k is odd.  k >= 1, and has a given value with
-    // probability 2^-k, so its expected value is 2.  j = 1 in the usual case
-    // when the previous test was as good as a strong prime test, but 1/8 of
-    // the time, j = 0 because the strong prime test to the base 2 needs to
-    // be re-done.
-    for (int i = j; i < 7; i++) // try only the first 7 primes
-      {
-        a = SMALL_PRIME[i];
-        a = a.modPow(e, bn);
-        if (a.bitLength() == 1)
-          continue; // Passed this test
-
-        l = k;
-        while (true)
-          {
-//            a = a.add(ONE);
-//            if (a.compareTo(w) == 0) { // Was result bn-1?
-            if (a.compareTo(bn_minus_one) == 0) // Was result bn-1?
-              break; // Prime
-
-            if (--l == 0) // Reached end, not -1? luck?
-              {
-                debugBI("Fails Euler criterion #4", bn);
-                return false; // Failed, not prime
-              }
-            // This portion is executed, on average, once
-//            a = a.subtract(ONE); // Put a back where it was
-            a = a.modPow(TWO, bn);
-            if (a.bitLength() == 1)
-              {
-                debugBI("Fails Euler criterion #5", bn);
-                return false; // Failed, not prime
-              }
-          }
-        // It worked (to the base primes[i])
-      }
-    debugBI("Passes Euler criterion", bn);
-    return true;
-  }
-
-  public static boolean isProbablePrime(BigInteger w)
-  {
-    return isProbablePrime(w, DEFAULT_CERTAINTY);
-  }
-
-  /**
-   * Wrapper around {@link BigInteger#isProbablePrime(int)} with few pre-checks.
-   *
-   * @param w the integer to test.
-   * @param certainty the certainty with which to compute the test.
-   */
-  public static boolean isProbablePrime(BigInteger w, int certainty)
-  {
-    // Nonnumbers are not prime.
-    if (w == null)
-        return false;
-
-    // eliminate trivial cases when w == 0 or 1
-    if (w.equals(ZERO) || w.equals(ONE))
-        return false;
-
-    // Test if w is a known small prime.
-    for (int i = 0; i < SMALL_PRIME_COUNT; i++)
-        if (w.equals(SMALL_PRIME[i]))
-          {
-            if (DEBUG && debuglevel > 4)
-                debug(w.toString(16) + " is a small prime");
-            return true;
-          }
-
-    // Check if it's already a known prime
-    WeakReference obj = (WeakReference) knownPrimes.get(w);
-    if (obj != null && w.equals(obj.get()))
-      {
-        if (DEBUG && debuglevel > 4)
-            debug("found in known primes");
-        return true;
-      }
-
-    // trial division with first 1000 primes
-    if (hasSmallPrimeDivisor(w))
-      {
-        if (DEBUG && debuglevel > 4)
-            debug(w.toString(16) + " has a small prime divisor. Rejected...");
-        return false;
-      }
-
-//     Euler's criterion.
-//           if (passEulerCriterion(w)) {
-//              if (DEBUG && debuglevel > 4) {
-//                 debug(w.toString(16)+" passes Euler's criterion...");
-//              }
-//           } else {
-//              if (DEBUG && debuglevel > 4) {
-//                 debug(w.toString(16)+" fails Euler's criterion. Rejected...");
-//              }
-//              return false;
-//           }
-//
-//    if (DEBUG && debuglevel > 4)
-//      {
-//        debug(w.toString(16) + " is probable prime. Accepted...");
-//      }
-
-    boolean result = w.isProbablePrime(certainty);
-    if (result && certainty > 0) // store it in the known primes weak hash-map
-      knownPrimes.put(w, new WeakReference(w));
-
-    return result;
-  }
-
-  // helper methods -----------------------------------------------------------
-
-  private static final void debugBI(String msg, BigInteger bn)
-  {
-    if (DEBUG && debuglevel > 4)
-      debug("*** " + msg + ": 0x" + bn.toString(16));
-  }
-}
diff --git a/libjava/classpath/gnu/java/security/util/Sequence.java b/libjava/classpath/gnu/java/security/util/Sequence.java
index 5edc7942ef9..5e3a64eaf3e 100644
--- a/libjava/classpath/gnu/java/security/util/Sequence.java
+++ b/libjava/classpath/gnu/java/security/util/Sequence.java
@@ -44,24 +44,18 @@ import java.util.LinkedList;
 /**
  * A monotonic sequence of integers in the finite field 2<sup>32</sup>.
  */
-public final class Sequence extends AbstractList
+public final class Sequence
+    extends AbstractList
 {
-
-  // Field.
-  // ------------------------------------------------------------------------
-
   private final Integer[] sequence;
 
-  // Constructor.
-  // ------------------------------------------------------------------------
-
   /**
-   * Create a sequence of integers from 0 to <i>end</i>, with an increment
-   * of 1. If <i>end</i> is less than 0, then the sequence will wrap around
-   * through all positive integers then negative integers until the end
-   * value is reached. Naturally, this will result in an enormous object,
-   * so don't do this.
-   *
+   * Create a sequence of integers from 0 to <i>end</i>, with an increment of
+   * 1. If <i>end</i> is less than 0, then the sequence will wrap around
+   * through all positive integers then negative integers until the end value is
+   * reached. Naturally, this will result in an enormous object, so don't do
+   * this.
+   * 
    * @param end The ending value.
    */
   public Sequence(int end)
@@ -71,10 +65,10 @@ public final class Sequence extends AbstractList
 
   /**
    * Create a sequence of integers from <i>start</i> to <i>end</i>, with an
-   * increment of 1. If <i>end</i> is less than <i>start</i>, then the sequence
-   * will wrap around until the end value is reached. Naturally, this will
-   * result in an enormous object, so don't do this.
-   *
+   * increment of 1. If <i>end</i> is less than <i>start</i>, then the
+   * sequence will wrap around until the end value is reached. Naturally, this
+   * will result in an enormous object, so don't do this.
+   * 
    * @param start The starting value.
    * @param end The ending value.
    */
@@ -88,13 +82,13 @@ public final class Sequence extends AbstractList
    * increment of <i>span</i>. If <i>end</i> is less than <i>start</i>, then
    * the sequence will wrap around until the end value is reached. Naturally,
    * this will result in an enormous object, so don't do this.
-   *
-   * <p><i>span</i> can be negative, resulting in a decresing sequence.
-   *
-   * <p>If <i>span</i> is 0, then the sequence will contain {<i>start</i>,
+   * <p>
+   * <i>span</i> can be negative, resulting in a decresing sequence.
+   * <p>
+   * If <i>span</i> is 0, then the sequence will contain {<i>start</i>,
    * <i>end</i>} if <i>start</i> != <i>end</i>, or just the singleton
    * <i>start</i> if <i>start</i> == <i>end</i>.
-   *
+   * 
    * @param start The starting value.
    * @param end The ending value.
    * @param span The increment value.
@@ -104,36 +98,26 @@ public final class Sequence extends AbstractList
     if (span == 0)
       {
         if (start != end)
-          {
-            sequence = new Integer[] { new Integer(start), new Integer(end) };
-          }
+          sequence = new Integer[] { Integer.valueOf(start),
+                                     Integer.valueOf(end) };
         else
-          {
-            sequence = new Integer[] { new Integer(start) };
-          }
+          sequence = new Integer[] { Integer.valueOf(start) };
       }
     else
       {
         LinkedList l = new LinkedList();
         for (int i = start; i != end; i += span)
-          {
-            l.add(new Integer(i));
-          }
-        l.add(new Integer(end));
+          l.add(Integer.valueOf(i));
+
+        l.add(Integer.valueOf(end));
         sequence = (Integer[]) l.toArray(new Integer[l.size()]);
       }
   }
 
-  // Instance methods.
-  // ------------------------------------------------------------------------
-
   public Object get(int index)
   {
     if (index < 0 || index >= size())
-      {
-        throw new IndexOutOfBoundsException("index=" + index + ", size="
-                                            + size());
-      }
+      throw new IndexOutOfBoundsException("index=" + index + ", size=" + size());
     return sequence[index];
   }
 
diff --git a/libjava/classpath/gnu/java/security/util/SimpleList.java b/libjava/classpath/gnu/java/security/util/SimpleList.java
index b2525c4b8e2..74f3bafcead 100644
--- a/libjava/classpath/gnu/java/security/util/SimpleList.java
+++ b/libjava/classpath/gnu/java/security/util/SimpleList.java
@@ -43,25 +43,19 @@ import java.util.Collection;
 import java.util.Iterator;
 
 /**
- * A simple way to create immutable n-tuples. This class can be created with
- * up to four elements specified via one of the constructors, or with a
- * collection of arbitrary size.
+ * A simple way to create immutable n-tuples. This class can be created with up
+ * to four elements specified via one of the constructors, or with a collection
+ * of arbitrary size.
  */
-public final class SimpleList extends AbstractList
+public final class SimpleList
+    extends AbstractList
 {
-
-  // Fields.
-  // ------------------------------------------------------------------------
-
   private final Object[] elements;
 
-  // Constructors.
-  // ------------------------------------------------------------------------
-
   /**
    * Create a singleton list.
-   *
-   * @param e1 The first element.
+   * 
+   * @param element The first element.
    */
   public SimpleList(final Object element)
   {
@@ -71,7 +65,7 @@ public final class SimpleList extends AbstractList
 
   /**
    * Create an ordered pair (2-tuple).
-   *
+   * 
    * @param e1 The first element.
    * @param e2 The second element.
    */
@@ -84,7 +78,7 @@ public final class SimpleList extends AbstractList
 
   /**
    * Create a 3-tuple.
-   *
+   * 
    * @param e1 The first element.
    * @param e2 The second element.
    * @param e3 The third element.
@@ -99,7 +93,7 @@ public final class SimpleList extends AbstractList
 
   /**
    * Create a 4-tuple.
-   *
+   * 
    * @param e1 The first element.
    * @param e2 The second element.
    * @param e3 The third element.
@@ -124,10 +118,10 @@ public final class SimpleList extends AbstractList
   }
 
   /**
-   * Create an n-tuple of arbitrary size. Even if the supplied collection has
-   * no natural order, the created n-tuple will have the order that the
-   * elements are returned by the collection's iterator.
-   *
+   * Create an n-tuple of arbitrary size. Even if the supplied collection has no
+   * natural order, the created n-tuple will have the order that the elements
+   * are returned by the collection's iterator.
+   * 
    * @param c The collection.
    */
   public SimpleList(Collection c)
@@ -135,14 +129,9 @@ public final class SimpleList extends AbstractList
     elements = new Object[c.size()];
     int i = 0;
     for (Iterator it = c.iterator(); it.hasNext() && i < elements.length;)
-      {
-        elements[i++] = it.next();
-      }
+      elements[i++] = it.next();
   }
 
-  // Instance methods.
-  // ------------------------------------------------------------------------
-
   public int size()
   {
     if (elements == null)
@@ -153,14 +142,9 @@ public final class SimpleList extends AbstractList
   public Object get(int index)
   {
     if (elements == null)
-      {
-        throw new IndexOutOfBoundsException("list is empty");
-      }
+      throw new IndexOutOfBoundsException("list is empty");
     if (index < 0 || index >= elements.length)
-      {
-        throw new IndexOutOfBoundsException("index=" + index + ", size="
-                                            + size());
-      }
+      throw new IndexOutOfBoundsException("index=" + index + ", size=" + size());
     return elements[index];
   }
 
diff --git a/libjava/classpath/gnu/java/security/util/Util.java b/libjava/classpath/gnu/java/security/util/Util.java
index f39afb93159..c7a6810fba3 100644
--- a/libjava/classpath/gnu/java/security/util/Util.java
+++ b/libjava/classpath/gnu/java/security/util/Util.java
@@ -41,47 +41,37 @@ package gnu.java.security.util;
 import java.math.BigInteger;
 
 /**
- * <p>A collection of utility methods used throughout this project.</p>
+ * A collection of utility methods used throughout this project.
  */
 public class Util
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   // Hex charset
   private static final char[] HEX_DIGITS = "0123456789ABCDEF".toCharArray();
 
   // Base-64 charset
-  private static final String BASE64_CHARS = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz./";
+  private static final String BASE64_CHARS =
+      "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz./";
 
   private static final char[] BASE64_CHARSET = BASE64_CHARS.toCharArray();
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial constructor to enforce Singleton pattern. */
   private Util()
   {
     super();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns a string of hexadecimal digits from a byte array. Each byte is
-   * converted to 2 hex symbols; zero(es) included.</p>
-   *
-   * <p>This method calls the method with same name and three arguments as:</p>
-   *
+   * Returns a string of hexadecimal digits from a byte array. Each byte is
+   * converted to 2 hex symbols; zero(es) included.
+   * <p>
+   * This method calls the method with same name and three arguments as:
    * <pre>
-   *    toString(ba, 0, ba.length);
+   * toString(ba, 0, ba.length);
    * </pre>
-   *
+   * 
    * @param ba the byte array to convert.
-   * @return a string of hexadecimal characters (two for each byte)
-   * representing the designated input byte array.
+   * @return a string of hexadecimal characters (two for each byte) representing
+   *         the designated input byte array.
    */
   public static String toString(byte[] ba)
   {
@@ -89,17 +79,17 @@ public class Util
   }
 
   /**
-   * <p>Returns a string of hexadecimal digits from a byte array, starting at
-   * <code>offset</code> and consisting of <code>length</code> bytes. Each byte
-   * is converted to 2 hex symbols; zero(es) included.</p>
-   *
+   * Returns a string of hexadecimal digits from a byte array, starting at
+   * <code>offset</code> and consisting of <code>length</code> bytes. Each
+   * byte is converted to 2 hex symbols; zero(es) included.
+   * 
    * @param ba the byte array to convert.
    * @param offset the index from which to start considering the bytes to
-   * convert.
+   *          convert.
    * @param length the count of bytes, starting from the designated offset to
-   * convert.
-   * @return a string of hexadecimal characters (two for each byte)
-   * representing the designated input byte sub-array.
+   *          convert.
+   * @return a string of hexadecimal characters (two for each byte) representing
+   *         the designated input byte sub-array.
    */
   public static final String toString(byte[] ba, int offset, int length)
   {
@@ -108,26 +98,24 @@ public class Util
       {
         k = ba[offset + i++];
         buf[j++] = HEX_DIGITS[(k >>> 4) & 0x0F];
-        buf[j++] = HEX_DIGITS[k & 0x0F];
+        buf[j++] = HEX_DIGITS[ k        & 0x0F];
       }
     return new String(buf);
   }
 
   /**
-   * <p>Returns a string of hexadecimal digits from a byte array. Each byte is
-   * converted to 2 hex symbols; zero(es) included. The argument is
-   * treated as a large little-endian integer and is returned as a
-   * large big-endian integer.</p>
-   *
-   * <p>This method calls the method with same name and three arguments as:</p>
-   *
+   * Returns a string of hexadecimal digits from a byte array. Each byte is
+   * converted to 2 hex symbols; zero(es) included. The argument is treated as a
+   * large little-endian integer and is returned as a large big-endian integer.
+   * <p>
+   * This method calls the method with same name and three arguments as:
    * <pre>
-   *    toReversedString(ba, 0, ba.length);
+   * toReversedString(ba, 0, ba.length);
    * </pre>
-   *
+   * 
    * @param ba the byte array to convert.
-   * @return a string of hexadecimal characters (two for each byte)
-   * representing the designated input byte array.
+   * @return a string of hexadecimal characters (two for each byte) representing
+   *         the designated input byte array.
    */
   public static String toReversedString(byte[] ba)
   {
@@ -135,20 +123,20 @@ public class Util
   }
 
   /**
-   * <p>Returns a string of hexadecimal digits from a byte array, starting at
-   * <code>offset</code> and consisting of <code>length</code> bytes. Each byte
-   * is converted to 2 hex symbols; zero(es) included.</p>
-   *
-   * <p>The byte array is treated as a large little-endian integer, and
-   * is returned as a large big-endian integer.</p>
-   *
+   * Returns a string of hexadecimal digits from a byte array, starting at
+   * <code>offset</code> and consisting of <code>length</code> bytes. Each
+   * byte is converted to 2 hex symbols; zero(es) included.
+   * <p>
+   * The byte array is treated as a large little-endian integer, and is returned
+   * as a large big-endian integer.
+   * 
    * @param ba the byte array to convert.
    * @param offset the index from which to start considering the bytes to
-   * convert.
+   *          convert.
    * @param length the count of bytes, starting from the designated offset to
-   * convert.
-   * @return a string of hexadecimal characters (two for each byte)
-   * representing the designated input byte sub-array.
+   *          convert.
+   * @return a string of hexadecimal characters (two for each byte) representing
+   *         the designated input byte sub-array.
    */
   public static final String toReversedString(byte[] ba, int offset, int length)
   {
@@ -157,14 +145,16 @@ public class Util
       {
         k = ba[offset + i--];
         buf[j++] = HEX_DIGITS[(k >>> 4) & 0x0F];
-        buf[j++] = HEX_DIGITS[k & 0x0F];
+        buf[j++] = HEX_DIGITS[ k        & 0x0F];
       }
     return new String(buf);
   }
 
   /**
-   * <p>Returns a byte array from a string of hexadecimal digits.</p>
-   *
+   * <p>
+   * Returns a byte array from a string of hexadecimal digits.
+   * </p>
+   * 
    * @param s a string of hexadecimal ASCII characters
    * @return the decoded byte array from the input hexadecimal string.
    */
@@ -174,22 +164,20 @@ public class Util
     byte[] result = new byte[((limit + 1) / 2)];
     int i = 0, j = 0;
     if ((limit % 2) == 1)
-      {
-        result[j++] = (byte) fromDigit(s.charAt(i++));
-      }
+      result[j++] = (byte) fromDigit(s.charAt(i++));
     while (i < limit)
       {
-        result[j] = (byte) (fromDigit(s.charAt(i++)) << 4);
+        result[j  ] = (byte) (fromDigit(s.charAt(i++)) << 4);
         result[j++] |= (byte) fromDigit(s.charAt(i++));
       }
     return result;
   }
 
   /**
-   * <p>Returns a byte array from a string of hexadecimal digits, interpreting
-   * them as a large big-endian integer and returning it as a large
-   * little-endian integer.</p>
-   *
+   * Returns a byte array from a string of hexadecimal digits, interpreting them
+   * as a large big-endian integer and returning it as a large little-endian
+   * integer.
+   * 
    * @param s a string of hexadecimal ASCII characters
    * @return the decoded byte array from the input hexadecimal string.
    */
@@ -199,45 +187,37 @@ public class Util
     byte[] result = new byte[((limit + 1) / 2)];
     int i = 0;
     if ((limit % 2) == 1)
-      {
-        result[i++] = (byte) fromDigit(s.charAt(--limit));
-      }
+      result[i++] = (byte) fromDigit(s.charAt(--limit));
     while (limit > 0)
       {
-        result[i] = (byte) fromDigit(s.charAt(--limit));
+        result[i  ] = (byte) fromDigit(s.charAt(--limit));
         result[i++] |= (byte) (fromDigit(s.charAt(--limit)) << 4);
       }
     return result;
   }
 
   /**
-   * <p>Returns a number from <code>0</code> to <code>15</code> corresponding
-   * to the designated hexadecimal digit.</p>
-   *
+   * Returns a number from <code>0</code> to <code>15</code> corresponding
+   * to the designated hexadecimal digit.
+   * 
    * @param c a hexadecimal ASCII symbol.
    */
   public static int fromDigit(char c)
   {
     if (c >= '0' && c <= '9')
-      {
-        return c - '0';
-      }
+      return c - '0';
     else if (c >= 'A' && c <= 'F')
-      {
-        return c - 'A' + 10;
-      }
+      return c - 'A' + 10;
     else if (c >= 'a' && c <= 'f')
-      {
-        return c - 'a' + 10;
-      }
+      return c - 'a' + 10;
     else
       throw new IllegalArgumentException("Invalid hexadecimal digit: " + c);
   }
 
   /**
-   * <p>Returns a string of 8 hexadecimal digits (most significant digit first)
-   * corresponding to the unsigned integer <code>n</code>.</p>
-   *
+   * Returns a string of 8 hexadecimal digits (most significant digit first)
+   * corresponding to the unsigned integer <code>n</code>.
+   * 
    * @param n the unsigned integer to convert.
    * @return a hexadecimal string 8-character long.
    */
@@ -253,8 +233,8 @@ public class Util
   }
 
   /**
-   * <p>Returns a string of hexadecimal digits from an integer array. Each int
-   * is converted to 4 hex symbols.</p>
+   * Returns a string of hexadecimal digits from an integer array. Each int is
+   * converted to 4 hex symbols.
    */
   public static String toString(int[] ia)
   {
@@ -268,17 +248,17 @@ public class Util
         buf[j++] = HEX_DIGITS[(k >>> 20) & 0x0F];
         buf[j++] = HEX_DIGITS[(k >>> 16) & 0x0F];
         buf[j++] = HEX_DIGITS[(k >>> 12) & 0x0F];
-        buf[j++] = HEX_DIGITS[(k >>> 8) & 0x0F];
-        buf[j++] = HEX_DIGITS[(k >>> 4) & 0x0F];
-        buf[j++] = HEX_DIGITS[k & 0x0F];
+        buf[j++] = HEX_DIGITS[(k >>>  8) & 0x0F];
+        buf[j++] = HEX_DIGITS[(k >>>  4) & 0x0F];
+        buf[j++] = HEX_DIGITS[ k         & 0x0F];
       }
     return new String(buf);
   }
 
   /**
-   * <p>Returns a string of 16 hexadecimal digits (most significant digit first)
-   * corresponding to the unsigned long <code>n</code>.</p>
-   *
+   * Returns a string of 16 hexadecimal digits (most significant digit first)
+   * corresponding to the unsigned long <code>n</code>.
+   * 
    * @param n the unsigned long to convert.
    * @return a hexadecimal string 16-character long.
    */
@@ -287,18 +267,18 @@ public class Util
     char[] b = new char[16];
     for (int i = 15; i >= 0; i--)
       {
-        b[i] = HEX_DIGITS[(int) (n & 0x0FL)];
+        b[i] = HEX_DIGITS[(int)(n & 0x0FL)];
         n >>>= 4;
       }
     return new String(b);
   }
 
   /**
-   * <p>Similar to the <code>toString()</code> method except that the Unicode
+   * Similar to the <code>toString()</code> method except that the Unicode
    * escape character is inserted before every pair of bytes. Useful to
    * externalise byte arrays that will be constructed later from such strings;
-   * eg. s-box values.</p>
-   *
+   * eg. s-box values.
+   * 
    * @throws ArrayIndexOutOfBoundsException if the length is odd.
    */
   public static String toUnicodeString(byte[] ba)
@@ -307,11 +287,11 @@ public class Util
   }
 
   /**
-   * <p>Similar to the <code>toString()</code> method except that the Unicode
+   * Similar to the <code>toString()</code> method except that the Unicode
    * escape character is inserted before every pair of bytes. Useful to
    * externalise byte arrays that will be constructed later from such strings;
-   * eg. s-box values.</p>
-   *
+   * eg. s-box values.
+   * 
    * @throws ArrayIndexOutOfBoundsException if the length is odd.
    */
   public static final String toUnicodeString(byte[] ba, int offset, int length)
@@ -324,31 +304,27 @@ public class Util
     while (i < length)
       {
         sb.append("\\u");
-
         k = ba[offset + i++];
         sb.append(HEX_DIGITS[(k >>> 4) & 0x0F]);
-        sb.append(HEX_DIGITS[k & 0x0F]);
-
+        sb.append(HEX_DIGITS[ k        & 0x0F]);
         k = ba[offset + i++];
         sb.append(HEX_DIGITS[(k >>> 4) & 0x0F]);
-        sb.append(HEX_DIGITS[k & 0x0F]);
-
+        sb.append(HEX_DIGITS[ k        & 0x0F]);
         if ((++j % 8) == 0)
-          {
-            sb.append("\"+").append('\n').append("\"");
-          }
+          sb.append("\"+").append('\n').append("\"");
       }
     sb.append("\"").append('\n');
     return sb.toString();
   }
 
   /**
-   * <p>Similar to the <code>toString()</code> method except that the Unicode
+   * Similar to the <code>toString()</code> method except that the Unicode
    * escape character is inserted before every pair of bytes. Useful to
    * externalise integer arrays that will be constructed later from such
-   * strings; eg. s-box values.</p>
-   *
-   * @throws ArrayIndexOutOfBoundsException if the length is not a multiple of 4.
+   * strings; eg. s-box values.
+   * 
+   * @throws ArrayIndexOutOfBoundsException if the length is not a multiple of
+   *           4.
    */
   public static String toUnicodeString(int[] ia)
   {
@@ -367,14 +343,11 @@ public class Util
         sb.append(HEX_DIGITS[(k >>> 16) & 0x0F]);
         sb.append("\\u");
         sb.append(HEX_DIGITS[(k >>> 12) & 0x0F]);
-        sb.append(HEX_DIGITS[(k >>> 8) & 0x0F]);
-        sb.append(HEX_DIGITS[(k >>> 4) & 0x0F]);
-        sb.append(HEX_DIGITS[k & 0x0F]);
-
+        sb.append(HEX_DIGITS[(k >>>  8) & 0x0F]);
+        sb.append(HEX_DIGITS[(k >>>  4) & 0x0F]);
+        sb.append(HEX_DIGITS[ k         & 0x0F]);
         if ((++j % 4) == 0)
-          {
-            sb.append("\"+").append('\n').append("\"");
-          }
+          sb.append("\"+").append('\n').append("\"");
       }
     sb.append("\"").append('\n');
     return sb.toString();
@@ -388,20 +361,20 @@ public class Util
     for (int i = 0; i < limit; i++)
       {
         c = s.charAt(i >>> 1);
-        result[i] = (byte) (((i & 1) == 0) ? c >>> 8 : c);
+        result[i] = (byte)(((i & 1) == 0) ? c >>> 8 : c);
       }
     return result;
   }
 
   /**
-   * <p>Dumps a byte array as a string, in a format that is easy to read for
+   * Dumps a byte array as a string, in a format that is easy to read for
    * debugging. The string <code>m</code> is prepended to the start of each
-   * line.</p>
-   *
-   * <p>If <code>offset</code> and <code>length</code> are omitted, the whole
+   * line.
+   * <p>
+   * If <code>offset</code> and <code>length</code> are omitted, the whole
    * array is used. If <code>m</code> is omitted, nothing is prepended to each
-   * line.</p>
-   *
+   * line.
+   * 
    * @param data the byte array to be dumped.
    * @param offset the offset within <i>data</i> to start from.
    * @param length the number of bytes to dump.
@@ -411,23 +384,17 @@ public class Util
   public static String dumpString(byte[] data, int offset, int length, String m)
   {
     if (data == null)
-      {
-        return m + "null\n";
-      }
+      return m + "null\n";
     StringBuffer sb = new StringBuffer(length * 3);
     if (length > 32)
-      {
-        sb.append(m).append("Hexadecimal dump of ").append(length).append(
-                                                                          " bytes...\n");
-      }
+      sb.append(m).append("Hexadecimal dump of ")
+          .append(length).append(" bytes...\n");
     // each line will list 32 bytes in 4 groups of 8 each
     int end = offset + length;
     String s;
     int l = Integer.toString(length).length();
     if (l < 4)
-      {
-        l = 4;
-      }
+      l = 4;
     for (; offset < end; offset += 32)
       {
         if (length > 32)
@@ -437,16 +404,10 @@ public class Util
           }
         int i = 0;
         for (; i < 32 && offset + i + 7 < end; i += 8)
-          {
-            sb.append(toString(data, offset + i, 8)).append(' ');
-          }
+          sb.append(toString(data, offset + i, 8)).append(' ');
         if (i < 32)
-          {
-            for (; i < 32 && offset + i < end; i++)
-              {
-                sb.append(byteToString(data[offset + i]));
-              }
-          }
+          for (; i < 32 && offset + i < end; i++)
+            sb.append(byteToString(data[offset + i]));
         sb.append('\n');
       }
     return sb.toString();
@@ -468,9 +429,9 @@ public class Util
   }
 
   /**
-   * <p>Returns a string of 2 hexadecimal digits (most significant digit first)
-   * corresponding to the lowest 8 bits of <code>n</code>.</p>
-   *
+   * Returns a string of 2 hexadecimal digits (most significant digit first)
+   * corresponding to the lowest 8 bits of <code>n</code>.
+   * 
    * @param n the byte value to convert.
    * @return a string of 2 hex characters representing the input.
    */
@@ -481,15 +442,15 @@ public class Util
   }
 
   /**
-   * <p>Converts a designated byte array to a Base-64 representation, with the
+   * Converts a designated byte array to a Base-64 representation, with the
    * exceptions that (a) leading 0-byte(s) are ignored, and (b) the character
-   * '.' (dot) shall be used instead of "+' (plus).</p>
-   *
-   * <p>Used by SASL password file manipulation primitives.</p>
-   *
+   * '.' (dot) shall be used instead of "+' (plus).
+   * <p>
+   * Used by SASL password file manipulation primitives.
+   * 
    * @param buffer an arbitrary sequence of bytes to represent in Base-64.
    * @return unpadded (without the '=' character(s)) Base-64 representation of
-   * the input.
+   *         the input.
    */
   public static final String toBase64(byte[] buffer)
   {
@@ -535,9 +496,7 @@ public class Util
             notleading = true;
           }
         if (pos >= len)
-          {
-            break;
-          }
+          break;
         else
           {
             try
@@ -555,44 +514,38 @@ public class Util
     while (true);
 
     if (notleading)
-      {
-        return sb.toString();
-      }
+      return sb.toString();
     return "0";
   }
 
   /**
-   * <p>The inverse function of the above.</p>
-   *
-   * <p>Converts a string representing the encoding of some bytes in Base-64
-   * to their original form.</p>
-   *
+   * The inverse function of the above.
+   * <p>
+   * Converts a string representing the encoding of some bytes in Base-64 to
+   * their original form.
+   * 
    * @param str the Base-64 encoded representation of some byte(s).
    * @return the bytes represented by the <code>str</code>.
-   * @throws NumberFormatException if <code>str</code> is <code>null</code>, or
-   * <code>str</code> contains an illegal Base-64 character.
+   * @throws NumberFormatException if <code>str</code> is <code>null</code>,
+   *           or <code>str</code> contains an illegal Base-64 character.
    * @see #toBase64(byte[])
    */
   public static final byte[] fromBase64(String str)
   {
     int len = str.length();
     if (len == 0)
-      {
-        throw new NumberFormatException("Empty string");
-      }
+      throw new NumberFormatException("Empty string");
     byte[] a = new byte[len + 1];
     int i, j;
     for (i = 0; i < len; i++)
-      {
-        try
-          {
-            a[i] = (byte) BASE64_CHARS.indexOf(str.charAt(i));
-          }
-        catch (ArrayIndexOutOfBoundsException x)
-          {
-            throw new NumberFormatException("Illegal character at #" + i);
-          }
-      }
+      try
+        {
+          a[i] = (byte) BASE64_CHARS.indexOf(str.charAt(i));
+        }
+      catch (ArrayIndexOutOfBoundsException x)
+        {
+          throw new NumberFormatException("Illegal character at #" + i);
+        }
     i = len - 1;
     j = len;
     try
@@ -601,42 +554,31 @@ public class Util
           {
             a[j] = a[i];
             if (--i < 0)
-              {
-                break;
-              }
+              break;
             a[j] |= (a[i] & 0x03) << 6;
             j--;
-            a[j] = (byte) ((a[i] & 0x3C) >>> 2);
+            a[j] = (byte)((a[i] & 0x3C) >>> 2);
             if (--i < 0)
-              {
-                break;
-              }
+              break;
             a[j] |= (a[i] & 0x0F) << 4;
             j--;
-            a[j] = (byte) ((a[i] & 0x30) >>> 4);
+            a[j] = (byte)((a[i] & 0x30) >>> 4);
             if (--i < 0)
-              {
-                break;
-              }
+              break;
             a[j] |= (a[i] << 2);
             j--;
             a[j] = 0;
             if (--i < 0)
-              {
-                break;
-              }
+              break;
           }
       }
     catch (Exception ignored)
       {
       }
-
     try
       { // ignore leading 0-bytes
         while (a[j] == 0)
-          {
-            j++;
-          }
+          j++;
       }
     catch (Exception x)
       {
@@ -650,36 +592,31 @@ public class Util
   // BigInteger utilities ----------------------------------------------------
 
   /**
-   * <p>Treats the input as the MSB representation of a number, and discards
+   * Treats the input as the MSB representation of a number, and discards
    * leading zero elements. For efficiency, the input is simply returned if no
-   * leading zeroes are found.</p>
-   *
+   * leading zeroes are found.
+   * 
    * @param n the {@link BigInteger} to trim.
    * @return the byte array representation of the designated {@link BigInteger}
-   * with no leading 0-bytes.
+   *         with no leading 0-bytes.
    */
   public static final byte[] trim(BigInteger n)
   {
     byte[] in = n.toByteArray();
     if (in.length == 0 || in[0] != 0)
-      {
-        return in;
-      }
+      return in;
     int len = in.length;
     int i = 1;
     while (in[i] == 0 && i < len)
-      {
-        ++i;
-      }
+      ++i;
     byte[] result = new byte[len - i];
     System.arraycopy(in, i, result, 0, len - i);
     return result;
   }
 
   /**
-   * <p>Returns a hexadecimal dump of the trimmed bytes of a {@link BigInteger}.
-   * </p>
-   *
+   * Returns a hexadecimal dump of the trimmed bytes of a {@link BigInteger}.
+   * 
    * @param x the {@link BigInteger} to display.
    * @return the string representation of the designated {@link BigInteger}.
    */
diff --git a/libjava/classpath/gnu/java/security/x509/Util.java b/libjava/classpath/gnu/java/security/x509/Util.java
index d27392026f8..1bd268a51e2 100644
--- a/libjava/classpath/gnu/java/security/x509/Util.java
+++ b/libjava/classpath/gnu/java/security/x509/Util.java
@@ -1,5 +1,5 @@
 /* Util.java -- Miscellaneous utility methods.
-   Copyright (C) 2004  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -155,7 +155,7 @@ public final class Util
   }
 
   /**
-   * See {@link #hexDump(byte[],int,int)}.
+   * See {@link #hexDump(byte[],int,int,String)}.
    */
   public static String hexDump(byte[] buf, String prefix)
   {
diff --git a/libjava/classpath/gnu/java/security/x509/X509CRL.java b/libjava/classpath/gnu/java/security/x509/X509CRL.java
index 5b2d3b14130..7c471c97284 100644
--- a/libjava/classpath/gnu/java/security/x509/X509CRL.java
+++ b/libjava/classpath/gnu/java/security/x509/X509CRL.java
@@ -38,6 +38,7 @@ exception statement from your version. */
 
 package gnu.java.security.x509;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.OID;
 import gnu.java.security.der.BitString;
 import gnu.java.security.der.DER;
@@ -64,6 +65,7 @@ import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Iterator;
 import java.util.Set;
+import java.util.logging.Logger;
 
 import javax.security.auth.x500.X500Principal;
 
@@ -75,20 +77,7 @@ import javax.security.auth.x500.X500Principal;
 public class X509CRL extends java.security.cert.X509CRL
   implements GnuPKIExtension
 {
-
-  // Constants and fields.
-  // ------------------------------------------------------------------------
-
-  private static final boolean DEBUG = false;
-  private static void debug(String msg)
-  {
-    if (DEBUG)
-      {
-        System.err.print(">> X509CRL: ");
-        System.err.println(msg);
-      }
-  }
-
+  private static final Logger log = Logger.getLogger(X509CRL.class.getName());
   private static final OID ID_DSA = new OID("1.2.840.10040.4.1");
   private static final OID ID_DSA_WITH_SHA1 = new OID("1.2.840.10040.4.3");
   private static final OID ID_RSA = new OID("1.2.840.113549.1.1.1");
@@ -350,7 +339,8 @@ public class X509CRL extends java.security.cert.X509CRL
     // CertificateList ::= SEQUENCE {
     DERReader der = new DERReader(in);
     DERValue val = der.read();
-    debug("start CertificateList len == " + val.getLength());
+    if (Configuration.DEBUG)
+      log.fine("start CertificateList len == " + val.getLength());
     if (!val.isConstructed())
       throw new IOException("malformed CertificateList");
     encoded = val.getEncoded();
@@ -359,7 +349,8 @@ public class X509CRL extends java.security.cert.X509CRL
     val = der.read();
     if (!val.isConstructed())
       throw new IOException("malformed TBSCertList");
-    debug("start tbsCertList  len == " + val.getLength());
+    if (Configuration.DEBUG)
+      log.fine("start tbsCertList  len == " + val.getLength());
     tbsCRLBytes = val.getEncoded();
 
     //     version    Version OPTIONAL,
@@ -372,19 +363,23 @@ public class X509CRL extends java.security.cert.X509CRL
       }
     else
       version = 1;
-    debug("read version == " + version);
+    if (Configuration.DEBUG)
+      log.fine("read version == " + version);
 
     //     signature   AlgorithmIdentifier,
-    debug("start AlgorithmIdentifier len == " + val.getLength());
+    if (Configuration.DEBUG)
+      log.fine("start AlgorithmIdentifier len == " + val.getLength());
     if (!val.isConstructed())
       throw new IOException("malformed AlgorithmIdentifier");
     DERValue algIdVal = der.read();
     algId = (OID) algIdVal.getValue();
-    debug("read object identifier == " + algId);
+    if (Configuration.DEBUG)
+      log.fine("read object identifier == " + algId);
     if (val.getLength() > algIdVal.getEncodedLength())
       {
         val = der.read();
-        debug("read parameters  len == " + val.getEncodedLength());
+        if (Configuration.DEBUG)
+          log.fine("read parameters  len == " + val.getEncodedLength());
         algParams = val.getEncoded();
         if (val.isConstructed())
           in.skip(val.getLength());
@@ -394,18 +389,21 @@ public class X509CRL extends java.security.cert.X509CRL
     val = der.read();
     issuerDN = new X500DistinguishedName(val.getEncoded());
     der.skip(val.getLength());
-    debug("read issuer == " + issuerDN);
+    if (Configuration.DEBUG)
+      log.fine("read issuer == " + issuerDN);
 
     //     thisUpdate   Time,
     thisUpdate = (Date) der.read().getValue();
-    debug("read thisUpdate == " + thisUpdate);
+    if (Configuration.DEBUG)
+      log.fine("read thisUpdate == " + thisUpdate);
 
     //     nextUpdate   Time OPTIONAL,
     val = der.read();
     if (val.getValue() instanceof Date)
       {
         nextUpdate = (Date) val.getValue();
-        debug("read nextUpdate == " + nextUpdate);
+        if (Configuration.DEBUG)
+          log.fine("read nextUpdate == " + nextUpdate);
         val = der.read();
       }
 
@@ -433,7 +431,8 @@ public class X509CRL extends java.security.cert.X509CRL
         DERValue exts = der.read();
         if (!exts.isConstructed())
           throw new IOException("malformed Extensions");
-        debug("start Extensions  len == " + exts.getLength());
+        if (Configuration.DEBUG)
+          log.fine("start Extensions  len == " + exts.getLength());
         int len = 0;
         while (len < exts.getLength())
           {
@@ -444,32 +443,42 @@ public class X509CRL extends java.security.cert.X509CRL
             extensions.put(e.getOid(), e);
             der.skip(ext.getLength());
             len += ext.getEncodedLength();
-            debug("current count == " + len);
+            if (Configuration.DEBUG)
+              log.fine("current count == " + len);
           }
         val = der.read();
       }
 
-    debug("read tag == " + val.getTag());
+    if (Configuration.DEBUG)
+      log.fine("read tag == " + val.getTag());
     if (!val.isConstructed())
       throw new IOException("malformed AlgorithmIdentifier");
-    debug("start AlgorithmIdentifier  len == " + val.getLength());
+    if (Configuration.DEBUG)
+      log.fine("start AlgorithmIdentifier  len == " + val.getLength());
     DERValue sigAlgVal = der.read();
-    debug("read tag == " + sigAlgVal.getTag());
+    if (Configuration.DEBUG)
+      log.fine("read tag == " + sigAlgVal.getTag());
     if (sigAlgVal.getTag() != DER.OBJECT_IDENTIFIER)
       throw new IOException("malformed AlgorithmIdentifier");
     sigAlg = (OID) sigAlgVal.getValue();
-    debug("signature id == " + sigAlg);
-    debug("sigAlgVal length == " + sigAlgVal.getEncodedLength());
+    if (Configuration.DEBUG)
+      {
+        log.fine("signature id == " + sigAlg);
+        log.fine("sigAlgVal length == " + sigAlgVal.getEncodedLength());
+      }
     if (val.getLength() > sigAlgVal.getEncodedLength())
       {
         val = der.read();
-        debug("sig params tag = " + val.getTag() + " len == " + val.getEncodedLength());
+        if (Configuration.DEBUG)
+          log.fine("sig params tag = " + val.getTag() + " len == "
+                   + val.getEncodedLength());
         sigAlgParams = (byte[]) val.getEncoded();
         if (val.isConstructed())
           in.skip(val.getLength());
       }
     val = der.read();
-    debug("read tag = " + val.getTag());
+    if (Configuration.DEBUG)
+      log.fine("read tag = " + val.getTag());
     rawSig = val.getEncoded();
     signature = ((BitString) val.getValue()).toByteArray();
   }
diff --git a/libjava/classpath/gnu/java/security/x509/X509CRLEntry.java b/libjava/classpath/gnu/java/security/x509/X509CRLEntry.java
index a3bcfdea823..26b40363c35 100644
--- a/libjava/classpath/gnu/java/security/x509/X509CRLEntry.java
+++ b/libjava/classpath/gnu/java/security/x509/X509CRLEntry.java
@@ -38,6 +38,7 @@ exception statement from your version. */
 
 package gnu.java.security.x509;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.OID;
 import gnu.java.security.der.DERReader;
 import gnu.java.security.der.DERValue;
@@ -53,6 +54,7 @@ import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Iterator;
 import java.util.Set;
+import java.util.logging.Logger;
 
 /**
  * A single entry in a X.509 certificate revocation list.
@@ -63,20 +65,7 @@ import java.util.Set;
 class X509CRLEntry extends java.security.cert.X509CRLEntry
   implements GnuPKIExtension
 {
-
-  // Constants and fields.
-  // ------------------------------------------------------------------------
-
-  private static final boolean DEBUG = false;
-  private static void debug(String msg)
-  {
-    if (DEBUG)
-      {
-        System.err.print(">> X509CRLEntry: ");
-        System.err.println(msg);
-      }
-  }
-
+  private static final Logger log = Logger.getLogger(X509CRLEntry.class.getName());
   /** The DER encoded form of this CRL entry. */
   private byte[] encoded;
 
@@ -230,26 +219,29 @@ class X509CRLEntry extends java.security.cert.X509CRLEntry
   {
     // RevokedCertificate ::= SEQUENCE {
     DERValue entry = der.read();
-    debug("start CRL entry   len == " + entry.getLength());
+    if (Configuration.DEBUG)
+      log.fine("start CRL entry   len == " + entry.getLength());
     if (!entry.isConstructed())
       throw new IOException("malformed revokedCertificate");
     encoded = entry.getEncoded();
     int len = 0;
-
-    debug("encoded entry:\n" + Util.hexDump(encoded, ">>>> "));
+    if (Configuration.DEBUG)
+      log.fine("encoded entry:\n" + Util.hexDump(encoded, ">>>> "));
 
     //   userCertificate   CertificateSerialNumber,
     DERValue val = der.read();
     serialNo = (BigInteger) val.getValue();
     len += val.getEncodedLength();
-    debug("userCertificate == " + serialNo + "  current count == " + len);
+    if (Configuration.DEBUG)
+      log.fine("userCertificate == " + serialNo + "  current count == " + len);
 
     //   revocationDate   Time,
     val = der.read();
     revocationDate = (Date) val.getValue();
     len += val.getEncodedLength();
-    debug("revocationDate == " + revocationDate + "  current count == " + len);
-
+    if (Configuration.DEBUG)
+      log.fine("revocationDate == " + revocationDate + "  current count == "
+               + len);
     //   crlEntryExtensions   Extensions OPTIONAL
     //                          -- if present MUST be v2
     if (len < entry.getLength())
@@ -259,19 +251,22 @@ class X509CRLEntry extends java.security.cert.X509CRLEntry
         DERValue exts = der.read();
         if (!exts.isConstructed())
           throw new IOException("malformed Extensions");
-        debug("start Extensions  len == " + exts.getLength());
+        if (Configuration.DEBUG)
+          log.fine("start Extensions  len == " + exts.getLength());
         len = 0;
         while (len < exts.getLength())
           {
             val = der.read();
             if (!val.isConstructed())
               throw new IOException("malformed Extension");
-            debug("start Extension  len == " + val.getLength());
+            if (Configuration.DEBUG)
+              log.fine("start Extension  len == " + val.getLength());
             Extension e = new Extension(val.getEncoded());
             extensions.put(e.getOid(), e);
             der.skip(val.getLength());
             len += val.getEncodedLength();
-            debug("current count == " + len);
+            if (Configuration.DEBUG)
+              log.fine("current count == " + len);
           }
       }
   }
diff --git a/libjava/classpath/gnu/java/security/x509/X509Certificate.java b/libjava/classpath/gnu/java/security/x509/X509Certificate.java
index cf0161701cc..b3f8a696a85 100644
--- a/libjava/classpath/gnu/java/security/x509/X509Certificate.java
+++ b/libjava/classpath/gnu/java/security/x509/X509Certificate.java
@@ -552,7 +552,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
     // Certificate ::= SEQUENCE {
     DERValue cert = der.read();
     logger.log (Component.X509, "start Certificate  len == {0}",
-                new Integer (cert.getLength()));
+                Integer.valueOf(cert.getLength()));
 
     this.encoded = cert.getEncoded();
     if (!cert.isConstructed())
@@ -568,7 +568,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
       }
     tbsCertBytes = tbsCert.getEncoded();
     logger.log (Component.X509, "start TBSCertificate  len == {0}",
-                new Integer (tbsCert.getLength()));
+                Integer.valueOf(tbsCert.getLength()));
 
     // Version ::= INTEGER [0] { v1(0), v2(1), v3(2) }
     DERValue val = der.read();
@@ -582,7 +582,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
         version = 1;
       }
     logger.log (Component.X509, "read version == {0}",
-                new Integer (version));
+                Integer.valueOf(version));
 
     // SerialNumber ::= INTEGER
     serialNo = (BigInteger) val.getValue();
@@ -596,7 +596,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
       }
     int certAlgLen = val.getLength();
     logger.log (Component.X509, "start AlgorithmIdentifier  len == {0}",
-                new Integer (certAlgLen));
+                Integer.valueOf(certAlgLen));
     val = der.read();
 
     //   algorithm    OBJECT IDENTIFIER,
@@ -677,20 +677,20 @@ public class X509Certificate extends java.security.cert.X509Certificate
       {
         val = der.read();
         logger.log (Component.X509, "start Extensions  len == {0}",
-                    new Integer (val.getLength()));
+                    Integer.valueOf(val.getLength()));
         int len = 0;
         while (len < val.getLength())
           {
             DERValue ext = der.read();
             logger.log (Component.X509, "start extension  len == {0}",
-                        new Integer (ext.getLength()));
+                        Integer.valueOf(ext.getLength()));
             Extension e = new Extension(ext.getEncoded());
             extensions.put(e.getOid(), e);
             der.skip(ext.getLength());
             len += ext.getEncodedLength();
             logger.log (Component.X509, "read extension {0} == {1}",
                         new Object[] { e.getOid (), e });
-            logger.log (Component.X509, "count == {0}", new Integer (len));
+            logger.log (Component.X509, "count == {0}", Integer.valueOf(len));
           }
 
         val = der.read ();
@@ -703,7 +703,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
       }
     int sigAlgLen = val.getLength();
     logger.log (Component.X509, "start AlgorithmIdentifier  len == {0}",
-                new Integer (sigAlgLen));
+                Integer.valueOf(sigAlgLen));
     val = der.read();
     sigAlgId = (OID) val.getValue();
     logger.log (Component.X509, "read algorithm id == {0}", sigAlgId);
diff --git a/libjava/classpath/gnu/java/security/x509/ext/Extension.java b/libjava/classpath/gnu/java/security/x509/ext/Extension.java
index 97097a2f380..69251987ec9 100644
--- a/libjava/classpath/gnu/java/security/x509/ext/Extension.java
+++ b/libjava/classpath/gnu/java/security/x509/ext/Extension.java
@@ -38,6 +38,7 @@ exception statement from your version. */
 
 package gnu.java.security.x509.ext;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.OID;
 import gnu.java.security.der.DER;
 import gnu.java.security.der.DERReader;
@@ -48,20 +49,11 @@ import java.io.IOException;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
+import java.util.logging.Logger;
 
 public class Extension
 {
-
-  // Fields.
-  // -------------------------------------------------------------------------
-
-  private static final boolean DEBUG = false;
-  private static void debug(String msg)
-  {
-    System.err.print(">> Extension: ");
-    System.err.println(msg);
-  }
-
+  private static final Logger log = Logger.getLogger(Extension.class.getName());
   /**
    * This extension's object identifier.
    */
@@ -97,7 +89,8 @@ public class Extension
 
     // Extension ::= SEQUENCE {
     DERValue val = der.read();
-    if (DEBUG) debug("read val  tag == " + val.getTag() + " len == " + val.getLength());
+    if (Configuration.DEBUG)
+      log.fine("read val  tag == " + val.getTag() + " len == " + val.getLength());
     if (!val.isConstructed())
       throw new IOException("malformed Extension");
 
@@ -106,7 +99,8 @@ public class Extension
     if (val.getTag() != DER.OBJECT_IDENTIFIER)
       throw new IOException("expecting OBJECT IDENTIFIER");
     oid = (OID) val.getValue();
-    if (DEBUG) debug("read oid == " + oid);
+    if (Configuration.DEBUG)
+      log.fine("read oid == " + oid);
 
     //   critical  BOOLEAN DEFAULT FALSE,
     val = der.read();
@@ -117,7 +111,8 @@ public class Extension
       }
     else
       critical = false;
-    if (DEBUG) debug("is critical == " + critical);
+    if (Configuration.DEBUG)
+      log.fine("is critical == " + critical);
 
     //   extnValue OCTET STRING }
     if (val.getTag() != DER.OCTET_STRING)
@@ -181,7 +176,8 @@ public class Extension
         value = new Value(encval);
         isSupported = false;
       }
-    if (DEBUG) debug("read value == " + value);
+    if (Configuration.DEBUG)
+      log.fine("read value == " + value);
   }
 
   public Extension (final OID oid, final Value value, final boolean critical)
diff --git a/libjava/classpath/gnu/java/security/x509/ext/GeneralNames.java b/libjava/classpath/gnu/java/security/x509/ext/GeneralNames.java
index dae94cd9f35..b342cbd5f2e 100644
--- a/libjava/classpath/gnu/java/security/x509/ext/GeneralNames.java
+++ b/libjava/classpath/gnu/java/security/x509/ext/GeneralNames.java
@@ -1,5 +1,5 @@
 /* GeneralNames.java -- the GeneralNames object
-   Copyright (C) 2004  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -42,7 +42,6 @@ import gnu.java.security.OID;
 import gnu.java.security.der.DER;
 import gnu.java.security.der.DERReader;
 import gnu.java.security.der.DERValue;
-import gnu.java.security.x509.X500DistinguishedName;
 
 import java.io.IOException;
 import java.net.InetAddress;
@@ -91,7 +90,7 @@ public class GeneralNames
         int tagClass = name.getTagClass();
         if (tagClass != DER.CONTEXT)
           throw new IOException("malformed GeneralName: Tag class is " + tagClass);
-        namePair.add(new Integer(name.getTag()));
+        namePair.add(Integer.valueOf(name.getTag()));
         DERValue val = null;
         switch (name.getTag())
           {
diff --git a/libjava/classpath/gnu/java/util/prefs/EventDispatcher.java b/libjava/classpath/gnu/java/util/prefs/EventDispatcher.java
index feabe4dce51..ecddd3a55f2 100644
--- a/libjava/classpath/gnu/java/util/prefs/EventDispatcher.java
+++ b/libjava/classpath/gnu/java/util/prefs/EventDispatcher.java
@@ -74,7 +74,7 @@ public class EventDispatcher extends Thread
               {
                 try
                   {
-                    wait();
+                    queue.wait();
                   }
                 catch (InterruptedException _)
                   {
@@ -107,6 +107,7 @@ public class EventDispatcher extends Thread
     synchronized (queue)
       {
         queue.add(runner);
+	queue.notify();
       }
   }
 }
diff --git a/libjava/classpath/gnu/java/util/prefs/GConfBasedFactory.java b/libjava/classpath/gnu/java/util/prefs/GConfBasedFactory.java
new file mode 100644
index 00000000000..ae734b60985
--- /dev/null
+++ b/libjava/classpath/gnu/java/util/prefs/GConfBasedFactory.java
@@ -0,0 +1,78 @@
+/* GConfBasedFactory.java -- GConf based PreferencesFactory implementation
+ Copyright (C) 2006 Free Software Foundation, Inc.
+
+ This file is part of GNU Classpath.
+
+ GNU Classpath is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2, or (at your option)
+ any later version.
+
+ GNU Classpath is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with GNU Classpath; see the file COPYING.  If not, write to the
+ Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ 02110-1301 USA.
+
+ Linking this library statically or dynamically with other modules is
+ making a combined work based on this library.  Thus, the terms and
+ conditions of the GNU General Public License cover the whole
+ combination.
+
+ As a special exception, the copyright holders of this library give you
+ permission to link this library with independent modules to produce an
+ executable, regardless of the license terms of these independent
+ modules, and to copy and distribute the resulting executable under
+ terms of your choice, provided that you also meet, for each linked
+ independent module, the terms and conditions of the license of that
+ module.  An independent module is a module which is not derived from
+ or based on this library.  If you modify this library, you may extend
+ this exception to your version of the library, but you are not
+ obligated to do so.  If you do not wish to do so, delete this
+ exception statement from your version. */
+
+package gnu.java.util.prefs;
+
+import java.util.prefs.Preferences;
+import java.util.prefs.PreferencesFactory;
+
+/**
+ * Factory object that generates a Preferences nodes that are read from a GConf
+ * daemon.
+ * 
+ * @author Mario Torre <neugens@limasoftware.net>
+ */
+public class GConfBasedFactory implements PreferencesFactory
+{
+  /** System preference root. */
+  private static final Preferences systemPreferences
+    = new GConfBasedPreferences(null, "", false);
+
+  /** User preference root. */
+  private static final Preferences userPreferences
+    = new GConfBasedPreferences(null, "", true);
+
+  /**
+   * Returns the system root preference node.
+   * 
+   * @see java.util.prefs.PreferencesFactory#systemRoot()
+   */
+  public Preferences systemRoot()
+  {
+    return systemPreferences;
+  }
+
+  /**
+   * Returns the user root preference node corresponding to the calling user.
+   * 
+   * @see java.util.prefs.PreferencesFactory#userRoot()
+   */
+  public Preferences userRoot()
+  {
+    return userPreferences;
+  }
+}
diff --git a/libjava/classpath/gnu/java/util/prefs/GConfBasedPreferences.java b/libjava/classpath/gnu/java/util/prefs/GConfBasedPreferences.java
new file mode 100644
index 00000000000..5702751cf5c
--- /dev/null
+++ b/libjava/classpath/gnu/java/util/prefs/GConfBasedPreferences.java
@@ -0,0 +1,412 @@
+/* GConfBasedPreferences.java -- GConf based Preferences implementation
+ Copyright (C) 2006 Free Software Foundation, Inc.
+
+ This file is part of GNU Classpath.
+
+ GNU Classpath is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2, or (at your option)
+ any later version.
+
+ GNU Classpath is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with GNU Classpath; see the file COPYING.  If not, write to the
+ Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ 02110-1301 USA.
+
+ Linking this library statically or dynamically with other modules is
+ making a combined work based on this library.  Thus, the terms and
+ conditions of the GNU General Public License cover the whole
+ combination.
+
+ As a special exception, the copyright holders of this library give you
+ permission to link this library with independent modules to produce an
+ executable, regardless of the license terms of these independent
+ modules, and to copy and distribute the resulting executable under
+ terms of your choice, provided that you also meet, for each linked
+ independent module, the terms and conditions of the license of that
+ module.  An independent module is a module which is not derived from
+ or based on this library.  If you modify this library, you may extend
+ this exception to your version of the library, but you are not
+ obligated to do so.  If you do not wish to do so, delete this
+ exception statement from your version. */
+
+package gnu.java.util.prefs;
+
+import gnu.java.util.prefs.gconf.GConfNativePeer;
+
+import java.security.Permission;
+
+import java.util.Iterator;
+import java.util.List;
+import java.util.prefs.AbstractPreferences;
+import java.util.prefs.BackingStoreException;
+
+/**
+ * This is a GConf based preference implementation which writes the preferences
+ * as GConf key-value pairs. System Root is defined to be the
+ * <code>"/system"</code> directory of GConf for the current user, while User
+ * Root is <code>"/apps/java"</code>. These defaults can be modified by
+ * defining two system properties:<br />
+ * <br />
+ * User Root:<br />
+ * <br />
+ * 
+ * <pre>
+ * gnu.java.util.prefs.gconf.user_root
+ * </pre>
+ * 
+ * <br />
+ * <br />
+ * and System Root:<br />
+ * <br />
+ * 
+ * <pre>
+ * gnu.java.util.prefs.gconf.system_root
+ * </pre>
+ * 
+ * <br />
+ * 
+ * @author Mario Torre <neugens@limasoftware.net>
+ * @version 1.0.1
+ */
+public class GConfBasedPreferences
+    extends AbstractPreferences
+{
+  /** Get access to Runtime permission */
+  private static final Permission PERMISSION
+    = new RuntimePermission("preferences");
+
+  /** CGonf client backend */
+  private static GConfNativePeer backend = new GConfNativePeer();
+
+  /** Default user root path */
+  private static final String DEFAULT_USER_ROOT = "/apps/classpath";
+
+  /** Default system root path */
+  private static final String DEFAULT_SYSTEM_ROOT = "/system";
+
+  /** current node full path */
+  private String node = "";
+
+  /** True if this is a preference node in the user tree, false otherwise. */
+  private final boolean isUser;
+
+  /**
+   * Creates a preference root user node.
+   */
+  public GConfBasedPreferences()
+  {
+    this(true);
+  }
+
+  /**
+   * Creates a preference root node. When <code>isUser</code> is true it will
+   * be user node otherwise it will be a system node.
+   */
+  public GConfBasedPreferences(boolean isUser)
+  {
+    this(null, "", isUser);
+  }
+
+  /**
+   * Creates a new preference node given a parent node and a name, which has to
+   * be relative to its parent. When <code>isUser</code> is true it will be user
+   * node otherwise it will be a system node.
+   * 
+   * @param parent The parent node of this newly created node.
+   * @param name A name relative to the parent node.
+   * @param isUser Set to <code>true</code> initializes this node to be
+   * a user node, <code>false</code> initialize it to be a system node.
+   */
+  public GConfBasedPreferences(AbstractPreferences parent, String name,
+                               boolean isUser)
+  {
+    super(parent, name);
+    this.isUser = isUser;
+
+    // stores the fully qualified name of this node
+    String absolutePath = this.absolutePath();
+    if (absolutePath != null && absolutePath.endsWith("/"))
+      {
+        absolutePath = absolutePath.substring(0, absolutePath.length() - 1);
+      }
+
+    this.node = this.getRealRoot(isUser) + absolutePath;
+
+    boolean nodeExist = backend.nodeExist(this.node);
+
+    this.newNode = !nodeExist;
+    backend.startWatchingNode(this.node);
+  }
+
+  /**
+   * Returns a child node with the given name.
+   * If the child node does not exists, it will be created.
+   * 
+   * @param name The name of the requested node.
+   * @return A new reference to the node, creating the node if it is necessary.
+   */
+  protected AbstractPreferences childSpi(String name)
+  {
+    // we don't check anything here, if the node is a new node this will be
+    // detected in the constructor, so we simply return a new reference to
+    // the requested node.
+    return new GConfBasedPreferences(this, name, this.isUser);
+  }
+
+  /**
+   * Returns an array of names of the children of this preference node.
+   * If the current node does not have children, the returned array will be
+   * of <code>size</code> 0 (that is, not <code>null</code>).
+   * 
+   * @return A <code>String</code> array of names of children of the current
+   * node.
+   * @throws BackingStoreException if this operation cannot be completed.
+   */
+  protected String[] childrenNamesSpi() throws BackingStoreException
+  {
+    List nodeList = backend.getChildrenNodes(this.node);
+    String[] nodes = new String[nodeList.size()];
+    nodeList.toArray(nodes);
+
+    return nodes;
+  }
+
+  /**
+   * Suggest a flush to the backend. Actually, this is only a suggestion as
+   * GConf handles this for us asynchronously. More over, both sync and flush
+   * have the same meaning in this class, so calling sync has exactly the same
+   * effect.
+   * 
+   * @see #sync
+   * @throws BackingStoreException if this operation cannot be completed.
+   */
+  public void flush() throws BackingStoreException
+  {
+    backend.suggestSync();
+  }
+
+  /**
+   * Request a flush.
+   * 
+   * @see #flush
+   * @throws BackingStoreException if this operation cannot be completed.
+   */
+  protected void flushSpi() throws BackingStoreException
+  {
+    this.flush();
+  }
+
+  /**
+   * Returns all of the key in this preference node.
+   * If the current node does not have preferences, the returned array will be
+   * of size zero.
+   * 
+   * @return A <code>String</code> array of keys stored under the current
+   * node.
+   * @throws BackingStoreException if this operation cannot be completed.
+   */
+  protected String[] keysSpi() throws BackingStoreException
+  {
+    List keyList = backend.getKeys(this.node);
+    String[] keys = new String[keyList.size()];
+    keyList.toArray(keys);
+
+    return keys;
+  }
+
+  /**
+   * Does a recursive postorder traversal of the preference tree, starting from
+   * the given directory invalidating every preference found in the node.
+   * 
+   * @param directory The name of the starting directory (node)
+   */
+  private void postorderRemove(String directory)
+  {
+    try
+      {
+        // gets the listing of directories in this node
+        List dirs = backend.getChildrenNodes(directory);
+
+        if (dirs.size() != 0)
+          {
+            String currentDir = null;
+
+            for (Iterator itr = dirs.iterator(); itr.hasNext();)
+              {
+                currentDir = (String) itr.next();
+
+                // recursive search inside this directory
+                postorderRemove(currentDir);
+              }
+          }
+
+        // remove all the keys associated to this directory
+        List entries = backend.getKeys(directory);
+
+        if (entries.size() != 0)
+          {
+            String key = null;
+
+            for (Iterator keys = entries.iterator(); keys.hasNext();)
+              {
+                key = (String) keys.next();
+                this.removeSpi(key);
+              }
+          }
+      }
+    catch (BackingStoreException ex)
+      {
+        /* ignore */
+      }
+  }
+
+  /**
+   * Stores the given key-value pair into this preference node.
+   * 
+   * @param key The key of this preference.
+   * @param value The value of this preference.
+   */
+  protected void putSpi(String key, String value)
+  {
+    backend.setString(this.getGConfKey(key), value);
+  }
+
+  /**
+   * Removes this preference node, including all its children.
+   * Also removes the preferences associated.
+   */
+  protected void removeNodeSpi() throws BackingStoreException
+  {
+    this.postorderRemove(this.node);
+    this.flush();
+  }
+
+  /**
+   * Removes the given key from this preference node.
+   * If the key does not exist, no operation is performed.
+   * 
+   * @param key The key to remove.
+   */
+  protected void removeSpi(String key)
+  {
+    backend.unset(this.getGConfKey(key));
+  }
+
+  /**
+   * Suggest a sync to the backend. Actually, this is only a suggestion as GConf
+   * handles this for us asynchronously. More over, both sync and flush have the
+   * same meaning in this class, so calling flush has exactly the same effect.
+   * 
+   * @see #flush
+   * @throws BackingStoreException if this operation cannot be completed due to
+   *           a failure in the backing store, or inability to communicate with
+   *           it.
+   */
+  public void sync() throws BackingStoreException
+  {
+    this.flush();
+  }
+
+  /**
+   * Request a sync.
+   * 
+   * @see #sync
+   * @throws BackingStoreException if this operation cannot be completed due to
+   *           a failure in the backing store, or inability to communicate with
+   *           it.
+   */
+  protected void syncSpi() throws BackingStoreException
+  {
+    this.sync();
+  }
+
+  /**
+   * Returns the value of the given key.
+   * If the keys does not have a value, or there is an error in the backing
+   * store, <code>null</code> is returned instead.
+   * 
+   * @param key The key to retrieve.
+   * @return The value associated with the given key.
+   */
+  protected String getSpi(String key)
+  {
+    return backend.getKey(this.getGConfKey(key));
+  }
+
+  /**
+   * Returns <code>true</code> if this preference node is a user node,
+   * <code>false</code> if is a system preference node.
+   * 
+   * @return <code>true</code> if this preference node is a user node,
+   * <code>false</code> if is a system preference node.
+   */
+  public boolean isUserNode()
+  {
+    return this.isUser;
+  }
+
+  /*
+   * PRIVATE METHODS
+   */
+
+  /**
+   * Builds a GConf key string suitable for operations on the backend.
+   * 
+   * @param key The key to convert into a valid GConf key.
+   * @return A valid Gconf key.
+   */
+  private String getGConfKey(String key)
+  {
+    String nodeName = "";
+    
+    if (this.node.endsWith("/"))
+      {
+        nodeName = this.node + key;
+      }
+    else
+      {
+        nodeName = this.node + "/" + key;
+      }
+
+    return nodeName;
+  }
+
+  /**
+   * Builds the root node to use for this preference.
+   * 
+   * @param isUser Defines if this node is a user (<code>true</code>) or system
+   * (<code>false</code>) node.
+   * @return The real root of this preference tree.
+   */
+  private String getRealRoot(boolean isUser)
+  {
+    // not sure about this, we should have already these permissions...
+    SecurityManager security = System.getSecurityManager();
+
+    if (security != null)
+      {
+        security.checkPermission(PERMISSION);
+      }
+
+    String root = null;
+
+    if (isUser)
+      {
+        root = System.getProperty("gnu.java.util.prefs.gconf.user_root",
+                                  DEFAULT_USER_ROOT);
+      }
+    else
+      {
+        root = System.getProperty("gnu.java.util.prefs.gconf.system_root",
+                                  DEFAULT_SYSTEM_ROOT);
+      }
+
+    return root;
+  }
+}
diff --git a/libjava/classpath/gnu/java/util/prefs/gconf/GConfNativePeer.java b/libjava/classpath/gnu/java/util/prefs/gconf/GConfNativePeer.java
new file mode 100644
index 00000000000..f1cb6278767
--- /dev/null
+++ b/libjava/classpath/gnu/java/util/prefs/gconf/GConfNativePeer.java
@@ -0,0 +1,298 @@
+/* GConfNativePeer.java -- GConf based preference peer for native methods
+ Copyright (C) 2006 Free Software Foundation, Inc.
+
+ This file is part of GNU Classpath.
+
+ GNU Classpath is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2, or (at your option)
+ any later version.
+
+ GNU Classpath is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with GNU Classpath; see the file COPYING.  If not, write to the
+ Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ 02110-1301 USA.
+
+ Linking this library statically or dynamically with other modules is
+ making a combined work based on this library.  Thus, the terms and
+ conditions of the GNU General Public License cover the whole
+ combination.
+
+ As a special exception, the copyright holders of this library give you
+ permission to link this library with independent modules to produce an
+ executable, regardless of the license terms of these independent
+ modules, and to copy and distribute the resulting executable under
+ terms of your choice, provided that you also meet, for each linked
+ independent module, the terms and conditions of the license of that
+ module.  An independent module is a module which is not derived from
+ or based on this library.  If you modify this library, you may extend
+ this exception to your version of the library, but you are not
+ obligated to do so.  If you do not wish to do so, delete this
+ exception statement from your version. */
+
+
+package gnu.java.util.prefs.gconf;
+
+import java.util.List;
+import java.util.prefs.BackingStoreException;
+
+/**
+ * Native peer for GConf based preference backend.
+ * 
+ * @author Mario Torre <neugens@limasoftware.net>
+ * @version 1.0.1
+ */
+public final class GConfNativePeer
+{
+  /**
+   * Object to achieve locks for methods that need to be synchronized.
+   */
+  private static final Object[] semaphore = new Object[0];
+
+  /**
+   * Creates a new instance of GConfNativePeer
+   */
+  public GConfNativePeer()
+  {
+    synchronized (semaphore)
+      {
+        init_class();
+      }
+  }
+
+  /**
+   * Queries whether the node <code>node</code> exists in theGConf database.
+   * Returns <code>true</code> or <code>false</code>.
+   * 
+   * @param node the node to check.
+   */
+  public boolean nodeExist(String node)
+  {
+    return gconf_client_dir_exists(node);
+  }
+
+  /**
+   * Add the node <code>node</code> to the list of nodes the GConf will watch.
+   * An event is raised everytime this node is changed. You can add a node
+   * multiple times.
+   * 
+   * @param node the node to track.
+   */
+  public void startWatchingNode(String node)
+  {
+    gconf_client_add_dir(node);
+  }
+
+  /**
+   * Remove the node <code>node</code> to the list of nodes the GConf is
+   * watching. Note that if a node has been added multiple times, you must
+   * remove it the same number of times before the remove takes effect.
+   * 
+   * @param node the node you don't want to track anymore.
+   */
+  public void stopWatchingNode(String node)
+  {
+    gconf_client_remove_dir(node);
+  }
+
+  /**
+   * Change the value of key to val. Automatically creates the key if it didn't
+   * exist before (ie it was unset or it only had a default value).
+   * Key names must be valid GConf key names, that is, there can be more
+   * restrictions than for normal Preference Backend.
+   * 
+   * @param key the key to alter (or add).
+   * @param value the new value for this key.
+   * @return true if the key was updated, false otherwise.
+   */
+  public boolean setString(String key, String value)
+  {
+    return gconf_client_set_string(key, value);
+  }
+
+  /**
+   * Unsets the value of key; if key is already unset, has no effect. Depending
+   * on the GConf daemon, unsetting a key may have the side effect to remove it
+   * completely form the database.
+   * 
+   * @param key the key to unset.
+   * @return true on success, false if the key was not updated.
+   */
+  public boolean unset(String key)
+  {
+    return gconf_client_unset(key);
+  }
+
+  /**
+   * Gets the value of a configuration key.
+   * 
+   * @param key the configuration key.
+   * @return the values of this key, null if the key is not valid.
+   */
+  public String getKey(String key)
+  {
+    return gconf_client_get_string(key);
+  }
+
+  /**
+   * Lists the key in the given node. Does not list subnodes. Keys names are the
+   * stripped names (name relative to the current node) of the keys stored in
+   * this node.
+   * 
+   * @param node the node where keys are stored.
+   * @return a java.util.List of keys. If there are no keys in the given node, a
+   *         list of size 0 is returned.
+   */
+  public List getKeys(String node) throws BackingStoreException
+  {
+    return gconf_client_gconf_client_all_keys(node);
+  }
+
+  /**
+   * Lists the subnodes in <code>node</code>. The returned list contains
+   * allocated strings. Each string is the name relative tho the given node.
+   * 
+   * @param node the node to get subnodes from. If there are no subnodes in the
+   *          given node, a list of size 0 is returned.
+   */
+  public List getChildrenNodes(String node) throws BackingStoreException
+  {
+    return gconf_client_gconf_client_all_nodes(node);
+  }
+
+  /**
+   * Suggest to the backend GConf daemon to synch with the database.
+   */
+  public void suggestSync() throws BackingStoreException
+  {
+    gconf_client_suggest_sync();
+  }
+  
+  protected void finalize() throws Throwable
+  {
+    try
+      {
+        synchronized (semaphore)
+          {
+            finalize_class();
+          }
+      }
+    finally
+      {
+        super.finalize();
+      }
+  }
+
+  /* ***** native methods ***** */
+
+  /*
+   * Basicly, these are one to one mappings to GConfClient functions.
+   * GConfClient instances are handled by the native layer, and are hidden from
+   * the main java class.
+   */
+
+  /**
+   * Initialize the GConf native peer and enable the object cache.
+   * It is meant to be used by the static initializer.
+   */
+  native static final private void init_id_cache();
+  
+  /**
+   * Initialize the GConf native peer. This is meant to be used by the
+   * class constructor.
+   */
+  native static final private void init_class();
+
+  /**
+   * Class finalizer.
+   */
+  native static final private void finalize_class();
+
+  /**
+   * Queries the GConf database to see if the given node exists, returning
+   * true if the node exist, false otherwise.
+   * 
+   * @param node the node to query for existence.
+   * @return true if the node exist, false otherwise.
+   */
+  native static final protected boolean gconf_client_dir_exists(String node);
+
+  /**
+   * Adds the given node to the list of nodes that GConf watches for
+   * changes.
+   * 
+   * @param node the node to watch for changes.
+   */
+  native static final protected void gconf_client_add_dir(String node);
+
+  /**
+   * Removes the given node from the list of nodes that GConf watches for
+   * changes.
+   * 
+   * @param node the node to remove from from the list of watched nodes.
+   */
+  native static final protected void gconf_client_remove_dir(String node);
+
+  /**
+   * Sets the given key/value pair into the GConf database.
+   * The key must be a valid GConf key.
+   * 
+   * @param key the key to store in the GConf database
+   * @param value the value to associate to the given key.
+   * @return true if the change has effect, false otherwise.
+   */
+  native static final protected boolean gconf_client_set_string(String key,
+                                                                String value);
+
+  /**
+   * Returns the key associated to the given key. Null is returned if the
+   * key is not valid.
+   * 
+   * @param key the key to return the value of.
+   * @return The value associated to the given key, or null.
+   */
+  native static final protected String gconf_client_get_string(String key);
+
+  /**
+   * Usets the given key, removing the key from the database.
+   * 
+   * @param key the key to remove.
+   * @return true if the operation success, false otherwise.
+   */
+  native static final protected boolean gconf_client_unset(String key);
+
+  /**
+   * Suggest to the GConf native peer a sync with the database.
+   *
+   */
+  native static final protected void gconf_client_suggest_sync();
+
+  /**
+   * Returns a list of all nodes under the given node.
+   * 
+   * @param node the source node.
+   * @return A list of nodes under the given source node.
+   */
+  native
+  static final protected List gconf_client_gconf_client_all_nodes(String node);
+
+  /**
+   * Returns a list of all keys stored in the given node.
+   * 
+   * @param node the source node.
+   * @return A list of all keys stored in the given node.
+   */
+  native
+  static final protected List gconf_client_gconf_client_all_keys(String node);
+
+  static
+    {
+      System.loadLibrary("gconfpeer");
+      init_id_cache();
+    }
+}
diff --git a/libjava/classpath/gnu/regexp/BacktrackStack.java b/libjava/classpath/gnu/java/util/regex/BacktrackStack.java
index 0fc73f044ff..d711945e43b 100644
--- a/libjava/classpath/gnu/regexp/BacktrackStack.java
+++ b/libjava/classpath/gnu/java/util/regex/BacktrackStack.java
@@ -36,7 +36,7 @@ obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
 
-package gnu.regexp;
+package gnu.java.util.regex;
 
 /**
  * An instance of this class represents a stack
diff --git a/libjava/classpath/gnu/regexp/CharIndexed.java b/libjava/classpath/gnu/java/util/regex/CharIndexed.java
index 8aedc49f69c..6cd857e3bc0 100644
--- a/libjava/classpath/gnu/regexp/CharIndexed.java
+++ b/libjava/classpath/gnu/java/util/regex/CharIndexed.java
@@ -35,7 +35,7 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
-package gnu.regexp;
+package gnu.java.util.regex;
 
 /**
  * Defines the interface used internally so that different types of source
diff --git a/libjava/classpath/gnu/regexp/CharIndexedCharArray.java b/libjava/classpath/gnu/java/util/regex/CharIndexedCharArray.java
index 96a609beb62..6f74c992f8f 100644
--- a/libjava/classpath/gnu/regexp/CharIndexedCharArray.java
+++ b/libjava/classpath/gnu/java/util/regex/CharIndexedCharArray.java
@@ -35,7 +35,7 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
-package gnu.regexp;
+package gnu.java.util.regex;
 import java.nio.CharBuffer;
 
 class CharIndexedCharArray extends CharIndexedCharSequence {
diff --git a/libjava/classpath/gnu/regexp/CharIndexedCharSequence.java b/libjava/classpath/gnu/java/util/regex/CharIndexedCharSequence.java
index 5bbe4abfe9f..2eb753b0f5c 100644
--- a/libjava/classpath/gnu/regexp/CharIndexedCharSequence.java
+++ b/libjava/classpath/gnu/java/util/regex/CharIndexedCharSequence.java
@@ -35,7 +35,7 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
-package gnu.regexp;
+package gnu.java.util.regex;
 import java.io.Serializable;
 
 class CharIndexedCharSequence implements CharIndexed, Serializable {
diff --git a/libjava/classpath/gnu/regexp/CharIndexedInputStream.java b/libjava/classpath/gnu/java/util/regex/CharIndexedInputStream.java
index 290a94e7f66..77cd1abd5cc 100644
--- a/libjava/classpath/gnu/regexp/CharIndexedInputStream.java
+++ b/libjava/classpath/gnu/java/util/regex/CharIndexedInputStream.java
@@ -35,7 +35,7 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
-package gnu.regexp;
+package gnu.java.util.regex;
 import java.io.BufferedInputStream;
 import java.io.IOException;
 import java.io.InputStream;
diff --git a/libjava/classpath/gnu/regexp/CharIndexedString.java b/libjava/classpath/gnu/java/util/regex/CharIndexedString.java
index 24982659baf..fab6d78360b 100644
--- a/libjava/classpath/gnu/regexp/CharIndexedString.java
+++ b/libjava/classpath/gnu/java/util/regex/CharIndexedString.java
@@ -35,7 +35,7 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
-package gnu.regexp;
+package gnu.java.util.regex;
 
 class CharIndexedString extends CharIndexedCharSequence {
     CharIndexedString(String str, int index) {
diff --git a/libjava/classpath/gnu/regexp/CharIndexedStringBuffer.java b/libjava/classpath/gnu/java/util/regex/CharIndexedStringBuffer.java
index d6b03bba566..10005b66831 100644
--- a/libjava/classpath/gnu/regexp/CharIndexedStringBuffer.java
+++ b/libjava/classpath/gnu/java/util/regex/CharIndexedStringBuffer.java
@@ -35,7 +35,7 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
-package gnu.regexp;
+package gnu.java.util.regex;
 
 class CharIndexedStringBuffer extends CharIndexedCharSequence {
 
diff --git a/libjava/classpath/gnu/regexp/RE.java b/libjava/classpath/gnu/java/util/regex/RE.java
index e0665f097c2..1aab3b781a2 100644
--- a/libjava/classpath/gnu/regexp/RE.java
+++ b/libjava/classpath/gnu/java/util/regex/RE.java
@@ -35,7 +35,7 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
-package gnu.regexp;
+package gnu.java.util.regex;
 import java.io.InputStream;
 import java.io.Serializable;
 import java.util.Locale;
@@ -130,7 +130,7 @@ public class RE extends REToken {
   private static final String VERSION = "1.1.5-dev";
 
   // The localized strings are kept in a separate file
-  private static ResourceBundle messages = PropertyResourceBundle.getBundle("gnu/regexp/MessagesBundle", Locale.getDefault());
+  private static ResourceBundle messages = PropertyResourceBundle.getBundle("gnu/java/util/regex/MessagesBundle", Locale.getDefault());
 
   // These are, respectively, the first and last tokens in our linked list
   // If there is only one token, firstToken == lastToken
@@ -750,7 +750,20 @@ public class RE extends REToken {
       else if ((unit.ch == '^') && !(unit.bk || quot)) {
 	addToken(currentToken);
 	currentToken = null;
-	addToken(new RETokenStart(subIndex,((cflags & REG_MULTILINE) > 0) ? syntax.getLineSeparator() : null));
+	RETokenStart token = null;
+	if ((cflags & REG_MULTILINE) > 0) {
+	    String sep = syntax.getLineSeparator();
+	    if (sep == null) {
+	        token = new RETokenStart(subIndex, null, true);
+	    }
+	    else {
+		token = new RETokenStart(subIndex, sep);
+	    }
+	}
+	else {
+	    token = new RETokenStart(subIndex, null);
+	}
+	addToken(token);
       }
 
       // END OF LINE OPERATOR
@@ -759,7 +772,20 @@ public class RE extends REToken {
       else if ((unit.ch == '$') && !(unit.bk || quot)) {
 	addToken(currentToken);
 	currentToken = null;
-	addToken(new RETokenEnd(subIndex,((cflags & REG_MULTILINE) > 0) ? syntax.getLineSeparator() : null));
+	RETokenEnd token = null;
+	if ((cflags & REG_MULTILINE) > 0) {
+	    String sep = syntax.getLineSeparator();
+	    if (sep == null) {
+	        token = new RETokenEnd(subIndex, null, true);
+	    }
+	    else {
+		token = new RETokenEnd(subIndex, sep);
+	    }
+	}
+	else {
+	    token = new RETokenEnd(subIndex, null);
+	}
+	addToken(token);
       }
 
       // MATCH-ANY-CHARACTER OPERATOR (except possibly newline and null)
diff --git a/libjava/classpath/gnu/regexp/REException.java b/libjava/classpath/gnu/java/util/regex/REException.java
index 73f86fa8add..4104fbcd8a7 100644
--- a/libjava/classpath/gnu/regexp/REException.java
+++ b/libjava/classpath/gnu/java/util/regex/REException.java
@@ -35,7 +35,7 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
-package gnu.regexp;
+package gnu.java.util.regex;
 
 import java.text.MessageFormat;
 
diff --git a/libjava/classpath/gnu/regexp/REFilterInputStream.java b/libjava/classpath/gnu/java/util/regex/REFilterInputStream.java
index 485de56605d..abe86308bbc 100644
--- a/libjava/classpath/gnu/regexp/REFilterInputStream.java
+++ b/libjava/classpath/gnu/java/util/regex/REFilterInputStream.java
@@ -36,7 +36,7 @@ obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
 
-package gnu.regexp;
+package gnu.java.util.regex;
 import java.io.FilterInputStream;
 import java.io.InputStream;
 
diff --git a/libjava/classpath/gnu/regexp/REMatch.java b/libjava/classpath/gnu/java/util/regex/REMatch.java
index 140a9c43e1d..3ff5ad794b8 100644
--- a/libjava/classpath/gnu/regexp/REMatch.java
+++ b/libjava/classpath/gnu/java/util/regex/REMatch.java
@@ -36,7 +36,7 @@ obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
 
-package gnu.regexp;
+package gnu.java.util.regex;
 import java.io.Serializable;
 
 /**
diff --git a/libjava/classpath/gnu/regexp/REMatchEnumeration.java b/libjava/classpath/gnu/java/util/regex/REMatchEnumeration.java
index f164a69af4f..bc700beac5a 100644
--- a/libjava/classpath/gnu/regexp/REMatchEnumeration.java
+++ b/libjava/classpath/gnu/java/util/regex/REMatchEnumeration.java
@@ -35,7 +35,7 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
-package gnu.regexp;
+package gnu.java.util.regex;
 import java.io.Serializable;
 import java.util.Enumeration;
 import java.util.NoSuchElementException;
diff --git a/libjava/classpath/gnu/regexp/RESyntax.java b/libjava/classpath/gnu/java/util/regex/RESyntax.java
index 81fd999bfcf..b66b32f5878 100644
--- a/libjava/classpath/gnu/regexp/RESyntax.java
+++ b/libjava/classpath/gnu/java/util/regex/RESyntax.java
@@ -36,7 +36,7 @@ obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
 
-package gnu.regexp;
+package gnu.java.util.regex;
 import java.io.Serializable;
 import java.util.BitSet;
 
diff --git a/libjava/classpath/gnu/regexp/REToken.java b/libjava/classpath/gnu/java/util/regex/REToken.java
index f2abc029ff4..155c01878e8 100644
--- a/libjava/classpath/gnu/regexp/REToken.java
+++ b/libjava/classpath/gnu/java/util/regex/REToken.java
@@ -35,7 +35,7 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
-package gnu.regexp;
+package gnu.java.util.regex;
 import java.io.Serializable;
 
 abstract class REToken implements Serializable, Cloneable {
diff --git a/libjava/classpath/gnu/regexp/RETokenAny.java b/libjava/classpath/gnu/java/util/regex/RETokenAny.java
index a37d9561b3f..b99a54717c9 100644
--- a/libjava/classpath/gnu/regexp/RETokenAny.java
+++ b/libjava/classpath/gnu/java/util/regex/RETokenAny.java
@@ -36,7 +36,7 @@ obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
 
-package gnu.regexp;
+package gnu.java.util.regex;
 
 final class RETokenAny extends REToken {
   /** True if '.' can match a newline (RE_DOT_NEWLINE) */
diff --git a/libjava/classpath/gnu/regexp/RETokenBackRef.java b/libjava/classpath/gnu/java/util/regex/RETokenBackRef.java
index 25ef9522ec8..3a912f9bba7 100644
--- a/libjava/classpath/gnu/regexp/RETokenBackRef.java
+++ b/libjava/classpath/gnu/java/util/regex/RETokenBackRef.java
@@ -36,7 +36,7 @@ obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
 
-package gnu.regexp;
+package gnu.java.util.regex;
 
 final class RETokenBackRef extends REToken {
   private int num;
diff --git a/libjava/classpath/gnu/regexp/RETokenChar.java b/libjava/classpath/gnu/java/util/regex/RETokenChar.java
index 1b3a74855ec..92d3efcf85b 100644
--- a/libjava/classpath/gnu/regexp/RETokenChar.java
+++ b/libjava/classpath/gnu/java/util/regex/RETokenChar.java
@@ -36,7 +36,7 @@ obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
 
-package gnu.regexp;
+package gnu.java.util.regex;
 
 final class RETokenChar extends REToken {
   private char[] ch;
diff --git a/libjava/classpath/gnu/regexp/RETokenEnd.java b/libjava/classpath/gnu/java/util/regex/RETokenEnd.java
index deb2fc54dda..00efdb6a712 100644
--- a/libjava/classpath/gnu/regexp/RETokenEnd.java
+++ b/libjava/classpath/gnu/java/util/regex/RETokenEnd.java
@@ -36,17 +36,25 @@ obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
 
-package gnu.regexp;
+package gnu.java.util.regex;
 
 final class RETokenEnd extends REToken {
     /**
      * Indicates whether this token should match on a line break.
      */
   private String newline;
+  private boolean check_java_line_terminators;
 
   RETokenEnd(int subIndex,String newline) { 
     super(subIndex);
     this.newline = newline;
+    this.check_java_line_terminators = false;
+  }
+
+  RETokenEnd(int subIndex, String newline, boolean b) { 
+    super(subIndex);
+    this.newline = newline;
+    this.check_java_line_terminators = b;
   }
 
   int getMaximumLength() {
@@ -58,6 +66,18 @@ final class RETokenEnd extends REToken {
 	if (ch == CharIndexed.OUT_OF_BOUNDS)
 	    return ((mymatch.eflags & RE.REG_NOTEOL)>0) ? 
 		null : mymatch;
+        if (check_java_line_terminators) {
+	    if (ch == '\n') {
+                char ch1 = input.charAt(mymatch.index - 1);
+		if (ch1 == '\r') return null;
+		return mymatch;
+	    }
+	    if (ch == '\r') return mymatch;
+	    if (ch == '\u0085') return mymatch; // A next-line character
+	    if (ch == '\u2028') return mymatch; // A line-separator character
+	    if (ch == '\u2029') return mymatch; // A paragraph-separator character
+	    return null;
+	}
 	if (newline != null) {
 	    char z;
 	    int i = 0; // position in newline
diff --git a/libjava/classpath/gnu/regexp/RETokenEndOfPreviousMatch.java b/libjava/classpath/gnu/java/util/regex/RETokenEndOfPreviousMatch.java
index 167d10b5fdb..ea5580e1666 100644
--- a/libjava/classpath/gnu/regexp/RETokenEndOfPreviousMatch.java
+++ b/libjava/classpath/gnu/java/util/regex/RETokenEndOfPreviousMatch.java
@@ -35,7 +35,7 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
-package gnu.regexp;
+package gnu.java.util.regex;
 
 class RETokenEndOfPreviousMatch extends RETokenStart {
 
diff --git a/libjava/classpath/gnu/regexp/RETokenEndSub.java b/libjava/classpath/gnu/java/util/regex/RETokenEndSub.java
index fca01c7f3a4..57a146d03b9 100644
--- a/libjava/classpath/gnu/regexp/RETokenEndSub.java
+++ b/libjava/classpath/gnu/java/util/regex/RETokenEndSub.java
@@ -35,7 +35,7 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
-package gnu.regexp;
+package gnu.java.util.regex;
 
 final class RETokenEndSub extends REToken {
     RETokenEndSub(int subIndex) {
diff --git a/libjava/classpath/gnu/regexp/RETokenIndependent.java b/libjava/classpath/gnu/java/util/regex/RETokenIndependent.java
index 8bb95c654e3..48f8656123d 100644
--- a/libjava/classpath/gnu/regexp/RETokenIndependent.java
+++ b/libjava/classpath/gnu/java/util/regex/RETokenIndependent.java
@@ -35,7 +35,7 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
-package gnu.regexp;
+package gnu.java.util.regex;
 
 /**
  * @author Ito Kazumitsu
diff --git a/libjava/classpath/gnu/regexp/RETokenLookAhead.java b/libjava/classpath/gnu/java/util/regex/RETokenLookAhead.java
index 009872c2f2d..134f17c609c 100644
--- a/libjava/classpath/gnu/regexp/RETokenLookAhead.java
+++ b/libjava/classpath/gnu/java/util/regex/RETokenLookAhead.java
@@ -35,7 +35,7 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
-package gnu.regexp;
+package gnu.java.util.regex;
 
 /**
  * @since gnu.regexp 1.1.3
diff --git a/libjava/classpath/gnu/regexp/RETokenLookBehind.java b/libjava/classpath/gnu/java/util/regex/RETokenLookBehind.java
index 8311d1a7ae3..a01a15bc90f 100644
--- a/libjava/classpath/gnu/regexp/RETokenLookBehind.java
+++ b/libjava/classpath/gnu/java/util/regex/RETokenLookBehind.java
@@ -35,7 +35,7 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
-package gnu.regexp;
+package gnu.java.util.regex;
 
 /**
  * @author Ito Kazumitsu
diff --git a/libjava/classpath/gnu/regexp/RETokenNamedProperty.java b/libjava/classpath/gnu/java/util/regex/RETokenNamedProperty.java
index 6147e87dc37..a286c5be8c6 100644
--- a/libjava/classpath/gnu/regexp/RETokenNamedProperty.java
+++ b/libjava/classpath/gnu/java/util/regex/RETokenNamedProperty.java
@@ -36,7 +36,7 @@ obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
 
-package gnu.regexp;
+package gnu.java.util.regex;
 
 final class RETokenNamedProperty extends REToken {
   String name;
diff --git a/libjava/classpath/gnu/regexp/RETokenOneOf.java b/libjava/classpath/gnu/java/util/regex/RETokenOneOf.java
index f747d5917a3..bccc783118a 100644
--- a/libjava/classpath/gnu/regexp/RETokenOneOf.java
+++ b/libjava/classpath/gnu/java/util/regex/RETokenOneOf.java
@@ -35,7 +35,7 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
-package gnu.regexp;
+package gnu.java.util.regex;
 import java.util.Vector;
 import java.util.Stack;
 
diff --git a/libjava/classpath/gnu/regexp/RETokenPOSIX.java b/libjava/classpath/gnu/java/util/regex/RETokenPOSIX.java
index dbea98aee82..07298958365 100644
--- a/libjava/classpath/gnu/regexp/RETokenPOSIX.java
+++ b/libjava/classpath/gnu/java/util/regex/RETokenPOSIX.java
@@ -36,7 +36,7 @@ obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
 
-package gnu.regexp;
+package gnu.java.util.regex;
 
 final class RETokenPOSIX extends REToken {
   int type;
diff --git a/libjava/classpath/gnu/regexp/RETokenRange.java b/libjava/classpath/gnu/java/util/regex/RETokenRange.java
index 9d3da324e22..8a65f77f13f 100644
--- a/libjava/classpath/gnu/regexp/RETokenRange.java
+++ b/libjava/classpath/gnu/java/util/regex/RETokenRange.java
@@ -35,7 +35,7 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
-package gnu.regexp;
+package gnu.java.util.regex;
 
 final class RETokenRange extends REToken {
   private char lo, hi;
diff --git a/libjava/classpath/gnu/regexp/RETokenRepeated.java b/libjava/classpath/gnu/java/util/regex/RETokenRepeated.java
index 1bad4c79292..531c4a31124 100644
--- a/libjava/classpath/gnu/regexp/RETokenRepeated.java
+++ b/libjava/classpath/gnu/java/util/regex/RETokenRepeated.java
@@ -36,7 +36,7 @@ obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
 
-package gnu.regexp;
+package gnu.java.util.regex;
 
 // import java.util.Vector;
 // import java.util.Stack;
diff --git a/libjava/classpath/gnu/regexp/RETokenStart.java b/libjava/classpath/gnu/java/util/regex/RETokenStart.java
index b992bd661db..aa5f0c91401 100644
--- a/libjava/classpath/gnu/regexp/RETokenStart.java
+++ b/libjava/classpath/gnu/java/util/regex/RETokenStart.java
@@ -35,14 +35,22 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
-package gnu.regexp;
+package gnu.java.util.regex;
 
 class RETokenStart extends REToken {
     private String newline; // matches after a newline
+    private boolean check_java_line_terminators;
     
     RETokenStart(int subIndex, String newline) {
 	super(subIndex);
 	this.newline = newline;
+	this.check_java_line_terminators = false;
+    }
+
+    RETokenStart(int subIndex, String newline, boolean b) {
+    	super(subIndex);
+        this.newline = newline;
+        this.check_java_line_terminators = b;
     }
 
     int getMaximumLength() {
@@ -53,6 +61,21 @@ class RETokenStart extends REToken {
 	// charAt(index-n) may be unknown on a Reader/InputStream. FIXME
 	// Match after a newline if in multiline mode
 	
+	if (check_java_line_terminators) {
+	    char ch = input.charAt(mymatch.index - 1);
+	    if (ch != CharIndexed.OUT_OF_BOUNDS) {
+		if (ch == '\n') return mymatch;
+		if (ch == '\r') {
+		    char ch1 = input.charAt(mymatch.index);
+		    if (ch1 != '\n') return mymatch;
+		    return null;
+		}
+		if (ch == '\u0085') return mymatch; // A next-line character
+		if (ch == '\u2028') return mymatch; // A line-separator character
+		if (ch == '\u2029') return mymatch; // A paragraph-separator character
+	    }
+	}
+
 	if (newline != null) {
 	    int len = newline.length();
 	    if (mymatch.offset >= len) {
diff --git a/libjava/classpath/gnu/regexp/RETokenWordBoundary.java b/libjava/classpath/gnu/java/util/regex/RETokenWordBoundary.java
index 1810339b8e8..538c6bef40c 100644
--- a/libjava/classpath/gnu/regexp/RETokenWordBoundary.java
+++ b/libjava/classpath/gnu/java/util/regex/RETokenWordBoundary.java
@@ -36,7 +36,7 @@ obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
 
-package gnu.regexp;
+package gnu.java.util.regex;
 
 /**
  * Represents a combination lookahead/lookbehind for POSIX [:alnum:].
diff --git a/libjava/classpath/gnu/regexp/UncheckedRE.java b/libjava/classpath/gnu/java/util/regex/UncheckedRE.java
index e6712113828..73a67c65736 100644
--- a/libjava/classpath/gnu/regexp/UncheckedRE.java
+++ b/libjava/classpath/gnu/java/util/regex/UncheckedRE.java
@@ -35,7 +35,7 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
-package gnu.regexp;
+package gnu.java.util.regex;
 
 /**
  * UncheckedRE is a subclass of RE that allows programmers an easier means
@@ -51,7 +51,7 @@ package gnu.regexp;
  * regular expressions for the syntax specified.
  *
  * @author <A HREF="mailto:wes@cacas.org">Wes Biggs</A>
- * @see gnu.regexp.RE 
+ * @see gnu.java.util.regex.RE 
  * @since gnu.regexp 1.1.4
  */
 
diff --git a/libjava/classpath/gnu/javax/crypto/RSACipherImpl.java b/libjava/classpath/gnu/javax/crypto/RSACipherImpl.java
index 0a4c29db6f1..60504ecce85 100644
--- a/libjava/classpath/gnu/javax/crypto/RSACipherImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/RSACipherImpl.java
@@ -1,5 +1,5 @@
-/* DiffieHellmanImpl.java -- implementation of the Diffie-Hellman key agreement.
-   Copyright (C) 2005  Free Software Foundation, Inc.
+/* RSACipherImpl.java --
+   Copyright (C) 2005, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -38,26 +38,21 @@ exception statement from your version. */
 
 package gnu.javax.crypto;
 
-import gnu.classpath.ByteArray;
 import gnu.classpath.debug.Component;
 import gnu.classpath.debug.SystemLogger;
+import gnu.java.security.util.ByteArray;
 
 import java.math.BigInteger;
-
 import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
 import java.security.InvalidKeyException;
 import java.security.Key;
 import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
-
 import java.security.interfaces.RSAKey;
-import java.security.interfaces.RSAPrivateKey;
 import java.security.interfaces.RSAPrivateCrtKey;
+import java.security.interfaces.RSAPrivateKey;
 import java.security.interfaces.RSAPublicKey;
-
 import java.security.spec.AlgorithmParameterSpec;
-
 import java.util.logging.Logger;
 
 import javax.crypto.BadPaddingException;
@@ -67,10 +62,10 @@ import javax.crypto.IllegalBlockSizeException;
 import javax.crypto.NoSuchPaddingException;
 import javax.crypto.ShortBufferException;
 
-public class RSACipherImpl extends CipherSpi
+public class RSACipherImpl
+    extends CipherSpi
 {
   private static final Logger logger = SystemLogger.SYSTEM;
-
   private static final byte[] EMPTY = new byte[0];
   private int opmode = -1;
   private RSAPrivateKey decipherKey = null;
@@ -80,48 +75,44 @@ public class RSACipherImpl extends CipherSpi
   private byte[] dataBuffer = null;
   private int pos = 0;
 
-  protected void engineSetMode (String mode) throws NoSuchAlgorithmException
+  protected void engineSetMode(String mode) throws NoSuchAlgorithmException
   {
-    throw new NoSuchAlgorithmException ("only one mode available");
+    throw new NoSuchAlgorithmException("only one mode available");
   }
 
-  protected void engineSetPadding (String pad) throws NoSuchPaddingException
+  protected void engineSetPadding(String pad) throws NoSuchPaddingException
   {
-    throw new NoSuchPaddingException ("only one padding available");
+    throw new NoSuchPaddingException("only one padding available");
   }
 
-  protected int engineGetBlockSize ()
+  protected int engineGetBlockSize()
   {
     return 1;
   }
 
-  protected int engineGetOutputSize (int inputLen)
+  protected int engineGetOutputSize(int inputLen)
   {
     int outputLen = 0;
     if (decipherKey != null)
-      {
-        outputLen = (decipherKey.getModulus ().bitLength () + 7) / 8;
-      }
+      outputLen = (decipherKey.getModulus().bitLength() + 7) / 8;
     else if (encipherKey != null)
-      {
-        outputLen = (encipherKey.getModulus ().bitLength () + 7) / 8;
-      }
+      outputLen = (encipherKey.getModulus().bitLength() + 7) / 8;
     else
-      throw new IllegalStateException ("not initialized");
+      throw new IllegalStateException("not initialized");
     if (inputLen > outputLen)
-      throw new IllegalArgumentException ("not configured to encode " + inputLen
-                                          + "bytes; at most " + outputLen);
+      throw new IllegalArgumentException("not configured to encode " + inputLen
+                                         + "bytes; at most " + outputLen);
     return outputLen;
   }
 
-  protected int engineGetKeySize (final Key key) throws InvalidKeyException
+  protected int engineGetKeySize(final Key key) throws InvalidKeyException
   {
-    if (!(key instanceof RSAKey))
-      throw new InvalidKeyException ("not an RSA key");
-    return ((RSAKey) key).getModulus ().bitLength ();
+    if (! (key instanceof RSAKey))
+      throw new InvalidKeyException("not an RSA key");
+    return ((RSAKey) key).getModulus().bitLength();
   }
 
-  protected byte[] engineGetIV ()
+  protected byte[] engineGetIV()
   {
     return null;
   }
@@ -131,18 +122,18 @@ public class RSACipherImpl extends CipherSpi
     return null;
   }
 
-  protected void engineInit (int opmode, Key key, SecureRandom random)
-    throws InvalidKeyException
+  protected void engineInit(int opmode, Key key, SecureRandom random)
+      throws InvalidKeyException
   {
     int outputLen = 0;
     if (opmode == Cipher.ENCRYPT_MODE)
       {
-        if (!(key instanceof RSAPublicKey))
-          throw new InvalidKeyException ("expecting a RSAPublicKey");
+        if (! (key instanceof RSAPublicKey))
+          throw new InvalidKeyException("expecting a RSAPublicKey");
         encipherKey = (RSAPublicKey) key;
         decipherKey = null;
         blindingKey = null;
-        outputLen = (encipherKey.getModulus ().bitLength () + 7) / 8;
+        outputLen = (encipherKey.getModulus().bitLength() + 7) / 8;
       }
     else if (opmode == Cipher.DECRYPT_MODE)
       {
@@ -151,74 +142,78 @@ public class RSACipherImpl extends CipherSpi
             decipherKey = (RSAPrivateKey) key;
             encipherKey = null;
             blindingKey = null;
-            outputLen = (decipherKey.getModulus ().bitLength () + 7) / 8;
+            outputLen = (decipherKey.getModulus().bitLength() + 7) / 8;
           }
         else if (key instanceof RSAPublicKey)
           {
             if (decipherKey == null)
-              throw new IllegalStateException ("must configure decryption key first");
-            if (!decipherKey.getModulus ().equals (((RSAPublicKey) key).getModulus ()))
-              throw new InvalidKeyException ("blinding key is not compatible");
+              throw new IllegalStateException("must configure decryption key first");
+            if (! decipherKey.getModulus().equals(((RSAPublicKey) key).getModulus()))
+              throw new InvalidKeyException("blinding key is not compatible");
             blindingKey = (RSAPublicKey) key;
             return;
           }
         else
-          throw new InvalidKeyException ("expecting either an RSAPrivateKey or an RSAPublicKey (for blinding)");
+          throw new InvalidKeyException(
+              "expecting either an RSAPrivateKey or an RSAPublicKey (for blinding)");
       }
     else
-      throw new IllegalArgumentException ("only encryption and decryption supported");
+      throw new IllegalArgumentException("only encryption and decryption supported");
     this.random = random;
     this.opmode = opmode;
     pos = 0;
     dataBuffer = new byte[outputLen];
   }
 
-  protected void engineInit (int opmode, Key key, AlgorithmParameterSpec spec, SecureRandom random)
-    throws InvalidKeyException
+  protected void engineInit(int opmode, Key key, AlgorithmParameterSpec spec,
+                            SecureRandom random) throws InvalidKeyException
   {
-    engineInit (opmode, key, random);
+    engineInit(opmode, key, random);
   }
 
-  protected void engineInit (int opmode, Key key, AlgorithmParameters params, SecureRandom random)
-    throws InvalidKeyException
+  protected void engineInit(int opmode, Key key, AlgorithmParameters params,
+                            SecureRandom random) throws InvalidKeyException
   {
-    engineInit (opmode, key, random);
+    engineInit(opmode, key, random);
   }
 
-  protected byte[] engineUpdate (byte[] in, int offset, int length)
+  protected byte[] engineUpdate(byte[] in, int offset, int length)
   {
     if (opmode != Cipher.ENCRYPT_MODE && opmode != Cipher.DECRYPT_MODE)
-      throw new IllegalStateException ("not initialized");
-    System.arraycopy (in, offset, dataBuffer, pos, length);
+      throw new IllegalStateException("not initialized");
+    System.arraycopy(in, offset, dataBuffer, pos, length);
     pos += length;
     return EMPTY;
   }
 
-  protected int engineUpdate (byte[] in, int offset, int length, byte[] out, int outOffset)
+  protected int engineUpdate(byte[] in, int offset, int length, byte[] out,
+                             int outOffset)
   {
-    engineUpdate (in, offset, length);
+    engineUpdate(in, offset, length);
     return 0;
   }
 
-  protected byte[] engineDoFinal (byte[] in, int offset, int length)
-    throws IllegalBlockSizeException, BadPaddingException
+  protected byte[] engineDoFinal(byte[] in, int offset, int length)
+      throws IllegalBlockSizeException, BadPaddingException
   {
-    engineUpdate (in, offset, length);
+    engineUpdate(in, offset, length);
     if (opmode == Cipher.DECRYPT_MODE)
       {
         if (pos < dataBuffer.length)
-          throw new IllegalBlockSizeException ("expecting exactly " + dataBuffer.length + " bytes");
-        BigInteger enc = new BigInteger (1, dataBuffer);
-        byte[] dec = rsaDecrypt (enc);
-	logger.log (Component.CRYPTO, "RSA: decryption produced\n{0}",
-		    new ByteArray (dec));
+          throw new IllegalBlockSizeException("expecting exactly "
+                                              + dataBuffer.length + " bytes");
+        BigInteger enc = new BigInteger(1, dataBuffer);
+        byte[] dec = rsaDecrypt(enc);
+        logger.log(Component.CRYPTO, "RSA: decryption produced\n{0}",
+                   new ByteArray(dec));
         if (dec[0] != 0x02)
-          throw new BadPaddingException ("expected padding type 2");
+          throw new BadPaddingException("expected padding type 2");
         int i;
-        for (i = 1; i < dec.length && dec[i] != 0x00; i++);
-        int len = dec.length - i;
+        for (i = 1; i < dec.length && dec[i] != 0x00; i++)
+          ; // keep incrementing i
+        int len = dec.length - i - 1; // skip the 0x00 byte
         byte[] result = new byte[len];
-        System.arraycopy (dec, i, result, 0, len);
+        System.arraycopy(dec, i + 1, result, 0, len);
         pos = 0;
         return result;
       }
@@ -226,29 +221,29 @@ public class RSACipherImpl extends CipherSpi
       {
         offset = dataBuffer.length - pos;
         if (offset < 3)
-          throw new IllegalBlockSizeException ("input is too large to encrypt");
+          throw new IllegalBlockSizeException("input is too large to encrypt");
         byte[] dec = new byte[dataBuffer.length];
         dec[0] = 0x02;
         if (random == null)
-          random = new SecureRandom ();
-	byte[] pad = new byte[offset - 2];
-	random.nextBytes (pad);
-	for (int i = 0; i < pad.length; i++)
-	  if (pad[i] == 0)
-	    pad[i] = 1;
-	System.arraycopy (pad, 0, dec, 1, pad.length);
+          random = new SecureRandom();
+        byte[] pad = new byte[offset - 2];
+        random.nextBytes(pad);
+        for (int i = 0; i < pad.length; i++)
+          if (pad[i] == 0)
+            pad[i] = 1;
+        System.arraycopy(pad, 0, dec, 1, pad.length);
         dec[dec.length - pos] = 0x00;
-        System.arraycopy (dataBuffer, 0, dec, offset, pos);
-	logger.log (Component.CRYPTO, "RSA: produced padded plaintext\n{0}",
-		    new ByteArray (dec));
-        BigInteger x = new BigInteger (1, dec);
-        BigInteger y = x.modPow (encipherKey.getPublicExponent (),
-                                 encipherKey.getModulus ());
-        byte[] enc = y.toByteArray ();
+        System.arraycopy(dataBuffer, 0, dec, offset, pos);
+        logger.log(Component.CRYPTO, "RSA: produced padded plaintext\n{0}",
+                   new ByteArray(dec));
+        BigInteger x = new BigInteger(1, dec);
+        BigInteger y = x.modPow(encipherKey.getPublicExponent(),
+                                encipherKey.getModulus());
+        byte[] enc = y.toByteArray();
         if (enc[0] == 0x00)
           {
             byte[] tmp = new byte[enc.length - 1];
-            System.arraycopy (enc, 1, tmp, 0, tmp.length);
+            System.arraycopy(enc, 1, tmp, 0, tmp.length);
             enc = tmp;
           }
         pos = 0;
@@ -256,56 +251,54 @@ public class RSACipherImpl extends CipherSpi
       }
   }
 
-  protected int engineDoFinal (byte[] out, int offset)
-    throws ShortBufferException, IllegalBlockSizeException, BadPaddingException
+  protected int engineDoFinal(byte[] out, int offset)
+      throws ShortBufferException, IllegalBlockSizeException,
+      BadPaddingException
   {
-    byte[] result = engineDoFinal (EMPTY, 0, 0);
+    byte[] result = engineDoFinal(EMPTY, 0, 0);
     if (out.length - offset < result.length)
-      throw new ShortBufferException ("need " + result.length + ", have "
-                                      + (out.length - offset));
-    System.arraycopy (result, 0, out, offset, result.length);
+      throw new ShortBufferException("need " + result.length + ", have "
+                                     + (out.length - offset));
+    System.arraycopy(result, 0, out, offset, result.length);
     return result.length;
   }
 
-  protected int engineDoFinal (final byte[] input, final int offset, final int length,
-			       final byte[] output, final int outputOffset)
-    throws ShortBufferException, IllegalBlockSizeException, BadPaddingException
+  protected int engineDoFinal(final byte[] input, final int offset,
+                              final int length, final byte[] output,
+                              final int outputOffset)
+      throws ShortBufferException, IllegalBlockSizeException,
+      BadPaddingException
   {
-    byte[] result = engineDoFinal (input, offset, length);
+    byte[] result = engineDoFinal(input, offset, length);
     if (output.length - outputOffset < result.length)
-      throw new ShortBufferException ("need " + result.length + ", have "
-				      + (output.length - outputOffset));
-    System.arraycopy (result, 0, output, outputOffset, result.length);
+      throw new ShortBufferException("need " + result.length + ", have "
+                                     + (output.length - outputOffset));
+    System.arraycopy(result, 0, output, outputOffset, result.length);
     return result.length;
   }
 
   /**
    * Decrypts the ciphertext, employing RSA blinding if possible.
    */
-  private byte[] rsaDecrypt (BigInteger enc)
+  private byte[] rsaDecrypt(BigInteger enc)
   {
     if (random == null)
-      random = new SecureRandom ();
-    BigInteger n = decipherKey.getModulus ();
+      random = new SecureRandom();
+    BigInteger n = decipherKey.getModulus();
     BigInteger r = null;
     BigInteger pubExp = null;
     if (blindingKey != null)
-      pubExp = blindingKey.getPublicExponent ();
+      pubExp = blindingKey.getPublicExponent();
     if (pubExp != null && (decipherKey instanceof RSAPrivateCrtKey))
-      pubExp = ((RSAPrivateCrtKey) decipherKey).getPublicExponent ();
+      pubExp = ((RSAPrivateCrtKey) decipherKey).getPublicExponent();
     if (pubExp != null)
       {
-        r = new BigInteger (n.bitLength () - 1, random);
-        enc = r.modPow (pubExp, n).multiply (enc).mod (n);
+        r = new BigInteger(n.bitLength() - 1, random);
+        enc = r.modPow(pubExp, n).multiply(enc).mod(n);
       }
-
-    BigInteger dec = enc.modPow (decipherKey.getPrivateExponent (), n);
-
+    BigInteger dec = enc.modPow(decipherKey.getPrivateExponent(), n);
     if (pubExp != null)
-      {
-        dec = dec.multiply (r.modInverse (n)).mod (n);
-      }
-
-    return dec.toByteArray ();
+      dec = dec.multiply(r.modInverse(n)).mod(n);
+    return dec.toByteArray();
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/assembly/Assembly.java b/libjava/classpath/gnu/javax/crypto/assembly/Assembly.java
index 2d5bba3646e..49770675bbd 100644
--- a/libjava/classpath/gnu/javax/crypto/assembly/Assembly.java
+++ b/libjava/classpath/gnu/javax/crypto/assembly/Assembly.java
@@ -41,23 +41,19 @@ package gnu.javax.crypto.assembly;
 import java.util.Map;
 
 /**
- * <p>An <code>Assembly</code> is a construction consisting of a chain of
+ * An <code>Assembly</code> is a construction consisting of a chain of
  * {@link Transformer} elements; each wired in pre- or post- transformation
  * mode. This chain is terminated by one <code>LoopbackTransformer</code>
- * element.</p>
- *
- * <p>Once constructed, and correctly initialised, the bulk of the methods
- * available on the <code>Assembly</code> are delegated to the <i>head</i>
- * of the {@link Transformer} chain of the <code>Assembly</code>.</p>
- *
+ * element.
+ * <p>
+ * Once constructed, and correctly initialised, the bulk of the methods
+ * available on the <code>Assembly</code> are delegated to the <i>head</i> of
+ * the {@link Transformer} chain of the <code>Assembly</code>.
+ * 
  * @see Transformer
  */
 public class Assembly
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   public static final String DIRECTION = "gnu.crypto.assembly.assembly.direction";
 
   /** Flag that tells if the instance is initialised or not; and if yes how. */
@@ -66,9 +62,6 @@ public class Assembly
   /** The first Transformer in the chain. */
   private Transformer head;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
    * Trivial constructor that sets the <i>chain</i> to a
    * <code>LoopbackTransformer</code>.
@@ -81,21 +74,15 @@ public class Assembly
     head = new LoopbackTransformer();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   /**
    * Adds the designated {@link Transformer} and signals that it should operate
    * in pre-processing mode; i.e. it should apply its internal transformation
    * algorithm on the input data stream, <b>before</b> it passes that stream to
    * the next element in the <i>chain</i>.
-   *
+   * 
    * @param t the {@link Transformer} to add at the head of the current chain.
-   * @throws IllegalArgumentException if the designated {@link Transformer}
-   * has a non-null tail; i.e. it is already an element of a chain.
+   * @throws IllegalArgumentException if the designated {@link Transformer} has
+   *           a non-null tail; i.e. it is already an element of a chain.
    */
   public void addPreTransformer(Transformer t)
   {
@@ -107,10 +94,10 @@ public class Assembly
    * in post-processing mode; i.e. it should apply its internal transformation
    * algorithm on the input data stream, <b>after</b> it passes that stream to
    * the next element in the <i>chain</i>.
-   *
+   * 
    * @param t the {@link Transformer} to add at the head of the current chain.
-   * @throws IllegalArgumentException if the designated {@link Transformer}
-   * has a non-null tail; i.e. it is already an element of a chain.
+   * @throws IllegalArgumentException if the designated {@link Transformer} has
+   *           a non-null tail; i.e. it is already an element of a chain.
    */
   public void addPostTransformer(Transformer t)
   {
@@ -120,22 +107,18 @@ public class Assembly
   /**
    * Initialises the <code>Assembly</code> for operation with specific
    * characteristics.
-   *
+   * 
    * @param attributes a set of name-value pairs that describes the desired
-   * future behaviour of this instance.
+   *          future behaviour of this instance.
    * @throws IllegalStateException if the instance is already initialised.
    */
   public void init(Map attributes) throws TransformerException
   {
     if (wired != null)
-      {
-        throw new IllegalStateException();
-      }
+      throw new IllegalStateException();
     Direction flow = (Direction) attributes.get(DIRECTION);
     if (flow == null)
-      {
-        flow = Direction.FORWARD;
-      }
+      flow = Direction.FORWARD;
     attributes.put(Transformer.DIRECTION, flow);
     head.init(attributes);
     wired = flow;
@@ -155,12 +138,12 @@ public class Assembly
    * Convenience method that calls the method with same name and three
    * arguments, using a byte array of length <code>1</code> whose contents are
    * the designated byte.
-   *
+   * 
    * @param b the byte to process.
    * @return the result of transformation.
    * @throws IllegalStateException if the instance is not initialised.
    * @throws TransformerException if a transformation-related exception occurs
-   * during the operation.
+   *           during the operation.
    * @see #update(byte[], int, int)
    */
   public byte[] update(byte b) throws TransformerException
@@ -172,12 +155,12 @@ public class Assembly
    * Convenience method that calls the method with same name and three
    * arguments. All bytes in <code>in</code>, starting from index position
    * <code>0</code> are considered.
-   *
+   * 
    * @param in the input data bytes.
    * @return the result of transformation.
    * @throws IllegalStateException if the instance is not initialised.
    * @throws TransformerException if a transformation-related exception occurs
-   * during the operation.
+   *           during the operation.
    * @see #update(byte[], int, int)
    */
   public byte[] update(byte[] in) throws TransformerException
@@ -187,34 +170,32 @@ public class Assembly
 
   /**
    * Processes a designated number of bytes from a given byte array.
-   *
+   * 
    * @param in the input data bytes.
    * @param offset index of <code>in</code> from which to start considering
-   * data.
+   *          data.
    * @param length the count of bytes to process.
    * @return the result of transformation.
    * @throws IllegalStateException if the instance is not initialised.
    * @throws TransformerException if a transformation-related exception occurs
-   * during the operation.
+   *           during the operation.
    */
   public byte[] update(byte[] in, int offset, int length)
       throws TransformerException
   {
     if (wired == null)
-      {
-        throw new IllegalStateException();
-      }
+      throw new IllegalStateException();
     return head.update(in, offset, length);
   }
 
   /**
-   * Convenience method that calls the method with same name and three
-   * arguments using a 0-long byte array.
-   *
+   * Convenience method that calls the method with same name and three arguments
+   * using a 0-long byte array.
+   * 
    * @return the result of transformation.
    * @throws IllegalStateException if the instance is not initialised.
    * @throws TransformerException if a transformation-related exception occurs
-   * during the operation.
+   *           during the operation.
    * @see #lastUpdate(byte[], int, int)
    */
   public byte[] lastUpdate() throws TransformerException
@@ -226,12 +207,12 @@ public class Assembly
    * Convenience method that calls the method with same name and three
    * arguments, using a byte array of length <code>1</code> whose contents are
    * the designated byte.
-   *
+   * 
    * @param b the byte to process.
    * @return the result of transformation.
    * @throws IllegalStateException if the instance is not initialised.
    * @throws TransformerException if a transformation-related exception occurs
-   * during the operation.
+   *           during the operation.
    * @see #lastUpdate(byte[], int, int)
    */
   public byte[] lastUpdate(byte b) throws TransformerException
@@ -243,12 +224,12 @@ public class Assembly
    * Convenience method that calls the method with same name and three
    * arguments. All bytes in <code>in</code>, starting from index position
    * <code>0</code> are considered.
-   *
+   * 
    * @param in the input data bytes.
    * @return the result of transformation.
    * @throws IllegalStateException if the instance is not initialised.
    * @throws TransformerException if a transformation-related exception occurs
-   * during the operation.
+   *           during the operation.
    * @see #lastUpdate(byte[], int, int)
    */
   public byte[] lastUpdate(byte[] in) throws TransformerException
@@ -257,39 +238,33 @@ public class Assembly
   }
 
   /**
-   * Processes a designated number of bytes from a given byte array and
-   * signals, at the same time, that this is the last <i>push</i> operation for
-   * this <code>Assembly</code>.
-   *
+   * Processes a designated number of bytes from a given byte array and signals,
+   * at the same time, that this is the last <i>push</i> operation for this
+   * <code>Assembly</code>.
+   * 
    * @param in the input data bytes.
    * @param offset index of <code>in</code> from which to start considering
-   * data.
+   *          data.
    * @param length the count of bytes to process.
    * @return the result of transformation.
    * @throws IllegalStateException if the instance is not initialised.
-   * @throws TransformerException if a transformation-related exception
-   * occurs during the operation.
+   * @throws TransformerException if a transformation-related exception occurs
+   *           during the operation.
    */
   public byte[] lastUpdate(byte[] in, int offset, int length)
       throws TransformerException
   {
     if (wired == null)
-      {
-        throw new IllegalStateException();
-      }
+      throw new IllegalStateException();
     byte[] result = head.lastUpdate(in, offset, length);
     reset();
     return result;
   }
 
-  // helper methods ----------------------------------------------------------
-
   private void wireTransformer(Transformer t, Operation mode)
   {
     if (t.tail != null)
-      {
-        throw new IllegalArgumentException();
-      }
+      throw new IllegalArgumentException();
     t.setMode(mode);
     t.tail = head;
     head = t;
diff --git a/libjava/classpath/gnu/javax/crypto/assembly/Cascade.java b/libjava/classpath/gnu/javax/crypto/assembly/Cascade.java
index 678a7e7308d..f790956a472 100644
--- a/libjava/classpath/gnu/javax/crypto/assembly/Cascade.java
+++ b/libjava/classpath/gnu/javax/crypto/assembly/Cascade.java
@@ -49,36 +49,31 @@ import java.util.Map;
 import java.util.Set;
 
 /**
- * <p>A <i>Cascade</i> Cipher is the concatenation of two or more block ciphers
+ * A <i>Cascade</i> Cipher is the concatenation of two or more block ciphers
  * each with independent keys. Plaintext is input to the first stage; the output
- * of stage <code>i</code> is input to stage <code>i + 1</code>; and the output
- * of the last stage is the <i>Cascade</i>'s ciphertext output.</p>
- *
- * <p>In the simplest case, all stages in a <code>Cascade</code> have <i>k</i>-bit
+ * of stage <code>i</code> is input to stage <code>i + 1</code>; and the
+ * output of the last stage is the <i>Cascade</i>'s ciphertext output.
+ * <p>
+ * In the simplest case, all stages in a <code>Cascade</code> have <i>k</i>-bit
  * keys, and the stage inputs and outputs are all n-bit quantities. The stage
  * ciphers may differ (general cascade of ciphers), or all be identical (cascade
- * of identical ciphers).</p>
- *
- * <p>The term "block ciphers" used above refers to implementations of
- * {@link gnu.crypto.mode.IMode}, including the {@link gnu.crypto.mode.ECB}
- * mode which basically exposes a symmetric-key block cipher algorithm as a
- * <i>Mode</i> of Operations.</p>
- *
- * <p>References:</p>
- *
+ * of identical ciphers).
+ * <p>
+ * The term "block ciphers" used above refers to implementations of
+ * {@link gnu.javax.crypto.mode.IMode}, including the
+ * {@link gnu.javax.crypto.mode.ECB} mode which basically exposes a
+ * symmetric-key block cipher algorithm as a <i>Mode</i> of Operations.
+ * <p>
+ * References:
  * <ol>
- *    <li><a href="http://www.cacr.math.uwaterloo.ca/hac">[HAC]</a>: Handbook of
- *    Applied Cryptography.<br>
- *    CRC Press, Inc. ISBN 0-8493-8523-7, 1997<br>
- *    Menezes, A., van Oorschot, P. and S. Vanstone.</li>
+ * <li><a href="http://www.cacr.math.uwaterloo.ca/hac">[HAC]</a>: Handbook of
+ * Applied Cryptography.<br>
+ * CRC Press, Inc. ISBN 0-8493-8523-7, 1997<br>
+ * Menezes, A., van Oorschot, P. and S. Vanstone.</li>
  * </ol>
  */
 public class Cascade
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   public static final String DIRECTION = "gnu.crypto.assembly.cascade.direction";
 
   /** The map of Stages chained in this cascade. */
@@ -93,9 +88,6 @@ public class Cascade
   /** The curently set block-size for this instance. */
   protected int blockSize;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public Cascade()
   {
     super();
@@ -106,12 +98,9 @@ public class Cascade
     blockSize = 0;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
    * Returns the Least Common Multiple of two integers.
-   *
+   * 
    * @param a the first integer.
    * @param b the second integer.
    * @return the LCM of <code>abs(a)</code> and <code>abs(b)</code>.
@@ -123,18 +112,15 @@ public class Cascade
     return A.multiply(B).divide(A.gcd(B)).abs().intValue();
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   /**
    * Adds to the end of the current chain, a designated {@link Stage}.
-   *
+   * 
    * @param stage the {@link Stage} to append to the chain.
    * @return a unique identifier for this stage, within this cascade.
    * @throws IllegalStateException if the instance is already initialised.
-   * @throws IllegalArgumentException if the designated stage is already in
-   * the chain, or it has incompatible characteristics with the current
-   * elements already in the chain.
+   * @throws IllegalArgumentException if the designated stage is already in the
+   *           chain, or it has incompatible characteristics with the current
+   *           elements already in the chain.
    */
   public Object append(Stage stage) throws IllegalArgumentException
   {
@@ -143,13 +129,13 @@ public class Cascade
 
   /**
    * Adds to the begining of the current chain, a designated {@link Stage}.
-   *
+   * 
    * @param stage the {@link Stage} to prepend to the chain.
    * @return a unique identifier for this stage, within this cascade.
    * @throws IllegalStateException if the instance is already initialised.
-   * @throws IllegalArgumentException if the designated stage is already in
-   * the chain, or it has incompatible characteristics with the current
-   * elements already in the chain.
+   * @throws IllegalArgumentException if the designated stage is already in the
+   *           chain, or it has incompatible characteristics with the current
+   *           elements already in the chain.
    */
   public Object prepend(Stage stage) throws IllegalArgumentException
   {
@@ -159,62 +145,49 @@ public class Cascade
   /**
    * Inserts a {@link Stage} into the current chain, at the specified index
    * (zero-based) position.
-   *
+   * 
    * @param stage the {@link Stage} to insert into the chain.
    * @return a unique identifier for this stage, within this cascade.
-   * @throws IllegalArgumentException if the designated stage is already in
-   * the chain, or it has incompatible characteristics with the current
-   * elements already in the chain.
+   * @throws IllegalArgumentException if the designated stage is already in the
+   *           chain, or it has incompatible characteristics with the current
+   *           elements already in the chain.
    * @throws IllegalStateException if the instance is already initialised.
    * @throws IndexOutOfBoundsException if <code>index</code> is less than
-   * <code>0</code> or greater than the current size of this cascade.
+   *           <code>0</code> or greater than the current size of this
+   *           cascade.
    */
   public Object insert(int index, Stage stage) throws IllegalArgumentException,
       IndexOutOfBoundsException
   {
     if (stages.containsValue(stage))
-      {
-        throw new IllegalArgumentException();
-      }
+      throw new IllegalArgumentException();
     if (wired != null || stage == null)
-      {
-        throw new IllegalStateException();
-      }
-
+      throw new IllegalStateException();
     if (index < 0 || index > size())
-      {
-        throw new IndexOutOfBoundsException();
-      }
-
+      throw new IndexOutOfBoundsException();
     // check that there is a non-empty set of common block-sizes
     Set set = stage.blockSizes();
     if (stages.isEmpty())
       {
         if (set.isEmpty())
-          {
-            throw new IllegalArgumentException("1st stage with no block sizes");
-          }
+          throw new IllegalArgumentException("1st stage with no block sizes");
       }
     else
       {
         Set common = this.blockSizes();
         common.retainAll(set);
         if (common.isEmpty())
-          {
-            throw new IllegalArgumentException("no common block sizes found");
-          }
+          throw new IllegalArgumentException("no common block sizes found");
       }
-
     Object result = new Object();
     stageKeys.add(index, result);
     stages.put(result, stage);
-
     return result;
   }
 
   /**
    * Returns the current number of stages in this chain.
-   *
+   * 
    * @return the current count of stages in this chain.
    */
   public int size()
@@ -226,18 +199,16 @@ public class Cascade
    * Returns an {@link Iterator} over the stages contained in this instance.
    * Each element of this iterator is a concrete implementation of a {@link
    * Stage}.
-   *
+   * 
    * @return an {@link Iterator} over the stages contained in this instance.
-   * Each element of the returned iterator is a concrete instance of a {@link
-   * Stage}.
+   *         Each element of the returned iterator is a concrete instance of a
+   *         {@link Stage}.
    */
   public Iterator stages()
   {
     LinkedList result = new LinkedList();
     for (Iterator it = stageKeys.listIterator(); it.hasNext();)
-      {
-        result.addLast(stages.get(it.next()));
-      }
+      result.addLast(stages.get(it.next()));
     return result.listIterator();
   }
 
@@ -245,9 +216,9 @@ public class Cascade
    * Returns the {@link Set} of supported block sizes for this
    * <code>Cascade</code> that are common to all of its chained stages. Each
    * element in the returned {@link Set} is an instance of {@link Integer}.
-   *
-   * @return a {@link Set} of supported block sizes common to all the stages
-   * of the chain.
+   * 
+   * @return a {@link Set} of supported block sizes common to all the stages of
+   *         the chain.
    */
   public Set blockSizes()
   {
@@ -255,42 +226,33 @@ public class Cascade
     for (Iterator it = stages.values().iterator(); it.hasNext();)
       {
         Stage aStage = (Stage) it.next();
-        if (result == null)
-          { // first time
-            result = new HashSet(aStage.blockSizes());
-          }
+        if (result == null) // first time
+          result = new HashSet(aStage.blockSizes());
         else
-          {
-            result.retainAll(aStage.blockSizes());
-          }
+          result.retainAll(aStage.blockSizes());
       }
     return result == null ? Collections.EMPTY_SET : result;
   }
 
   /**
    * Initialises the chain for operation with specific characteristics.
-   *
+   * 
    * @param attributes a set of name-value pairs that describes the desired
-   * future behaviour of this instance.
+   *          future behaviour of this instance.
    * @throws IllegalStateException if the chain, or any of its stages, is
-   * already initialised.
+   *           already initialised.
    * @throws InvalidKeyException if the intialisation data provided with the
-   * stage is incorrect or causes an invalid key to be generated.
+   *           stage is incorrect or causes an invalid key to be generated.
    * @see Direction#FORWARD
    * @see Direction#REVERSED
    */
   public void init(Map attributes) throws InvalidKeyException
   {
     if (wired != null)
-      {
-        throw new IllegalStateException();
-      }
+      throw new IllegalStateException();
     Direction flow = (Direction) attributes.get(DIRECTION);
     if (flow == null)
-      {
-        flow = Direction.FORWARD;
-      }
-
+      flow = Direction.FORWARD;
     int optimalSize = 0;
     for (Iterator it = stageKeys.listIterator(); it.hasNext();)
       {
@@ -300,30 +262,25 @@ public class Cascade
         Stage stage = (Stage) stages.get(id);
         stage.init(attr);
         optimalSize = optimalSize == 0 ? stage.currentBlockSize()
-                                      : lcm(optimalSize,
-                                            stage.currentBlockSize());
-      }
-
-    if (flow == Direction.REVERSED)
-      { // reverse order
-        Collections.reverse(stageKeys);
+                                       : lcm(optimalSize,
+                                             stage.currentBlockSize());
       }
+    if (flow == Direction.REVERSED) // reverse order
+      Collections.reverse(stageKeys);
     wired = flow;
     blockSize = optimalSize;
   }
 
   /**
    * Returns the currently set block size for the chain.
-   *
+   * 
    * @return the current block size for the chain.
    * @throws IllegalStateException if the instance is not initialised.
    */
   public int currentBlockSize()
   {
     if (wired == null)
-      {
-        throw new IllegalStateException();
-      }
+      throw new IllegalStateException();
     return blockSize;
   }
 
@@ -334,25 +291,21 @@ public class Cascade
   public void reset()
   {
     for (Iterator it = stageKeys.listIterator(); it.hasNext();)
-      {
-        ((Stage) stages.get(it.next())).reset();
-      }
-    if (wired == Direction.REVERSED)
-      { // reverse it back
-        Collections.reverse(stageKeys);
-      }
+      ((Stage) stages.get(it.next())).reset();
+    if (wired == Direction.REVERSED) // reverse it back
+      Collections.reverse(stageKeys);
     wired = null;
     blockSize = 0;
   }
 
   /**
    * Processes exactly one block of <i>plaintext</i> (if initialised in the
-   * {@link Direction#FORWARD} state) or <i>ciphertext</i> (if initialised in the
-   * {@link Direction#REVERSED} state).
-   *
+   * {@link Direction#FORWARD} state) or <i>ciphertext</i> (if initialised in
+   * the {@link Direction#REVERSED} state).
+   * 
    * @param in the plaintext.
    * @param inOffset index of <code>in</code> from which to start considering
-   * data.
+   *          data.
    * @param out the ciphertext.
    * @param outOffset index of <code>out</code> from which to store result.
    * @throws IllegalStateException if the instance is not initialised.
@@ -360,23 +313,17 @@ public class Cascade
   public void update(byte[] in, int inOffset, byte[] out, int outOffset)
   {
     if (wired == null)
-      {
-        throw new IllegalStateException();
-      }
+      throw new IllegalStateException();
     int stageBlockSize, j, i = stages.size();
     for (Iterator it = stageKeys.listIterator(); it.hasNext();)
       {
         Stage stage = (Stage) stages.get(it.next());
         stageBlockSize = stage.currentBlockSize();
         for (j = 0; j < blockSize; j += stageBlockSize)
-          {
-            stage.update(in, inOffset + j, out, outOffset + j);
-          }
+          stage.update(in, inOffset + j, out, outOffset + j);
         i--;
         if (i > 0)
-          {
-            System.arraycopy(out, outOffset, in, inOffset, blockSize);
-          }
+          System.arraycopy(out, outOffset, in, inOffset, blockSize);
       }
   }
 
@@ -385,18 +332,16 @@ public class Cascade
    * encryption / decryption test(s) for all supported block and key sizes of
    * underlying block cipher(s) wrapped by Mode leafs. The test also includes
    * one (1) variable key Known Answer Test (KAT) for each block cipher.
-   *
+   * 
    * @return <code>true</code> if the implementation passes simple
-   * <i>correctness</i> tests. Returns <code>false</code> otherwise.
+   *         <i>correctness</i> tests. Returns <code>false</code> otherwise.
    */
   public boolean selfTest()
   {
     for (Iterator it = stageKeys.listIterator(); it.hasNext();)
       {
-        if (!((Stage) stages.get(it.next())).selfTest())
-          {
-            return false;
-          }
+        if (! ((Stage) stages.get(it.next())).selfTest())
+          return false;
       }
     return true;
   }
diff --git a/libjava/classpath/gnu/javax/crypto/assembly/CascadeStage.java b/libjava/classpath/gnu/javax/crypto/assembly/CascadeStage.java
index 81629f5a8e7..b86f42e2aec 100644
--- a/libjava/classpath/gnu/javax/crypto/assembly/CascadeStage.java
+++ b/libjava/classpath/gnu/javax/crypto/assembly/CascadeStage.java
@@ -44,19 +44,13 @@ import java.util.Map;
 import java.util.Set;
 
 /**
- * <p>A Cascade <i>Stage</i> in a Cascade Cipher.</p>
+ * A Cascade <i>Stage</i> in a Cascade Cipher.
  */
-class CascadeStage extends Stage
+class CascadeStage
+    extends Stage
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   private Cascade delegate;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   CascadeStage(Cascade cascade, Direction forwardDirection)
   {
     super(forwardDirection);
@@ -64,12 +58,6 @@ class CascadeStage extends Stage
     this.delegate = cascade;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   public Set blockSizes()
   {
     return Collections.unmodifiableSet(delegate.blockSizes());
@@ -79,9 +67,7 @@ class CascadeStage extends Stage
   {
     Direction flow = (Direction) attributes.get(DIRECTION);
     attributes.put(DIRECTION, flow.equals(forward) ? forward
-                                                  : Direction.reverse(forward));
-    //      delegate.init(flow.equals(forward) ? forward : backward);
-    //      delegate.init(flow.equals(forward) ? forward : Direction.reverse(forward));
+                                                   : Direction.reverse(forward));
     delegate.init(attributes);
   }
 
diff --git a/libjava/classpath/gnu/javax/crypto/assembly/CascadeTransformer.java b/libjava/classpath/gnu/javax/crypto/assembly/CascadeTransformer.java
index dbbc7cd286e..5fce51a15eb 100644
--- a/libjava/classpath/gnu/javax/crypto/assembly/CascadeTransformer.java
+++ b/libjava/classpath/gnu/javax/crypto/assembly/CascadeTransformer.java
@@ -45,19 +45,13 @@ import java.util.Map;
  * An Adapter to use any {@link Cascade} as a {@link Transformer} in an
  * {@link Assembly}.
  */
-class CascadeTransformer extends Transformer
+class CascadeTransformer
+    extends Transformer
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   private Cascade delegate;
 
   private int blockSize;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   CascadeTransformer(Cascade delegate)
   {
     super();
@@ -65,12 +59,6 @@ class CascadeTransformer extends Transformer
     this.delegate = delegate;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instant methods
-  // -------------------------------------------------------------------------
-
   void initDelegate(Map attributes) throws TransformerException
   {
     attributes.put(Cascade.DIRECTION, wired);
@@ -107,11 +95,9 @@ class CascadeTransformer extends Transformer
   {
     if (inBuffer.size() != 0)
       {
-        throw new TransformerException(
-                                       "lastUpdateDelegate()",
-                                       new IllegalStateException(
-                                                                 "Cascade transformer, after last "
-                                                                     + "update, must be empty but isn't"));
+        IllegalStateException cause = new IllegalStateException(
+            "Cascade transformer, after last update, must be empty but isn't");
+        throw new TransformerException("lastUpdateDelegate()", cause);
       }
     return new byte[0];
   }
diff --git a/libjava/classpath/gnu/javax/crypto/assembly/DeflateTransformer.java b/libjava/classpath/gnu/javax/crypto/assembly/DeflateTransformer.java
index 35328a6c1dc..e5c0b7a5724 100644
--- a/libjava/classpath/gnu/javax/crypto/assembly/DeflateTransformer.java
+++ b/libjava/classpath/gnu/javax/crypto/assembly/DeflateTransformer.java
@@ -44,27 +44,22 @@ import java.util.zip.Deflater;
 import java.util.zip.Inflater;
 
 /**
- * <p>A {@link Transformer} Adapter allowing inclusion of a DEFLATE compression
+ * A {@link Transformer} Adapter allowing inclusion of a DEFLATE compression
  * algorithm in an {@link Assembly} chain. The {@link Direction#FORWARD}
  * transformation is a compression (deflate) of input data, while the
- * {@link Direction#REVERSED} one is a decompression (inflate) that restores
- * the original data.</p>
- *
- * <p>This {@link Transformer} uses a {@link Deflater} instance to carry on the
- * compression, and an {@link Inflater} to do the decompression.</p>
- *
- * <p>When using such a {@link Transformer}, in an {@link Assembly}, there must
+ * {@link Direction#REVERSED} one is a decompression (inflate) that restores the
+ * original data.
+ * <p>
+ * This {@link Transformer} uses a {@link Deflater} instance to carry on the
+ * compression, and an {@link Inflater} to do the decompression.
+ * <p>
+ * When using such a {@link Transformer}, in an {@link Assembly}, there must
  * be at least one element behind this instance in the constructed chain;
- * otherwise, a {@link TransformerException} is thrown at initialisation time.</p>
- *
- * @version Revision: $
+ * otherwise, a {@link TransformerException} is thrown at initialisation time.
  */
-class DeflateTransformer extends Transformer
+class DeflateTransformer
+    extends Transformer
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   private Deflater compressor;
 
   private Inflater decompressor;
@@ -73,46 +68,31 @@ class DeflateTransformer extends Transformer
 
   private byte[] zlibBuffer;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   DeflateTransformer()
   {
     super();
 
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   void initDelegate(Map attributes) throws TransformerException
   {
     if (tail == null)
       {
-        throw new TransformerException(
-                                       "initDelegate()",
-                                       new IllegalStateException(
-                                                                 "Compression transformer missing its tail!"));
+        IllegalStateException cause = new IllegalStateException(
+            "Compression transformer missing its tail!");
+        throw new TransformerException("initDelegate()", cause);
       }
     outputBlockSize = tail.currentBlockSize();
     zlibBuffer = new byte[outputBlockSize];
     Direction flow = (Direction) attributes.get(DIRECTION);
     if (flow == Direction.FORWARD)
-      {
-        compressor = new Deflater();
-      }
+      compressor = new Deflater();
     else
-      {
-        decompressor = new Inflater();
-      }
+      decompressor = new Inflater();
   }
 
   int delegateBlockSize()
   {
-    //      return outputBlockSize;
     return 1;
   }
 
@@ -131,68 +111,36 @@ class DeflateTransformer extends Transformer
     if (wired == Direction.FORWARD)
       {
         compressor.setInput(in, offset, length);
-        while (!compressor.needsInput())
-          {
-            compress();
-          }
+        while (! compressor.needsInput())
+          compress();
       }
-    else
-      { // decompression: inflate first and then update tail
-        decompress(in, offset, length);
-      }
-
+    else // decompression: inflate first and then update tail
+      decompress(in, offset, length);
     result = inBuffer.toByteArray();
     inBuffer.reset();
     return result;
   }
 
-  //   byte[] lastUpdateDelegate(byte[] in, int offset, int length)
-  //   throws TransformerException {
-  //      // process multiples of blocksize as much as possible
-  //      byte[] result = this.updateDelegate(in, offset, length);
-  //      inBuffer.write(result, 0, result.length);
-  //      if (wired == Direction.FORWARD) { // compressing
-  //         if (!compressor.finished()) {
-  //            compressor.finish();
-  //            while (!compressor.finished()) {
-  //               compress();
-  //            }
-  //         }
-  //      } else { // decompressing
-  //         if (!decompressor.finished()) {
-  //            throw new TransformerException("lastUpdateDelegate()",
-  //                  new IllegalStateException("Compression transformer, after last "
-  //                  +"update, must be finished but isn't"));
-  //         }
-  //      }
-  //
-  //      result = inBuffer.toByteArray();
-  //      inBuffer.reset();
-  //      return result;
-  //   }
   byte[] lastUpdateDelegate() throws TransformerException
   {
     // process multiples of blocksize as much as possible
-    if (wired == Direction.FORWARD)
-      { // compressing
-        if (!compressor.finished())
+    if (wired == Direction.FORWARD) // compressing
+      {
+        if (! compressor.finished())
           {
             compressor.finish();
-            while (!compressor.finished())
-              {
-                compress();
-              }
+            while (! compressor.finished())
+              compress();
           }
       }
-    else
-      { // decompressing
-        if (!decompressor.finished())
+    else // decompressing
+      {
+        if (! decompressor.finished())
           {
-            throw new TransformerException(
-                                           "lastUpdateDelegate()",
-                                           new IllegalStateException(
-                                                                     "Compression transformer, after last "
-                                                                         + "update, must be finished but isn't"));
+            IllegalStateException cause = new IllegalStateException(
+                "Compression transformer, after last update, must be finished "
+                + "but isn't");
+            throw new TransformerException("lastUpdateDelegate()", cause);
           }
       }
     byte[] result = inBuffer.toByteArray();
@@ -204,9 +152,7 @@ class DeflateTransformer extends Transformer
   {
     int len = compressor.deflate(zlibBuffer);
     if (len > 0)
-      {
-        inBuffer.write(zlibBuffer, 0, len);
-      }
+      inBuffer.write(zlibBuffer, 0, len);
   }
 
   private void decompress(byte[] in, int offset, int length)
@@ -225,9 +171,7 @@ class DeflateTransformer extends Transformer
             throw new TransformerException("decompress()", x);
           }
         if (len > 0)
-          {
-            inBuffer.write(zlibBuffer, 0, len);
-          }
+          inBuffer.write(zlibBuffer, 0, len);
       }
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/assembly/Direction.java b/libjava/classpath/gnu/javax/crypto/assembly/Direction.java
index 58b59a6307f..48c74ed1ba0 100644
--- a/libjava/classpath/gnu/javax/crypto/assembly/Direction.java
+++ b/libjava/classpath/gnu/javax/crypto/assembly/Direction.java
@@ -39,32 +39,26 @@ exception statement from your version.  */
 package gnu.javax.crypto.assembly;
 
 /**
- * <p>An enumeration type for wiring {@link Stage} instances into {@link
- * Cascade} Cipher chains, as well as for operating a {@link Cascade} in a
- * given direction.</p>
- *
- * <p>The possible values for this type are two:</p>
+ * An enumeration type for wiring {@link Stage} instances into {@link Cascade}
+ * Cipher chains, as well as for operating a {@link Cascade} in a given
+ * direction.
+ * <p>
+ * The possible values for this type are two:
  * <ol>
- *    <li>FORWARD: equivalent to {@link gnu.crypto.mode.IMode#ENCRYPTION}, and
- *    its inverse value</li>
- *    <li>REVERSED: equivalent to {@link gnu.crypto.mode.IMode#DECRYPTION}.</li>
+ * <li>FORWARD: equivalent to {@link gnu.javax.crypto.mode.IMode#ENCRYPTION},
+ * and its inverse value</li>
+ * <li>REVERSED: equivalent to {@link gnu.javax.crypto.mode.IMode#DECRYPTION}.
+ * </li>
  * </ol>
  */
 public final class Direction
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   public static final Direction FORWARD = new Direction(1);
 
   public static final Direction REVERSED = new Direction(2);
 
   private int value;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   private Direction(int value)
   {
     super();
@@ -72,17 +66,11 @@ public final class Direction
     this.value = value;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   public static final Direction reverse(Direction d)
   {
     return (d.equals(FORWARD) ? REVERSED : FORWARD);
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   public String toString()
   {
     return (this == FORWARD ? "forward" : "reversed");
diff --git a/libjava/classpath/gnu/javax/crypto/assembly/LoopbackTransformer.java b/libjava/classpath/gnu/javax/crypto/assembly/LoopbackTransformer.java
index 3c0bdfab30c..bba1da77843 100644
--- a/libjava/classpath/gnu/javax/crypto/assembly/LoopbackTransformer.java
+++ b/libjava/classpath/gnu/javax/crypto/assembly/LoopbackTransformer.java
@@ -44,27 +44,15 @@ import java.util.Map;
  * A trivial {@link Transformer} to allow closing a chain in an {@link Assembly}.
  * This class is not visible outside this package.
  */
-final class LoopbackTransformer extends Transformer
+final class LoopbackTransformer
+    extends Transformer
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
-  /** Trivial protected constructor. */
+  /** Trivial package-private constructor. */
   LoopbackTransformer()
   {
     super();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   public void init(Map attributes) throws TransformerException
   {
   }
@@ -84,8 +72,6 @@ final class LoopbackTransformer extends Transformer
     return lastUpdateDelegate();
   }
 
-  // abstract methods to be implemented by concrete subclasses ---------------
-
   void initDelegate(Map attributes) throws TransformerException
   {
   }
diff --git a/libjava/classpath/gnu/javax/crypto/assembly/ModeStage.java b/libjava/classpath/gnu/javax/crypto/assembly/ModeStage.java
index 1143348f675..253ab4ae60a 100644
--- a/libjava/classpath/gnu/javax/crypto/assembly/ModeStage.java
+++ b/libjava/classpath/gnu/javax/crypto/assembly/ModeStage.java
@@ -48,25 +48,19 @@ import java.util.Map;
 import java.util.Set;
 
 /**
- * <p>An {@link IMode} {@link Stage} in a {@link Cascade} Cipher chain.</p>
- *
- * <p>Such a stage wraps an implementation of a Block Cipher Mode of Operation
+ * An {@link IMode} {@link Stage} in a {@link Cascade} Cipher chain.
+ * <p>
+ * Such a stage wraps an implementation of a Block Cipher Mode of Operation
  * ({@link IMode}) to allow inclusion of such an instance in a cascade of block
- * ciphers.</p>
+ * ciphers.
  */
-class ModeStage extends Stage
+class ModeStage
+    extends Stage
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   private IMode delegate;
 
   private transient Set cachedBlockSizes;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   ModeStage(IMode mode, Direction forwardDirection)
   {
     super(forwardDirection);
@@ -75,21 +69,13 @@ class ModeStage extends Stage
     cachedBlockSizes = null;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   public Set blockSizes()
   {
     if (cachedBlockSizes == null)
       {
         HashSet result = new HashSet();
         for (Iterator it = delegate.blockSizes(); it.hasNext();)
-          {
-            result.add(it.next());
-          }
+          result.add(it.next());
         cachedBlockSizes = Collections.unmodifiableSet(result);
       }
     return cachedBlockSizes;
@@ -99,9 +85,8 @@ class ModeStage extends Stage
   {
     Direction flow = (Direction) attributes.get(DIRECTION);
     attributes.put(IMode.STATE,
-                   new Integer(flow.equals(forward) ? IMode.ENCRYPTION
-                                                   : IMode.DECRYPTION));
-
+                   Integer.valueOf(flow.equals(forward) ? IMode.ENCRYPTION
+                                                        : IMode.DECRYPTION));
     delegate.init(attributes);
   }
 
diff --git a/libjava/classpath/gnu/javax/crypto/assembly/Operation.java b/libjava/classpath/gnu/javax/crypto/assembly/Operation.java
index 34cae52ea80..28fdf941298 100644
--- a/libjava/classpath/gnu/javax/crypto/assembly/Operation.java
+++ b/libjava/classpath/gnu/javax/crypto/assembly/Operation.java
@@ -39,34 +39,26 @@ exception statement from your version.  */
 package gnu.javax.crypto.assembly;
 
 /**
- * <p>An enumeration type for specifying the operation type of a
- * {@link Transformer}.</p>
- *
- * <p>The possible values for this type are two:</p>
+ * An enumeration type for specifying the operation type of a
+ * {@link Transformer}.
+ * <p>
+ * The possible values for this type are two:
  * <ol>
- *    <li>PRE_PROCESSING: where the input data is first processed by the
- *    current {@link Transformer} before being passed to the rest of the chain;
- *    and</li>
- *    <li>POST_PROCESSING: where the input data is first passed to the rest of
- *    the chain, and the resulting bytes are then processed by the current
- *    {@link Transformer}.</li>
+ * <li>PRE_PROCESSING: where the input data is first processed by the current
+ * {@link Transformer} before being passed to the rest of the chain; and</li>
+ * <li>POST_PROCESSING: where the input data is first passed to the rest of the
+ * chain, and the resulting bytes are then processed by the current
+ * {@link Transformer}.</li>
  * </ol>
  */
 public final class Operation
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   public static final Operation PRE_PROCESSING = new Operation(1);
 
   public static final Operation POST_PROCESSING = new Operation(2);
 
   private int value;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   private Operation(int value)
   {
     super();
@@ -74,12 +66,6 @@ public final class Operation
     this.value = value;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   public String toString()
   {
     return (this == PRE_PROCESSING ? "pre-processing" : "post-processing");
diff --git a/libjava/classpath/gnu/javax/crypto/assembly/PaddingTransformer.java b/libjava/classpath/gnu/javax/crypto/assembly/PaddingTransformer.java
index c63f92e87bc..c11f4fe88da 100644
--- a/libjava/classpath/gnu/javax/crypto/assembly/PaddingTransformer.java
+++ b/libjava/classpath/gnu/javax/crypto/assembly/PaddingTransformer.java
@@ -44,26 +44,20 @@ import gnu.javax.crypto.pad.WrongPaddingException;
 import java.util.Map;
 
 /**
- * <p>An Adapter to use any {@link IPad} as a {@link Transformer} in an
- * {@link Assembly}.</p>
- *
- * <p>When using such a {@link Transformer}, in an {@link Assembly}, there must
+ * An Adapter to use any {@link IPad} as a {@link Transformer} in an
+ * {@link Assembly}.
+ * <p>
+ * When using such a {@link Transformer}, in an {@link Assembly}, there must
  * be at least one element behind this instance in the constructed chain;
- * otherwise, a {@link TransformerException} is thrown at initialisation time.</p>
+ * otherwise, a {@link TransformerException} is thrown at initialisation time.
  */
-class PaddingTransformer extends Transformer
+class PaddingTransformer
+    extends Transformer
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   private IPad delegate;
 
   private int outputBlockSize = 1;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   PaddingTransformer(IPad padding)
   {
     super();
@@ -71,20 +65,13 @@ class PaddingTransformer extends Transformer
     this.delegate = padding;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   void initDelegate(Map attributes) throws TransformerException
   {
     if (tail == null)
       {
-        throw new TransformerException(
-                                       "initDelegate()",
-                                       new IllegalStateException(
-                                                                 "Padding transformer missing its tail!"));
+        IllegalStateException cause = new IllegalStateException(
+            "Padding transformer missing its tail!");
+        throw new TransformerException("initDelegate()", cause);
       }
     outputBlockSize = tail.currentBlockSize();
     delegate.init(outputBlockSize);
@@ -108,9 +95,10 @@ class PaddingTransformer extends Transformer
     byte[] tmp = inBuffer.toByteArray();
     inBuffer.reset();
     byte[] result;
-    if (wired == Direction.FORWARD)
-      { // padding
-        // buffers remaining bytes from (inBuffer + in) that are less than 1 block
+    if (wired == Direction.FORWARD) // padding
+      {
+        // buffers remaining bytes from (inBuffer + in) that are less than 1
+        // block
         if (tmp.length < outputBlockSize)
           {
             inBuffer.write(tmp, 0, tmp.length);
@@ -124,8 +112,8 @@ class PaddingTransformer extends Transformer
             System.arraycopy(tmp, 0, result, 0, newlen);
           }
       }
-    else
-      { // unpadding
+    else // unpadding
+      {
         // always keep in own buffer a max of 1 block to cater for lastUpdate
         if (tmp.length < outputBlockSize)
           {
@@ -147,14 +135,14 @@ class PaddingTransformer extends Transformer
     byte[] result;
     // process multiples of blocksize as much as possible
     // catenate result from processing inBuffer with last-update( tail )
-    if (wired == Direction.FORWARD)
-      { // padding
+    if (wired == Direction.FORWARD) // padding
+      {
         result = inBuffer.toByteArray();
         byte[] padding = delegate.pad(result, 0, result.length);
         inBuffer.write(padding, 0, padding.length);
       }
-    else
-      { // unpadding
+    else // unpadding
+      {
         byte[] tmp = inBuffer.toByteArray();
         inBuffer.reset();
         int realLength;
diff --git a/libjava/classpath/gnu/javax/crypto/assembly/Stage.java b/libjava/classpath/gnu/javax/crypto/assembly/Stage.java
index 23d50bb8237..d023f62830a 100644
--- a/libjava/classpath/gnu/javax/crypto/assembly/Stage.java
+++ b/libjava/classpath/gnu/javax/crypto/assembly/Stage.java
@@ -45,59 +45,56 @@ import java.util.Map;
 import java.util.Set;
 
 /**
- * <p>A <i>Stage</i> in a Cascade Cipher.</p>
- *
- * <p>Each stage may be either an implementation of a Block Cipher Mode of
- * Operation ({@link IMode}) or another Cascade Cipher ({@link Cascade}). Each
- * stage has also a <i>natural</i> operational direction when constructed for
- * inclusion within a {@link Cascade}. This <i>natural</i> direction dictates
- * how data flows from one stage into another when stages are chained together
- * in a cascade. One can think of a stage and its natural direction as the
- * specification of how to wire the stage into the chain. The following diagrams
- * may help understand the paradigme. The first shows two stages chained each
- * with a {@link Direction#FORWARD} direction.</p>
+ * A <i>Stage</i> in a Cascade Cipher.
+ * <p>
+ * Each stage may be either an implementation of a Block Cipher Mode of
+ * Operation ({@link IMode}) or another Cascade Cipher ({@link Cascade}).
+ * Each stage has also a <i>natural</i> operational direction when constructed
+ * for inclusion within a {@link Cascade}. This <i>natural</i> direction
+ * dictates how data flows from one stage into another when stages are chained
+ * together in a cascade. One can think of a stage and its natural direction as
+ * the specification of how to wire the stage into the chain. The following
+ * diagrams may help understand the paradigme. The first shows two stages
+ * chained each with a {@link Direction#FORWARD} direction.
+ * 
  * <pre>
- *           FORWARD         FORWARD
- *       +------+       +-------+
- *       |      |       |       |
- *       |  +--in --+   |   +--in --+
- *    ---+  | Stage |   |   | Stage |  +---
- *          +--out--+   |   +--out--+  |
- *              |       |       |      |
- *              +-------+       +------+
+ *            FORWARD         FORWARD
+ *        +------+       +-------+
+ *        |      |       |       |
+ *        |  +--in --+   |   +--in --+
+ *     ---+  | Stage |   |   | Stage |  +---
+ *           +--out--+   |   +--out--+  |
+ *               |       |       |      |
+ *               +-------+       +------+
  * </pre>
- * <p>The second diagram shows two stages, one in a {@link Direction#FORWARD}
+ * 
+ * <p>
+ * The second diagram shows two stages, one in a {@link Direction#FORWARD}
  * direction, while the other is wired in a {@link Direction#REVERSED}
- * direction.</p>
+ * direction.
+ * 
  * <pre>
- *           FORWARD         REVERSED
- *       +------+               +------+
- *       |      |               |      |
- *       |  +--in --+       +--in --+  |
- *    ---+  | Stage |       | Stage |  +---
- *          +--out--+       +--out--+
- *              |               |
- *              +---------------+
+ *            FORWARD         REVERSED
+ *        +------+               +------+
+ *        |      |               |      |
+ *        |  +--in --+       +--in --+  |
+ *     ---+  | Stage |       | Stage |  +---
+ *           +--out--+       +--out--+
+ *               |               |
+ *               +---------------+
  * </pre>
- *
+ * 
  * @see ModeStage
  * @see CascadeStage
  */
 public abstract class Stage
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   public static final String DIRECTION = "gnu.crypto.assembly.stage.direction";
 
   protected Direction forward;
 
   protected Direction wired;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   protected Stage(Direction forwardDirection)
   {
     super();
@@ -106,9 +103,6 @@ public abstract class Stage
     this.wired = null;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   public static final Stage getInstance(IMode mode, Direction forwardDirection)
   {
     return new ModeStage(mode, forwardDirection);
@@ -120,32 +114,27 @@ public abstract class Stage
     return new CascadeStage(cascade, forwardDirection);
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   /**
    * Returns the {@link Set} of supported block sizes for this
    * <code>Stage</code>. Each element in the returned {@link Set} is an
    * instance of {@link Integer}.
-   *
+   * 
    * @return a {@link Set} of supported block sizes.
    */
   public abstract Set blockSizes();
 
   /**
    * Initialises the stage for operation with specific characteristics.
-   *
+   * 
    * @param attributes a set of name-value pairs that describes the desired
-   * future behaviour of this instance.
+   *          future behaviour of this instance.
    * @throws IllegalStateException if the instance is already initialised.
    * @throws InvalidKeyException if the key data is invalid.
    */
   public void init(Map attributes) throws InvalidKeyException
   {
     if (wired != null)
-      {
-        throw new IllegalStateException();
-      }
+      throw new IllegalStateException();
     Direction flow = (Direction) attributes.get(DIRECTION);
     if (flow == null)
       {
@@ -158,7 +147,7 @@ public abstract class Stage
 
   /**
    * Returns the currently set block size for the stage.
-   *
+   * 
    * @return the current block size for this stage.
    * @throws IllegalStateException if the instance is not initialised.
    */
@@ -178,10 +167,10 @@ public abstract class Stage
    * Processes exactly one block of <i>plaintext</i> (if initialised in the
    * {@link Direction#FORWARD} state) or <i>ciphertext</i> (if initialised in
    * the {@link Direction#REVERSED} state).
-   *
+   * 
    * @param in the plaintext.
    * @param inOffset index of <code>in</code> from which to start considering
-   * data.
+   *          data.
    * @param out the ciphertext.
    * @param outOffset index of <code>out</code> from which to store result.
    * @throws IllegalStateException if the instance is not initialised.
@@ -189,9 +178,7 @@ public abstract class Stage
   public void update(byte[] in, int inOffset, byte[] out, int outOffset)
   {
     if (wired == null)
-      {
-        throw new IllegalStateException();
-      }
+      throw new IllegalStateException();
     updateDelegate(in, inOffset, out, outOffset);
   }
 
@@ -200,14 +187,12 @@ public abstract class Stage
    * encryption / decryption test(s) for all supported block and key sizes of
    * underlying block cipher(s) wrapped by Mode leafs. The test also includes
    * one (1) variable key Known Answer Test (KAT) for each block cipher.
-   *
+   * 
    * @return <code>true</code> if the implementation passes simple
-   * <i>correctness</i> tests. Returns <code>false</code> otherwise.
+   *         <i>correctness</i> tests. Returns <code>false</code> otherwise.
    */
   public abstract boolean selfTest();
 
-  // abstract methods to be implemented by concrete subclasses ---------------
-
   abstract void initDelegate(Map attributes) throws InvalidKeyException;
 
   abstract void resetDelegate();
diff --git a/libjava/classpath/gnu/javax/crypto/assembly/Transformer.java b/libjava/classpath/gnu/javax/crypto/assembly/Transformer.java
index 80430dc196f..58a991b93b9 100644
--- a/libjava/classpath/gnu/javax/crypto/assembly/Transformer.java
+++ b/libjava/classpath/gnu/javax/crypto/assembly/Transformer.java
@@ -44,50 +44,44 @@ import java.io.ByteArrayOutputStream;
 import java.util.Map;
 
 /**
- * <p>A <code>Transformer</code> is an abstract representation of a two-way
+ * A <code>Transformer</code> is an abstract representation of a two-way
  * <i>transformation</i> that can be chained together with other instances of
  * this type. Examples of such transformations in this library are:
- * {@link Cascade} cipher, {@link gnu.crypto.pad.IPad} algorithm, and a
+ * {@link Cascade} cipher, {@link gnu.javax.crypto.pad.IPad} algorithm, and a
  * ZLib-based deflater/inflater algorithm. A special implementation of a
- * <code>Transformer</code> to close a chain is also provided.</p>
- *
- * <p>A <code>Transformer</code> is characterised by the followings:<p>
+ * <code>Transformer</code> to close a chain is also provided.
+ * <p>
+ * A <code>Transformer</code> is characterised by the followings:
  * <ul>
- *    <li>It can be chained to other instances, to form an {@link Assembly}.</li>
- *    <li>When configured in an {@link Assembly}, it can be set to apply its
- *    internal transformation on the input data stream before (pre-processing)
- *    or after (post-processing) passing the input data to the next element in
- *    the chain. Note that the same type <code>Transformer</code> can be used as
- *    either in pre-processing or a post-processing modes.</li>
- *    <li>A special transformer --<code>LoopbackTransformer</code>-- is used to
- *    close the chain.</li>
- *    <li>A useful type of <code>Transformer</code> --one we're interested in--
- *    has internal buffers. The distinction between a casual push (update)
- *    operation and the last one allows to correctly flush any intermediate
- *    bytes that may exist in those buffers.</li>
+ * <li>It can be chained to other instances, to form an {@link Assembly}.</li>
+ * <li>When configured in an {@link Assembly}, it can be set to apply its
+ * internal transformation on the input data stream before (pre-processing) or
+ * after (post-processing) passing the input data to the next element in the
+ * chain. Note that the same type <code>Transformer</code> can be used as
+ * either in pre-processing or a post-processing modes.</li>
+ * <li>A special transformer --<code>LoopbackTransformer</code>-- is used
+ * to close the chain.</li>
+ * <li>A useful type of <code>Transformer</code> --one we're interested in--
+ * has internal buffers. The distinction between a casual push (update)
+ * operation and the last one allows to correctly flush any intermediate bytes
+ * that may exist in those buffers.</li>
  * </ul>
- *
- * <p>To allow wiring <code>Transformer</code> instances together, a
+ * <p>
+ * To allow wiring <code>Transformer</code> instances together, a
  * <i>minimal-output-size</i> in bytes is necessary. The trivial case of a
  * value of <code>1</code> for such attribute practically means that no output
  * buffering, from the previous element, is needed --which is independant of
- * buffering the input if the <code>Transformer</code> implementation itself is
- * block-based.</p>
- *
+ * buffering the input if the <code>Transformer</code> implementation itself
+ * is block-based.
+ * 
  * @see CascadeTransformer
  * @see PaddingTransformer
  * @see DeflateTransformer
  */
 public abstract class Transformer
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   public static final String DIRECTION = "gnu.crypto.assembly.transformer.direction";
 
-  //   public static final String MODE = "gnu.crypto.assembly.transformer.mode";
-
   protected Direction wired;
 
   protected Operation mode;
@@ -98,9 +92,6 @@ public abstract class Transformer
 
   protected ByteArrayOutputStream outBuffer = new ByteArrayOutputStream(2048);
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial protected constructor. */
   protected Transformer()
   {
@@ -109,9 +100,6 @@ public abstract class Transformer
     this.wired = null;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   public static final Transformer getCascadeTransformer(Cascade cascade)
   {
     return new CascadeTransformer(cascade);
@@ -127,81 +115,69 @@ public abstract class Transformer
     return new DeflateTransformer();
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   /**
    * Sets the operational mode of this <code>Transformer</code>.
-   *
+   * 
    * @param mode the processing mode this <code>Transformer</code> is required
-   * to operate in.
-   * @throws IllegalStateException if this instance has already been assigned
-   * an operational mode.
+   *          to operate in.
+   * @throws IllegalStateException if this instance has already been assigned an
+   *           operational mode.
    */
   public void setMode(final Operation mode)
   {
     if (this.mode != null)
-      {
-        throw new IllegalStateException();
-      }
+      throw new IllegalStateException();
     this.mode = mode;
   }
 
   /**
    * Returns <code>true</code> if this <code>Transformer</code> was wired in
    * pre-processing mode; <code>false</code> otherwise.
-   *
-   * @return <code>true</code> if this <code>Transformer</code> has been wired
-   * in pre-processing mode; <code>false</code> otherwise.
-   * @throws IllegalStateException if this instance has not yet been assigned
-   * an operational <i>type</i>.
+   * 
+   * @return <code>true</code> if this <code>Transformer</code> has been
+   *         wired in pre-processing mode; <code>false</code> otherwise.
+   * @throws IllegalStateException if this instance has not yet been assigned an
+   *           operational <i>type</i>.
    */
   public boolean isPreProcessing()
   {
     if (mode == null)
-      {
-        throw new IllegalStateException();
-      }
+      throw new IllegalStateException();
     return (mode == Operation.PRE_PROCESSING);
   }
 
   /**
    * Returns <code>true</code> if this <code>Transformer</code> was wired in
    * post-processing mode; <code>false</code> otherwise.
-   *
-   * @return <code>true</code> if this <code>Transformer</code> has been wired
-   * in post-processing mode; <code>false</code> otherwise.
-   * @throws IllegalStateException if this instance has not yet been assigned
-   * an operational <i>type</i>.
+   * 
+   * @return <code>true</code> if this <code>Transformer</code> has been
+   *         wired in post-processing mode; <code>false</code> otherwise.
+   * @throws IllegalStateException if this instance has not yet been assigned an
+   *           operational <i>type</i>.
    */
   public boolean isPostProcessing()
   {
-    return !isPreProcessing();
+    return ! isPreProcessing();
   }
 
   /**
    * Initialises the <code>Transformer</code> for operation with specific
    * characteristics.
-   *
+   * 
    * @param attributes a set of name-value pairs that describes the desired
-   * future behaviour of this instance.
+   *          future behaviour of this instance.
    * @throws IllegalStateException if the instance is already initialised.
    */
   public void init(Map attributes) throws TransformerException
   {
     if (wired != null)
-      {
-        throw new IllegalStateException();
-      }
+      throw new IllegalStateException();
     Direction flow = (Direction) attributes.get(DIRECTION);
     if (flow == null)
-      {
-        flow = Direction.FORWARD;
-      }
+      flow = Direction.FORWARD;
     wired = flow;
     inBuffer.reset();
     outBuffer.reset();
-
     tail.init(attributes); // initialise tail first
     initDelegate(attributes); // initialise this instance
   }
@@ -209,15 +185,13 @@ public abstract class Transformer
   /**
    * Returns the block-size of this <code>Transformer</code>. A value of
    * <code>1</code> indicates that this instance is block-agnostic.
-   *
+   * 
    * @return the current minimal required block size.
    */
   public int currentBlockSize()
   {
     if (wired == null)
-      {
-        throw new IllegalStateException();
-      }
+      throw new IllegalStateException();
     return delegateBlockSize();
   }
 
@@ -238,12 +212,12 @@ public abstract class Transformer
    * Convenience method that calls the method with same name and three
    * arguments, using a byte array of length <code>1</code> whose contents are
    * the designated byte.
-   *
+   * 
    * @param b the byte to process.
    * @return the result of transformation.
    * @throws IllegalStateException if the instance is not initialised.
    * @throws TransformerException if a transformation-related exception occurs
-   * during the operation.
+   *           during the operation.
    * @see #update(byte[], int, int)
    */
   public byte[] update(byte b) throws TransformerException
@@ -253,14 +227,14 @@ public abstract class Transformer
 
   /**
    * Convenience method that calls the same method with three arguments. All
-   * bytes in <code>in</code>, starting from index position <code>0</code> are
-   * considered.
-   *
+   * bytes in <code>in</code>, starting from index position <code>0</code>
+   * are considered.
+   * 
    * @param in the input data bytes.
    * @return the result of transformation.
    * @throws IllegalStateException if the instance is not initialised.
    * @throws TransformerException if a transformation-related exception occurs
-   * during the operation.
+   *           during the operation.
    * @see #update(byte[], int, int)
    */
   public byte[] update(byte[] in) throws TransformerException
@@ -270,48 +244,42 @@ public abstract class Transformer
 
   /**
    * Processes a designated number of bytes from a given byte array.
-   *
+   * 
    * @param in the input data bytes.
    * @param offset index of <code>in</code> from which to start considering
-   * data.
+   *          data.
    * @param length the count of bytes to process.
    * @return the result of transformation.
    * @throws IllegalStateException if the instance is not initialised.
    * @throws TransformerException if a transformation-related exception occurs
-   * during the operation.
+   *           during the operation.
    */
   public byte[] update(byte[] in, int offset, int length)
       throws TransformerException
   {
     if (wired == null)
-      {
-        throw new IllegalStateException();
-      }
-    byte[] result = (wired == Direction.FORWARD ? forwardUpdate(in, offset,
-                                                                length)
-                                               : inverseUpdate(in, offset,
-                                                               length));
+      throw new IllegalStateException();
+    byte[] result = (wired == Direction.FORWARD ? forwardUpdate(in, offset, length)
+                                                : inverseUpdate(in, offset, length));
     return result;
   }
 
   /**
    * Convenience method that calls the same method with three arguments. A
    * zero-long byte array is used.
-   *
+   * 
    * @return the result of transformation.
    * @throws IllegalStateException if the instance is not initialised.
    * @throws TransformerException if a transformation-related exception occurs
-   * during the operation.
+   *           during the operation.
    * @see #lastUpdate(byte[], int, int)
    */
   public byte[] lastUpdate() throws TransformerException
   {
     byte[] result = (wired == Direction.FORWARD ? lastForwardUpdate()
-                                               : lastInverseUpdate());
-    if (inBuffer.size() != 0)
-      { // we still have some buffered bytes
-        throw new TransformerException("lastUpdate(): input buffer not empty");
-      }
+                                                : lastInverseUpdate());
+    if (inBuffer.size() != 0) // we still have some buffered bytes
+      throw new TransformerException("lastUpdate(): input buffer not empty");
     return result;
   }
 
@@ -319,12 +287,12 @@ public abstract class Transformer
    * Convenience method that calls the method with same name and three
    * arguments, using a byte array of length <code>1</code> whose contents are
    * the designated byte.
-   *
+   * 
    * @param b the byte to process.
    * @return the result of transformation.
    * @throws IllegalStateException if the instance is not initialised.
    * @throws TransformerException if a transformation-related exception occurs
-   * during the operation.
+   *           during the operation.
    * @see #lastUpdate(byte[], int, int)
    */
   public byte[] lastUpdate(byte b) throws TransformerException
@@ -334,14 +302,14 @@ public abstract class Transformer
 
   /**
    * Convenience method that calls the same method with three arguments. All
-   * bytes in <code>in</code>, starting from index position <code>0</code> are
-   * considered.
-   *
+   * bytes in <code>in</code>, starting from index position <code>0</code>
+   * are considered.
+   * 
    * @param in the input data bytes.
    * @return the result of transformation.
    * @throws IllegalStateException if the instance is not initialised.
    * @throws TransformerException if a transformation-related exception occurs
-   * during the operation.
+   *           during the operation.
    * @see #lastUpdate(byte[], int, int)
    */
   public byte[] lastUpdate(byte[] in) throws TransformerException
@@ -350,18 +318,18 @@ public abstract class Transformer
   }
 
   /**
-   * Processes a designated number of bytes from a given byte array and
-   * signals, at the same time, that this is the last <i>push</i> operation on
-   * this <code>Transformer</code>.
-   *
+   * Processes a designated number of bytes from a given byte array and signals,
+   * at the same time, that this is the last <i>push</i> operation on this
+   * <code>Transformer</code>.
+   * 
    * @param in the input data bytes.
    * @param offset index of <code>in</code> from which to start considering
-   * data.
+   *          data.
    * @param length the count of bytes to process.
    * @return the result of transformation.
    * @throws IllegalStateException if the instance is not initialised.
    * @throws TransformerException if a transformation-related exception occurs
-   * during the operation.
+   *           during the operation.
    */
   public byte[] lastUpdate(byte[] in, int offset, int length)
       throws TransformerException
@@ -378,22 +346,18 @@ public abstract class Transformer
     return result;
   }
 
-  // helper methods ----------------------------------------------------------
-
   private byte[] forwardUpdate(byte[] in, int off, int len)
       throws TransformerException
   {
-    return (isPreProcessing() ? preTransform(in, off, len) : postTransform(in,
-                                                                           off,
-                                                                           len));
+    return (isPreProcessing() ? preTransform(in, off, len)
+                              : postTransform(in, off, len));
   }
 
   private byte[] inverseUpdate(byte[] in, int off, int len)
       throws TransformerException
   {
-    return (isPreProcessing() ? postTransform(in, off, len) : preTransform(in,
-                                                                           off,
-                                                                           len));
+    return (isPreProcessing() ? postTransform(in, off, len)
+                              : preTransform(in, off, len));
   }
 
   private byte[] preTransform(byte[] in, int off, int len)
@@ -444,8 +408,6 @@ public abstract class Transformer
     return result;
   }
 
-  // abstract methods to be implemented by concrete subclasses ---------------
-
   abstract void initDelegate(Map attributes) throws TransformerException;
 
   abstract int delegateBlockSize();
diff --git a/libjava/classpath/gnu/javax/crypto/assembly/TransformerException.java b/libjava/classpath/gnu/javax/crypto/assembly/TransformerException.java
index 412f0f0f183..2c972f858d3 100644
--- a/libjava/classpath/gnu/javax/crypto/assembly/TransformerException.java
+++ b/libjava/classpath/gnu/javax/crypto/assembly/TransformerException.java
@@ -43,17 +43,11 @@ import java.io.PrintWriter;
 
 /**
  */
-public class TransformerException extends Exception
+public class TransformerException
+    extends Exception
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   private Throwable _exception = null;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public TransformerException()
   {
     super();
@@ -78,12 +72,6 @@ public class TransformerException extends Exception
     this._exception = cause;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instant methods
-  // -------------------------------------------------------------------------
-
   public Throwable getCause()
   {
     return _exception;
@@ -98,61 +86,53 @@ public class TransformerException extends Exception
   {
     super.printStackTrace();
     if (_exception != null)
-      {
-        _exception.printStackTrace();
-      }
+      _exception.printStackTrace();
   }
 
   /**
    * Prints this exception's stack trace to a print stream. If this exception
-   * has a root exception; the stack trace of the root exception is also
-   * printed to the print stream.
-   *
+   * has a root exception; the stack trace of the root exception is also printed
+   * to the print stream.
+   * 
    * @param ps the non-null print stream to which to print.
    */
   public void printStackTrace(PrintStream ps)
   {
     super.printStackTrace(ps);
     if (_exception != null)
-      {
-        _exception.printStackTrace(ps);
-      }
+      _exception.printStackTrace(ps);
   }
 
   /**
    * Prints this exception's stack trace to a print writer. If this exception
-   * has a root exception; the stack trace of the root exception is also
-   * printed to the print writer.
-   *
+   * has a root exception; the stack trace of the root exception is also printed
+   * to the print writer.
+   * 
    * @param pw the non-null print writer to use for output.
    */
   public void printStackTrace(PrintWriter pw)
   {
     super.printStackTrace(pw);
     if (_exception != null)
-      {
-        _exception.printStackTrace(pw);
-      }
+      _exception.printStackTrace(pw);
   }
 
   /**
    * Returns the string representation of this exception. The string
-   * representation contains this exception's class name, its detailed
-   * messsage, and if it has a root exception, the string representation of the
-   * root exception. This string representation is meant for debugging and not
-   * meant to be interpreted programmatically.
-   *
+   * representation contains this exception's class name, its detailed messsage,
+   * and if it has a root exception, the string representation of the root
+   * exception. This string representation is meant for debugging and not meant
+   * to be interpreted programmatically.
+   * 
    * @return the non-null string representation of this exception.
    * @see Throwable#getMessage()
    */
   public String toString()
   {
-    StringBuffer sb = new StringBuffer(this.getClass().getName()).append(": ").append(
-                                                                                      super.toString());
+    StringBuffer sb = new StringBuffer(this.getClass().getName())
+        .append(": ").append(super.toString());
     if (_exception != null)
-      {
-        sb.append("; caused by: ").append(_exception.toString());
-      }
+      sb.append("; caused by: ").append(_exception.toString());
     return sb.toString();
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/cipher/Anubis.java b/libjava/classpath/gnu/javax/crypto/cipher/Anubis.java
index ca4e8edfe77..653957ec619 100644
--- a/libjava/classpath/gnu/javax/crypto/cipher/Anubis.java
+++ b/libjava/classpath/gnu/javax/crypto/cipher/Anubis.java
@@ -38,111 +38,82 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.cipher;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.Registry;
 import gnu.java.security.util.Util;
 
-//import java.io.PrintWriter;
 import java.security.InvalidKeyException;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.Iterator;
+import java.util.logging.Logger;
 
 /**
- * <p>Anubis is a 128-bit block cipher that accepts a variable-length key. The
+ * Anubis is a 128-bit block cipher that accepts a variable-length key. The
  * cipher is a uniform substitution-permutation network whose inverse only
  * differs from the forward operation in the key schedule. The design of both
  * the round transformation and the key schedule is based upon the Wide Trail
- * strategy and permits a wide variety of implementation trade-offs.</p>
- *
- * <p>References:</p>
- *
+ * strategy and permits a wide variety of implementation trade-offs.
+ * <p>
+ * References:
  * <ol>
- *    <li><a href="http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html">The
- *    ANUBIS Block Cipher</a>.<br>
- *    <a href="mailto:paulo.barreto@terra.com.br">Paulo S.L.M. Barreto</a> and
- *    <a href="mailto:vincent.rijmen@esat.kuleuven.ac.be">Vincent Rijmen</a>.</li>
+ * <li><a
+ * href="http://planeta.terra.com.br/informatica/paulobarreto/AnubisPage.html">The
+ * ANUBIS Block Cipher</a>.<br>
+ * <a href="mailto:paulo.barreto@terra.com.br">Paulo S.L.M. Barreto</a> and <a
+ * href="mailto:vincent.rijmen@esat.kuleuven.ac.be">Vincent Rijmen</a>.</li>
  * </ol>
  */
-public final class Anubis extends BaseCipher
+public final class Anubis
+    extends BaseCipher
 {
-
-  // Debugging methods and variables
-  // -------------------------------------------------------------------------
-
-  //   private static final String NAME = "anubis";
-  private static final boolean DEBUG = false;
-
-  private static final int debuglevel = 9;
-
-  //   private static final PrintWriter err = new PrintWriter(System.out, true);
-  //   private static void debug(String s) {
-  //      err.println(">>> "+NAME+": "+s);
-  //   }
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
+  private static final Logger log = Logger.getLogger(Anubis.class.getName());
   private static final int DEFAULT_BLOCK_SIZE = 16; // in bytes
-
   private static final int DEFAULT_KEY_SIZE = 16; // in bytes
-
   private static final String Sd = // p. 25 [ANUBIS]
-  "\uBA54\u2F74\u53D3\uD24D\u50AC\u8DBF\u7052\u9A4C"
-      + "\uEAD5\u97D1\u3351\u5BA6\uDE48\uA899\uDB32\uB7FC"
-      + "\uE39E\u919B\uE2BB\u416E\uA5CB\u6B95\uA1F3\uB102"
-      + "\uCCC4\u1D14\uC363\uDA5D\u5FDC\u7DCD\u7F5A\u6C5C"
-      + "\uF726\uFFED\uE89D\u6F8E\u19A0\uF089\u0F07\uAFFB"
-      + "\u0815\u0D04\u0164\uDF76\u79DD\u3D16\u3F37\u6D38"
-      + "\uB973\uE935\u5571\u7B8C\u7288\uF62A\u3E5E\u2746"
-      + "\u0C65\u6861\u03C1\u57D6\uD958\uD866\uD73A\uC83C"
-      + "\uFA96\uA798\uECB8\uC7AE\u694B\uABA9\u670A\u47F2"
-      + "\uB522\uE5EE\uBE2B\u8112\u831B\u0E23\uF545\u21CE"
-      + "\u492C\uF9E6\uB628\u1782\u1A8B\uFE8A\u09C9\u874E"
-      + "\uE12E\uE4E0\uEB90\uA41E\u8560\u0025\uF4F1\u940B"
-      + "\uE775\uEF34\u31D4\uD086\u7EAD\uFD29\u303B\u9FF8"
-      + "\uC613\u0605\uC511\u777C\u7A78\u361C\u3959\u1856"
-      + "\uB3B0\u2420\uB292\uA3C0\u4462\u10B4\u8443\u93C2"
-      + "\u4ABD\u8F2D\uBC9C\u6A40\uCFA2\u804F\u1FCA\uAA42";
-
+      "\uBA54\u2F74\u53D3\uD24D\u50AC\u8DBF\u7052\u9A4C"
+    + "\uEAD5\u97D1\u3351\u5BA6\uDE48\uA899\uDB32\uB7FC"
+    + "\uE39E\u919B\uE2BB\u416E\uA5CB\u6B95\uA1F3\uB102"
+    + "\uCCC4\u1D14\uC363\uDA5D\u5FDC\u7DCD\u7F5A\u6C5C"
+    + "\uF726\uFFED\uE89D\u6F8E\u19A0\uF089\u0F07\uAFFB"
+    + "\u0815\u0D04\u0164\uDF76\u79DD\u3D16\u3F37\u6D38"
+    + "\uB973\uE935\u5571\u7B8C\u7288\uF62A\u3E5E\u2746"
+    + "\u0C65\u6861\u03C1\u57D6\uD958\uD866\uD73A\uC83C"
+    + "\uFA96\uA798\uECB8\uC7AE\u694B\uABA9\u670A\u47F2"
+    + "\uB522\uE5EE\uBE2B\u8112\u831B\u0E23\uF545\u21CE"
+    + "\u492C\uF9E6\uB628\u1782\u1A8B\uFE8A\u09C9\u874E"
+    + "\uE12E\uE4E0\uEB90\uA41E\u8560\u0025\uF4F1\u940B"
+    + "\uE775\uEF34\u31D4\uD086\u7EAD\uFD29\u303B\u9FF8"
+    + "\uC613\u0605\uC511\u777C\u7A78\u361C\u3959\u1856"
+    + "\uB3B0\u2420\uB292\uA3C0\u4462\u10B4\u8443\u93C2"
+    + "\u4ABD\u8F2D\uBC9C\u6A40\uCFA2\u804F\u1FCA\uAA42";
   private static final byte[] S = new byte[256];
-
   private static final int[] T0 = new int[256];
-
   private static final int[] T1 = new int[256];
-
   private static final int[] T2 = new int[256];
-
   private static final int[] T3 = new int[256];
-
   private static final int[] T4 = new int[256];
-
   private static final int[] T5 = new int[256];
-
   /**
    * Anubis round constants. This is the largest possible considering that we
    * always use R values, R = 8 + N, and 4 &lt;= N &lt;= 10.
    */
   private static final int[] rc = new int[18];
-
   /**
-   * KAT vector (from ecb_vk):
-   * I=83
+   * KAT vector (from ecb_vk): I=83
    * KEY=000000000000000000002000000000000000000000000000
    * CT=2E66AB15773F3D32FB6C697509460DF4
    */
-  private static final byte[] KAT_KEY = Util.toBytesFromString("000000000000000000002000000000000000000000000000");
-
-  private static final byte[] KAT_CT = Util.toBytesFromString("2E66AB15773F3D32FB6C697509460DF4");
-
+  private static final byte[] KAT_KEY =
+      Util.toBytesFromString("000000000000000000002000000000000000000000000000");
+  private static final byte[] KAT_CT =
+      Util.toBytesFromString("2E66AB15773F3D32FB6C697509460DF4");
   /** caches the result of the correctness test, once executed. */
   private static Boolean valid;
 
-  // Static code - to initialise lookup tables -------------------------------
-
   static
     {
       long time = System.currentTimeMillis();
-
       int ROOT = 0x11d; // para. 2.1 [ANUBIS]
       int i, s, s2, s4, s6, s8, t;
       char c;
@@ -151,213 +122,172 @@ public final class Anubis extends BaseCipher
           c = Sd.charAt(i >>> 1);
           s = ((i & 1) == 0 ? c >>> 8 : c) & 0xFF;
           S[i] = (byte) s;
-
           s2 = s << 1;
           if (s2 > 0xFF)
-            {
-              s2 ^= ROOT;
-            }
-
+            s2 ^= ROOT;
           s4 = s2 << 1;
           if (s4 > 0xFF)
-            {
-              s4 ^= ROOT;
-            }
-
+            s4 ^= ROOT;
           s6 = s4 ^ s2;
           s8 = s4 << 1;
           if (s8 > 0xFF)
-            {
-              s8 ^= ROOT;
-            }
-
-          T0[i] = s << 24 | s2 << 16 | s4 << 8 | s6;
-          T1[i] = s2 << 24 | s << 16 | s6 << 8 | s4;
-          T2[i] = s4 << 24 | s6 << 16 | s << 8 | s2;
+            s8 ^= ROOT;
+          T0[i] = s  << 24 | s2 << 16 | s4 << 8 | s6;
+          T1[i] = s2 << 24 | s  << 16 | s6 << 8 | s4;
+          T2[i] = s4 << 24 | s6 << 16 | s  << 8 | s2;
           T3[i] = s6 << 24 | s4 << 16 | s2 << 8 | s;
-
-          T4[i] = s << 24 | s << 16 | s << 8 | s;
-          T5[s] = s << 24 | s2 << 16 | s6 << 8 | s8;
+          T4[i] = s  << 24 | s  << 16 | s  << 8 | s;
+          T5[s] = s  << 24 | s2 << 16 | s6 << 8 | s8;
         }
-
       // compute round constant
       for (i = 0, s = 0; i < 18;)
-        {
-          rc[i++] = S[(s++) & 0xFF] << 24 | (S[(s++) & 0xFF] & 0xFF) << 16
-                    | (S[(s++) & 0xFF] & 0xFF) << 8 | (S[(s++) & 0xFF] & 0xFF);
-        }
-
+        rc[i++] =  S[(s++) & 0xFF]         << 24
+                | (S[(s++) & 0xFF] & 0xFF) << 16
+                | (S[(s++) & 0xFF] & 0xFF) << 8
+                | (S[(s++) & 0xFF] & 0xFF);
       time = System.currentTimeMillis() - time;
-
-      if (DEBUG && debuglevel > 8)
+      if (Configuration.DEBUG)
         {
-          System.out.println("==========");
-          System.out.println();
-          System.out.println("Static data");
-          System.out.println();
-
-          System.out.println();
-          System.out.println("T0[]:");
+          log.fine("Static data");
+          log.fine("T0[]:");
+          StringBuilder sb;
           for (i = 0; i < 64; i++)
             {
+              sb = new StringBuilder();
               for (t = 0; t < 4; t++)
-                {
-                  System.out.print("0x" + Util.toString(T0[i * 4 + t]) + ", ");
-                }
-              System.out.println();
+                sb.append("0x").append(Util.toString(T0[i * 4 + t])).append(", ");
+              log.fine(sb.toString());
             }
-          System.out.println();
-          System.out.println("T1[]:");
+          log.fine("T1[]:");
           for (i = 0; i < 64; i++)
             {
+              sb = new StringBuilder();
               for (t = 0; t < 4; t++)
-                {
-                  System.out.print("0x" + Util.toString(T1[i * 4 + t]) + ", ");
-                }
-              System.out.println();
+                sb.append("0x").append(Util.toString(T1[i * 4 + t])).append(", ");
+              log.fine(sb.toString());
             }
-          System.out.println();
-          System.out.println("T2[]:");
+          log.fine("T2[]:");
           for (i = 0; i < 64; i++)
             {
+              sb = new StringBuilder();
               for (t = 0; t < 4; t++)
-                {
-                  System.out.print("0x" + Util.toString(T2[i * 4 + t]) + ", ");
-                }
-              System.out.println();
+                sb.append("0x").append(Util.toString(T2[i * 4 + t])).append(", ");
+              log.fine(sb.toString());
             }
-          System.out.println();
-          System.out.println("T3[]:");
+          log.fine("T3[]:");
           for (i = 0; i < 64; i++)
             {
+              sb = new StringBuilder();
               for (t = 0; t < 4; t++)
-                {
-                  System.out.print("0x" + Util.toString(T3[i * 4 + t]) + ", ");
-                }
-              System.out.println();
+                sb.append("0x").append(Util.toString(T3[i * 4 + t])).append(", ");
+              log.fine(sb.toString());
             }
-          System.out.println();
-          System.out.println("T4[]:");
+          log.fine("T4[]:");
           for (i = 0; i < 64; i++)
             {
+              sb = new StringBuilder();
               for (t = 0; t < 4; t++)
-                {
-                  System.out.print("0x" + Util.toString(T4[i * 4 + t]) + ", ");
-                }
-              System.out.println();
+                sb.append("0x").append(Util.toString(T4[i * 4 + t])).append(", ");
+              log.fine(sb.toString());
             }
-          System.out.println();
-          System.out.println("T5[]:");
+          log.fine("T5[]:");
           for (i = 0; i < 64; i++)
             {
+              sb = new StringBuilder();
               for (t = 0; t < 4; t++)
-                {
-                  System.out.print("0x" + Util.toString(T5[i * 4 + t]) + ", ");
-                }
-              System.out.println();
+                sb.append("0x").append(Util.toString(T5[i * 4 + t])).append(", ");
+              log.fine(sb.toString());
             }
-          System.out.println();
-          System.out.println("rc[]:");
+          log.fine("rc[]:");
           for (i = 0; i < 18; i++)
-            {
-              System.out.println("0x" + Util.toString(rc[i]));
-            }
-          System.out.println();
-
-          System.out.println();
-          System.out.println("Total initialization time: " + time + " ms.");
-          System.out.println();
+            log.fine("0x" + Util.toString(rc[i]));
+          log.fine("Total initialization time: " + time + " ms.");
         }
     }
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial 0-arguments constructor. */
   public Anubis()
   {
     super(Registry.ANUBIS_CIPHER, DEFAULT_BLOCK_SIZE, DEFAULT_KEY_SIZE);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   private static void anubis(byte[] in, int i, byte[] out, int j, int[][] K)
   {
     // extract encryption round keys
     int R = K.length - 1;
     int[] Ker = K[0];
-
     // mu function + affine key addition
-    int a0 = (in[i++] << 24 | (in[i++] & 0xFF) << 16 | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF))
-             ^ Ker[0];
-    int a1 = (in[i++] << 24 | (in[i++] & 0xFF) << 16 | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF))
-             ^ Ker[1];
-    int a2 = (in[i++] << 24 | (in[i++] & 0xFF) << 16 | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF))
-             ^ Ker[2];
-    int a3 = (in[i++] << 24 | (in[i++] & 0xFF) << 16 | (in[i++] & 0xFF) << 8 | (in[i] & 0xFF))
-             ^ Ker[3];
-
+    int a0 = (in[i++]         << 24
+           | (in[i++] & 0xFF) << 16
+           | (in[i++] & 0xFF) <<  8
+           | (in[i++] & 0xFF)      ) ^ Ker[0];
+    int a1 = (in[i++]         << 24
+           | (in[i++] & 0xFF) << 16
+           | (in[i++] & 0xFF) <<  8
+           | (in[i++] & 0xFF)      ) ^ Ker[1];
+    int a2 = (in[i++]         << 24
+           | (in[i++] & 0xFF) << 16
+           | (in[i++] & 0xFF) <<  8
+           | (in[i++] & 0xFF)      ) ^ Ker[2];
+    int a3 = (in[i++]         << 24
+           | (in[i++] & 0xFF) << 16
+           | (in[i++] & 0xFF) <<  8
+           | (in[i] & 0xFF)        ) ^ Ker[3];
     int b0, b1, b2, b3;
     // round function
     for (int r = 1; r < R; r++)
       {
         Ker = K[r];
-        b0 = T0[a0 >>> 24] ^ T1[a1 >>> 24] ^ T2[a2 >>> 24] ^ T3[a3 >>> 24]
-             ^ Ker[0];
-        b1 = T0[(a0 >>> 16) & 0xFF] ^ T1[(a1 >>> 16) & 0xFF]
-             ^ T2[(a2 >>> 16) & 0xFF] ^ T3[(a3 >>> 16) & 0xFF] ^ Ker[1];
-        b2 = T0[(a0 >>> 8) & 0xFF] ^ T1[(a1 >>> 8) & 0xFF]
-             ^ T2[(a2 >>> 8) & 0xFF] ^ T3[(a3 >>> 8) & 0xFF] ^ Ker[2];
-        b3 = T0[a0 & 0xFF] ^ T1[a1 & 0xFF] ^ T2[a2 & 0xFF] ^ T3[a3 & 0xFF]
-             ^ Ker[3];
+        b0 = T0[ a0 >>> 24        ]
+           ^ T1[ a1 >>> 24        ]
+           ^ T2[ a2 >>> 24        ]
+           ^ T3[ a3 >>> 24        ] ^ Ker[0];
+        b1 = T0[(a0 >>> 16) & 0xFF]
+           ^ T1[(a1 >>> 16) & 0xFF]
+           ^ T2[(a2 >>> 16) & 0xFF]
+           ^ T3[(a3 >>> 16) & 0xFF] ^ Ker[1];
+        b2 = T0[(a0 >>>  8) & 0xFF]
+           ^ T1[(a1 >>>  8) & 0xFF]
+           ^ T2[(a2 >>>  8) & 0xFF]
+           ^ T3[(a3 >>>  8) & 0xFF] ^ Ker[2];
+        b3 = T0[ a0         & 0xFF]
+           ^ T1[ a1         & 0xFF]
+           ^ T2[ a2         & 0xFF]
+           ^ T3[ a3         & 0xFF] ^ Ker[3];
         a0 = b0;
         a1 = b1;
         a2 = b2;
         a3 = b3;
-        if (DEBUG && debuglevel > 6)
-          {
-            System.out.println("T" + r + "=" + Util.toString(a0)
-                               + Util.toString(a1) + Util.toString(a2)
-                               + Util.toString(a3));
-          }
+        if (Configuration.DEBUG)
+          log.fine("T" + r + "=" + Util.toString(a0) + Util.toString(a1)
+                   + Util.toString(a2) + Util.toString(a3));
       }
-
     // last round function
     Ker = K[R];
     int tt = Ker[0];
-    out[j++] = (byte) (S[a0 >>> 24] ^ (tt >>> 24));
-    out[j++] = (byte) (S[a1 >>> 24] ^ (tt >>> 16));
-    out[j++] = (byte) (S[a2 >>> 24] ^ (tt >>> 8));
-    out[j++] = (byte) (S[a3 >>> 24] ^ tt);
+    out[j++] = (byte)(S[ a0 >>> 24        ] ^ (tt >>> 24));
+    out[j++] = (byte)(S[ a1 >>> 24        ] ^ (tt >>> 16));
+    out[j++] = (byte)(S[ a2 >>> 24        ] ^ (tt >>> 8));
+    out[j++] = (byte)(S[ a3 >>> 24        ] ^  tt);
     tt = Ker[1];
-    out[j++] = (byte) (S[(a0 >>> 16) & 0xFF] ^ (tt >>> 24));
-    out[j++] = (byte) (S[(a1 >>> 16) & 0xFF] ^ (tt >>> 16));
-    out[j++] = (byte) (S[(a2 >>> 16) & 0xFF] ^ (tt >>> 8));
-    out[j++] = (byte) (S[(a3 >>> 16) & 0xFF] ^ tt);
+    out[j++] = (byte)(S[(a0 >>> 16) & 0xFF] ^ (tt >>> 24));
+    out[j++] = (byte)(S[(a1 >>> 16) & 0xFF] ^ (tt >>> 16));
+    out[j++] = (byte)(S[(a2 >>> 16) & 0xFF] ^ (tt >>> 8));
+    out[j++] = (byte)(S[(a3 >>> 16) & 0xFF] ^  tt);
     tt = Ker[2];
-    out[j++] = (byte) (S[(a0 >>> 8) & 0xFF] ^ (tt >>> 24));
-    out[j++] = (byte) (S[(a1 >>> 8) & 0xFF] ^ (tt >>> 16));
-    out[j++] = (byte) (S[(a2 >>> 8) & 0xFF] ^ (tt >>> 8));
-    out[j++] = (byte) (S[(a3 >>> 8) & 0xFF] ^ tt);
+    out[j++] = (byte)(S[(a0 >>>  8) & 0xFF] ^ (tt >>> 24));
+    out[j++] = (byte)(S[(a1 >>>  8) & 0xFF] ^ (tt >>> 16));
+    out[j++] = (byte)(S[(a2 >>>  8) & 0xFF] ^ (tt >>> 8));
+    out[j++] = (byte)(S[(a3 >>>  8) & 0xFF] ^  tt);
     tt = Ker[3];
-    out[j++] = (byte) (S[a0 & 0xFF] ^ (tt >>> 24));
-    out[j++] = (byte) (S[a1 & 0xFF] ^ (tt >>> 16));
-    out[j++] = (byte) (S[a2 & 0xFF] ^ (tt >>> 8));
-    out[j] = (byte) (S[a3 & 0xFF] ^ tt);
-
-    if (DEBUG && debuglevel > 6)
-      {
-        System.out.println("T=" + Util.toString(out, j - 15, 16));
-        System.out.println();
-      }
+    out[j++] = (byte)(S[ a0         & 0xFF] ^ (tt >>> 24));
+    out[j++] = (byte)(S[ a1         & 0xFF] ^ (tt >>> 16));
+    out[j++] = (byte)(S[ a2         & 0xFF] ^ (tt >>> 8));
+    out[j  ] = (byte)(S[ a3         & 0xFF] ^  tt);
+    if (Configuration.DEBUG)
+      log.fine("T=" + Util.toString(out, j - 15, 16) + "\n");
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.lang.Cloneable interface implementation ----------------------------
-
   public Object clone()
   {
     Anubis result = new Anubis();
@@ -366,12 +296,10 @@ public final class Anubis extends BaseCipher
     return result;
   }
 
-  // IBlockCipherSpi interface implementation --------------------------------
-
   public Iterator blockSizes()
   {
     ArrayList al = new ArrayList();
-    al.add(new Integer(DEFAULT_BLOCK_SIZE));
+    al.add(Integer.valueOf(DEFAULT_BLOCK_SIZE));
 
     return Collections.unmodifiableList(al).iterator();
   }
@@ -380,17 +308,14 @@ public final class Anubis extends BaseCipher
   {
     ArrayList al = new ArrayList();
     for (int n = 4; n < 10; n++)
-      {
-        al.add(new Integer(n * 32 / 8));
-      }
-
+      al.add(Integer.valueOf(n * 32 / 8));
     return Collections.unmodifiableList(al).iterator();
   }
 
   /**
-   * <p>Expands a user-supplied key material into a session key for a
-   * designated <i>block size</i>.</p>
-   *
+   * Expands a user-supplied key material into a session key for a designated
+   * <i>block size</i>.
+   * 
    * @param uk the 32N-bit user-supplied key material; 4 &lt;= N &lt;= 10.
    * @param bs the desired block size in bytes.
    * @return an Object encapsulating the session key.
@@ -400,95 +325,91 @@ public final class Anubis extends BaseCipher
   public Object makeKey(byte[] uk, int bs) throws InvalidKeyException
   {
     if (bs != DEFAULT_BLOCK_SIZE)
-      {
-        throw new IllegalArgumentException();
-      }
+      throw new IllegalArgumentException();
     if (uk == null)
-      {
-        throw new InvalidKeyException("Empty key");
-      }
+      throw new InvalidKeyException("Empty key");
     if ((uk.length % 4) != 0)
-      {
-        throw new InvalidKeyException("Key is not multiple of 32-bit.");
-      }
+      throw new InvalidKeyException("Key is not multiple of 32-bit.");
     int N = uk.length / 4;
     if (N < 4 || N > 10)
-      {
-        throw new InvalidKeyException("Key is not 32N; 4 <= N <= 10");
-      }
+      throw new InvalidKeyException("Key is not 32N; 4 <= N <= 10");
     int R = 8 + N;
     int[][] Ke = new int[R + 1][4]; // encryption round keys
     int[][] Kd = new int[R + 1][4]; // decryption round keys
     int[] tk = new int[N];
     int[] kk = new int[N];
     int r, i, j, k, k0, k1, k2, k3, tt;
-
     // apply mu to k0
     for (r = 0, i = 0; r < N;)
-      {
-        tk[r++] = uk[i++] << 24 | (uk[i++] & 0xFF) << 16
-                  | (uk[i++] & 0xFF) << 8 | (uk[i++] & 0xFF);
-      }
+      tk[r++] =  uk[i++]         << 24
+              | (uk[i++] & 0xFF) << 16
+              | (uk[i++] & 0xFF) << 8
+              | (uk[i++] & 0xFF);
     for (r = 0; r <= R; r++)
       {
         if (r > 0)
           {
             // psi = key evolution function
-            kk[0] = T0[(tk[0] >>> 24)] ^ T1[(tk[N - 1] >>> 16) & 0xFF]
-                    ^ T2[(tk[N - 2] >>> 8) & 0xFF] ^ T3[tk[N - 3] & 0xFF];
-            kk[1] = T0[(tk[1] >>> 24)] ^ T1[(tk[0] >>> 16) & 0xFF]
-                    ^ T2[(tk[N - 1] >>> 8) & 0xFF] ^ T3[tk[N - 2] & 0xFF];
-            kk[2] = T0[(tk[2] >>> 24)] ^ T1[(tk[1] >>> 16) & 0xFF]
-                    ^ T2[(tk[0] >>> 8) & 0xFF] ^ T3[tk[N - 1] & 0xFF];
-            kk[3] = T0[(tk[3] >>> 24)] ^ T1[(tk[2] >>> 16) & 0xFF]
-                    ^ T2[(tk[1] >>> 8) & 0xFF] ^ T3[tk[0] & 0xFF];
-
+            kk[0] = T0[(tk[0    ] >>> 24)       ]
+                  ^ T1[(tk[N - 1] >>> 16) & 0xFF]
+                  ^ T2[(tk[N - 2] >>>  8) & 0xFF]
+                  ^ T3[ tk[N - 3]         & 0xFF];
+            kk[1] = T0[(tk[1    ] >>> 24)       ]
+                  ^ T1[(tk[0    ] >>> 16) & 0xFF]
+                  ^ T2[(tk[N - 1] >>>  8) & 0xFF]
+                  ^ T3[ tk[N - 2]         & 0xFF];
+            kk[2] = T0[(tk[2    ] >>> 24)       ]
+                  ^ T1[(tk[1    ] >>> 16) & 0xFF]
+                  ^ T2[(tk[0    ] >>>  8) & 0xFF]
+                  ^ T3[ tk[N - 1]         & 0xFF];
+            kk[3] = T0[(tk[3    ] >>> 24)       ]
+                  ^ T1[(tk[2    ] >>> 16) & 0xFF]
+                  ^ T2[(tk[1    ] >>>  8) & 0xFF]
+                  ^ T3[ tk[0    ]         & 0xFF];
             for (i = 4; i < N; i++)
-              {
-                kk[i] = T0[tk[i] >>> 24] ^ T1[(tk[i - 1] >>> 16) & 0xFF]
-                        ^ T2[(tk[i - 2] >>> 8) & 0xFF] ^ T3[tk[i - 3] & 0xFF];
-              }
+              kk[i] = T0[ tk[i    ] >>> 24        ]
+                    ^ T1[(tk[i - 1] >>> 16) & 0xFF]
+                    ^ T2[(tk[i - 2] >>>  8) & 0xFF]
+                    ^ T3[ tk[i - 3]         & 0xFF];
             // apply sigma (affine addition) to round constant
             tk[0] = rc[r - 1] ^ kk[0];
             for (i = 1; i < N; i++)
-              {
-                tk[i] = kk[i];
-              }
+              tk[i] = kk[i];
           }
-
         // phi = key selection function
         tt = tk[N - 1];
-        k0 = T4[tt >>> 24];
+        k0 = T4[ tt >>> 24        ];
         k1 = T4[(tt >>> 16) & 0xFF];
-        k2 = T4[(tt >>> 8) & 0xFF];
-        k3 = T4[tt & 0xFF];
-
+        k2 = T4[(tt >>>  8) & 0xFF];
+        k3 = T4[ tt         & 0xFF];
         for (k = N - 2; k >= 0; k--)
           {
             tt = tk[k];
-            k0 = T4[tt >>> 24] ^ (T5[(k0 >>> 24) & 0xFF] & 0xFF000000)
-                 ^ (T5[(k0 >>> 16) & 0xFF] & 0x00FF0000)
-                 ^ (T5[(k0 >>> 8) & 0xFF] & 0x0000FF00)
-                 ^ (T5[k0 & 0xFF] & 0x000000FF);
-            k1 = T4[(tt >>> 16) & 0xFF] ^ (T5[(k1 >>> 24) & 0xFF] & 0xFF000000)
-                 ^ (T5[(k1 >>> 16) & 0xFF] & 0x00FF0000)
-                 ^ (T5[(k1 >>> 8) & 0xFF] & 0x0000FF00)
-                 ^ (T5[k1 & 0xFF] & 0x000000FF);
-            k2 = T4[(tt >>> 8) & 0xFF] ^ (T5[(k2 >>> 24) & 0xFF] & 0xFF000000)
-                 ^ (T5[(k2 >>> 16) & 0xFF] & 0x00FF0000)
-                 ^ (T5[(k2 >>> 8) & 0xFF] & 0x0000FF00)
-                 ^ (T5[(k2) & 0xFF] & 0x000000FF);
-            k3 = T4[tt & 0xFF] ^ (T5[(k3 >>> 24) & 0xFF] & 0xFF000000)
-                 ^ (T5[(k3 >>> 16) & 0xFF] & 0x00FF0000)
-                 ^ (T5[(k3 >>> 8) & 0xFF] & 0x0000FF00)
-                 ^ (T5[k3 & 0xFF] & 0x000000FF);
+            k0 =  T4[ tt >>> 24        ]
+               ^ (T5[(k0 >>> 24) & 0xFF] & 0xFF000000)
+               ^ (T5[(k0 >>> 16) & 0xFF] & 0x00FF0000)
+               ^ (T5[(k0 >>>  8) & 0xFF] & 0x0000FF00)
+               ^ (T5 [k0         & 0xFF] & 0x000000FF);
+            k1 =  T4[(tt >>> 16) & 0xFF]
+               ^ (T5[(k1 >>> 24) & 0xFF] & 0xFF000000)
+               ^ (T5[(k1 >>> 16) & 0xFF] & 0x00FF0000)
+               ^ (T5[(k1 >>>  8) & 0xFF] & 0x0000FF00)
+               ^ (T5[ k1         & 0xFF] & 0x000000FF);
+            k2 =  T4[(tt >>>  8) & 0xFF]
+               ^ (T5[(k2 >>> 24) & 0xFF] & 0xFF000000)
+               ^ (T5[(k2 >>> 16) & 0xFF] & 0x00FF0000)
+               ^ (T5[(k2 >>>  8) & 0xFF] & 0x0000FF00)
+               ^ (T5[ k2         & 0xFF] & 0x000000FF);
+            k3 =  T4[ tt         & 0xFF]
+               ^ (T5[(k3 >>> 24) & 0xFF] & 0xFF000000)
+               ^ (T5[(k3 >>> 16) & 0xFF] & 0x00FF0000)
+               ^ (T5[(k3 >>>  8) & 0xFF] & 0x0000FF00)
+               ^ (T5[ k3         & 0xFF] & 0x000000FF);
           }
-
         Ke[r][0] = k0;
         Ke[r][1] = k1;
         Ke[r][2] = k2;
         Ke[r][3] = k3;
-
         if (r == 0 || r == R)
           {
             Kd[R - r][0] = k0;
@@ -498,72 +419,61 @@ public final class Anubis extends BaseCipher
           }
         else
           {
-            Kd[R - r][0] = T0[S[k0 >>> 24] & 0xFF]
-                           ^ T1[S[(k0 >>> 16) & 0xFF] & 0xFF]
-                           ^ T2[S[(k0 >>> 8) & 0xFF] & 0xFF]
-                           ^ T3[S[k0 & 0xFF] & 0xFF];
-            Kd[R - r][1] = T0[S[k1 >>> 24] & 0xFF]
-                           ^ T1[S[(k1 >>> 16) & 0xFF] & 0xFF]
-                           ^ T2[S[(k1 >>> 8) & 0xFF] & 0xFF]
-                           ^ T3[S[k1 & 0xFF] & 0xFF];
-            Kd[R - r][2] = T0[S[k2 >>> 24] & 0xFF]
-                           ^ T1[S[(k2 >>> 16) & 0xFF] & 0xFF]
-                           ^ T2[S[(k2 >>> 8) & 0xFF] & 0xFF]
-                           ^ T3[S[k2 & 0xFF] & 0xFF];
-            Kd[R - r][3] = T0[S[k3 >>> 24] & 0xFF]
-                           ^ T1[S[(k3 >>> 16) & 0xFF] & 0xFF]
-                           ^ T2[S[(k3 >>> 8) & 0xFF] & 0xFF]
-                           ^ T3[S[k3 & 0xFF] & 0xFF];
+            Kd[R - r][0] = T0[S[ k0 >>> 24        ] & 0xFF]
+                         ^ T1[S[(k0 >>> 16) & 0xFF] & 0xFF]
+                         ^ T2[S[(k0 >>>  8) & 0xFF] & 0xFF]
+                         ^ T3[S[ k0         & 0xFF] & 0xFF];
+            Kd[R - r][1] = T0[S[ k1 >>> 24        ] & 0xFF]
+                         ^ T1[S[(k1 >>> 16) & 0xFF] & 0xFF]
+                         ^ T2[S[(k1 >>>  8) & 0xFF] & 0xFF]
+                         ^ T3[S[ k1         & 0xFF] & 0xFF];
+            Kd[R - r][2] = T0[S[ k2 >>> 24        ] & 0xFF]
+                         ^ T1[S[(k2 >>> 16) & 0xFF] & 0xFF]
+                         ^ T2[S[(k2 >>>  8) & 0xFF] & 0xFF]
+                         ^ T3[S[ k2         & 0xFF] & 0xFF];
+            Kd[R - r][3] = T0[S[ k3 >>> 24        ] & 0xFF]
+                         ^ T1[S[(k3 >>> 16) & 0xFF] & 0xFF]
+                         ^ T2[S[(k3 >>>  8) & 0xFF] & 0xFF]
+                         ^ T3[S[ k3         & 0xFF] & 0xFF];
           }
       }
-
-    if (DEBUG && debuglevel > 8)
+    if (Configuration.DEBUG)
       {
-        System.out.println();
-        System.out.println("Key schedule");
-        System.out.println();
-        System.out.println("Ke[]:");
+        log.fine("Key schedule");
+        log.fine("Ke[]:");
+        StringBuilder sb;
         for (r = 0; r < R + 1; r++)
           {
-            System.out.print("#" + r + ": ");
+            sb = new StringBuilder("#").append(r).append(": ");
             for (j = 0; j < 4; j++)
-              System.out.print("0x" + Util.toString(Ke[r][j]) + ", ");
-            System.out.println();
+              sb.append("0x").append(Util.toString(Ke[r][j])).append(", ");
+            log.fine(sb.toString());
           }
-        System.out.println();
-        System.out.println("Kd[]:");
+        log.fine("Kd[]:");
         for (r = 0; r < R + 1; r++)
           {
-            System.out.print("#" + r + ": ");
+            sb = new StringBuilder("#").append(r).append(": ");
             for (j = 0; j < 4; j++)
-              System.out.print("0x" + Util.toString(Kd[r][j]) + ", ");
-            System.out.println();
+              sb.append("0x").append(Util.toString(Kd[r][j])).append(", ");
+            log.fine(sb.toString());
           }
-        System.out.println();
       }
-
     return new Object[] { Ke, Kd };
   }
 
   public void encrypt(byte[] in, int i, byte[] out, int j, Object k, int bs)
   {
     if (bs != DEFAULT_BLOCK_SIZE)
-      {
-        throw new IllegalArgumentException();
-      }
-
-    int[][] K = (int[][]) ((Object[]) k)[0];
+      throw new IllegalArgumentException();
+    int[][] K = (int[][])((Object[]) k)[0];
     anubis(in, i, out, j, K);
   }
 
   public void decrypt(byte[] in, int i, byte[] out, int j, Object k, int bs)
   {
     if (bs != DEFAULT_BLOCK_SIZE)
-      {
-        throw new IllegalArgumentException();
-      }
-
-    int[][] K = (int[][]) ((Object[]) k)[1];
+      throw new IllegalArgumentException();
+    int[][] K = (int[][])((Object[]) k)[1];
     anubis(in, i, out, j, K);
   }
 
@@ -573,11 +483,9 @@ public final class Anubis extends BaseCipher
       {
         boolean result = super.selfTest(); // do symmetry tests
         if (result)
-          {
-            result = testKat(KAT_KEY, KAT_CT);
-          }
+          result = testKat(KAT_KEY, KAT_CT);
         valid = Boolean.valueOf(result);
       }
     return valid.booleanValue();
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/cipher/BaseCipher.java b/libjava/classpath/gnu/javax/crypto/cipher/BaseCipher.java
index 9d62311ed58..a5bbe698769 100644
--- a/libjava/classpath/gnu/javax/crypto/cipher/BaseCipher.java
+++ b/libjava/classpath/gnu/javax/crypto/cipher/BaseCipher.java
@@ -38,47 +38,39 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.cipher;
 
-import gnu.java.security.util.Util;
+import gnu.java.security.Configuration;
 
 import java.security.InvalidKeyException;
 import java.util.Arrays;
 import java.util.Iterator;
 import java.util.Map;
+import java.util.logging.Level;
+import java.util.logging.Logger;
 
 /**
- * <p>A basic abstract class to facilitate implementing symmetric key block
- * ciphers.</p>
+ * A basic abstract class to facilitate implementing symmetric key block
+ * ciphers.
  */
-public abstract class BaseCipher implements IBlockCipher, IBlockCipherSpi
+public abstract class BaseCipher
+    implements IBlockCipher, IBlockCipherSpi
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
+  private static final Logger log = Logger.getLogger(BaseCipher.class.getName());
   /** The canonical name prefix of the cipher. */
   protected String name;
-
   /** The default block size, in bytes. */
   protected int defaultBlockSize;
-
   /** The default key size, in bytes. */
   protected int defaultKeySize;
-
   /** The current block size, in bytes. */
   protected int currentBlockSize;
-
   /** The session key for this instance. */
   protected transient Object currentKey;
-
   /** The instance lock. */
   protected Object lock = new Object();
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Trivial constructor for use by concrete subclasses.</p>
-   *
+   * Trivial constructor for use by concrete subclasses.
+   * 
    * @param name the canonical name prefix of this instance.
    * @param defaultBlockSize the default block size in bytes.
    * @param defaultKeySize the default key size in bytes.
@@ -92,27 +84,15 @@ public abstract class BaseCipher implements IBlockCipher, IBlockCipherSpi
     this.defaultKeySize = defaultKeySize;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // IBlockCipher interface implementation -----------------------------------
-
   public abstract Object clone();
 
   public String name()
   {
     StringBuffer sb = new StringBuffer(name).append('-');
     if (currentKey == null)
-      {
-        sb.append(String.valueOf(8 * defaultBlockSize));
-      }
+      sb.append(String.valueOf(8 * defaultBlockSize));
     else
-      {
-        sb.append(String.valueOf(8 * currentBlockSize));
-      }
+      sb.append(String.valueOf(8 * currentBlockSize));
     return sb.toString();
   }
 
@@ -131,17 +111,13 @@ public abstract class BaseCipher implements IBlockCipher, IBlockCipherSpi
     synchronized (lock)
       {
         if (currentKey != null)
-          {
-            throw new IllegalStateException();
-          }
-
+          throw new IllegalStateException();
         Integer bs = (Integer) attributes.get(CIPHER_BLOCK_SIZE);
-        if (bs == null)
-          { // no block size was specified.
-            if (currentBlockSize == 0)
-              { // happy birthday
-                currentBlockSize = defaultBlockSize;
-              } // else it's a clone. use as is
+        if (bs == null) // no block size was specified
+          {
+            if (currentBlockSize == 0) // happy birthday
+              currentBlockSize = defaultBlockSize;
+            // else it's a clone. use as is
           }
         else
           {
@@ -153,17 +129,11 @@ public abstract class BaseCipher implements IBlockCipher, IBlockCipherSpi
               {
                 ok = (currentBlockSize == ((Integer) it.next()).intValue());
                 if (ok)
-                  {
-                    break;
-                  }
-              }
-            if (!ok)
-              {
-                throw new IllegalArgumentException(
-                                                   IBlockCipher.CIPHER_BLOCK_SIZE);
+                  break;
               }
+            if (! ok)
+              throw new IllegalArgumentException(IBlockCipher.CIPHER_BLOCK_SIZE);
           }
-
         byte[] k = (byte[]) attributes.get(KEY_MATERIAL);
         currentKey = makeKey(k, currentBlockSize);
       }
@@ -172,9 +142,7 @@ public abstract class BaseCipher implements IBlockCipher, IBlockCipherSpi
   public int currentBlockSize()
   {
     if (currentKey == null)
-      {
-        throw new IllegalStateException();
-      }
+      throw new IllegalStateException();
     return currentBlockSize;
   }
 
@@ -182,7 +150,6 @@ public abstract class BaseCipher implements IBlockCipher, IBlockCipherSpi
   {
     synchronized (lock)
       {
-        //         currentBlockSize = 0;
         currentKey = null;
       }
   }
@@ -193,10 +160,7 @@ public abstract class BaseCipher implements IBlockCipher, IBlockCipherSpi
     synchronized (lock)
       {
         if (currentKey == null)
-          {
-            throw new IllegalStateException();
-          }
-
+          throw new IllegalStateException();
         encrypt(in, inOffset, out, outOffset, currentKey, currentBlockSize);
       }
   }
@@ -207,10 +171,7 @@ public abstract class BaseCipher implements IBlockCipher, IBlockCipherSpi
     synchronized (lock)
       {
         if (currentKey == null)
-          {
-            throw new IllegalStateException();
-          }
-
+          throw new IllegalStateException();
         decrypt(in, inOffset, out, outOffset, currentKey, currentBlockSize);
       }
   }
@@ -219,25 +180,17 @@ public abstract class BaseCipher implements IBlockCipher, IBlockCipherSpi
   {
     int ks;
     Iterator bit;
-
     // do symmetry tests for all block-size/key-size combos
     for (Iterator kit = keySizes(); kit.hasNext();)
       {
         ks = ((Integer) kit.next()).intValue();
         for (bit = blockSizes(); bit.hasNext();)
-          {
-            if (!testSymmetry(ks, ((Integer) bit.next()).intValue()))
-              {
-                return false;
-              }
-          }
+          if (! testSymmetry(ks, ((Integer) bit.next()).intValue()))
+            return false;
       }
-
     return true;
   }
 
-  // own methods -------------------------------------------------------------
-
   private boolean testSymmetry(int ks, int bs)
   {
     try
@@ -248,24 +201,18 @@ public abstract class BaseCipher implements IBlockCipher, IBlockCipherSpi
         byte[] cpt = new byte[bs];
         int i;
         for (i = 0; i < ks; i++)
-          {
-            kb[i] = (byte) i;
-          }
+          kb[i] = (byte) i;
         for (i = 0; i < bs; i++)
-          {
-            pt[i] = (byte) i;
-          }
-
+          pt[i] = (byte) i;
         Object k = makeKey(kb, bs);
         encrypt(pt, 0, ct, 0, k, bs);
         decrypt(ct, 0, cpt, 0, k, bs);
-
         return Arrays.equals(pt, cpt);
-
       }
     catch (Exception x)
       {
-        x.printStackTrace(System.err);
+        if (Configuration.DEBUG)
+          log.log(Level.FINE, "Exception in testSymmetry() for " + name(), x);
         return false;
       }
   }
@@ -281,24 +228,20 @@ public abstract class BaseCipher implements IBlockCipher, IBlockCipherSpi
       {
         int bs = pt.length;
         byte[] t = new byte[bs];
-
         Object k = makeKey(kb, bs);
-
         // test encryption
         encrypt(pt, 0, t, 0, k, bs);
-        if (!Arrays.equals(t, ct))
-          {
-            return false;
-          }
+        if (! Arrays.equals(t, ct))
+          return false;
         // test decryption
         decrypt(t, 0, t, 0, k, bs);
         return Arrays.equals(t, pt);
-
       }
     catch (Exception x)
       {
-        x.printStackTrace(System.err);
+        if (Configuration.DEBUG)
+          log.log(Level.FINE, "Exception in testKat() for " + name(), x);
         return false;
       }
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/cipher/Blowfish.java b/libjava/classpath/gnu/javax/crypto/cipher/Blowfish.java
index ca1fdfbd394..68722e913c4 100644
--- a/libjava/classpath/gnu/javax/crypto/cipher/Blowfish.java
+++ b/libjava/classpath/gnu/javax/crypto/cipher/Blowfish.java
@@ -51,370 +51,210 @@ import java.util.Collections;
 import java.util.Iterator;
 
 /**
- * Blowfish is a 16-round, 64-bit Feistel cipher designed by Bruce
- * Schneier. It accepts a variable-length key of up to 448 bits.
- *
- * <p>References:</p>
+ * Blowfish is a 16-round, 64-bit Feistel cipher designed by Bruce Schneier. It
+ * accepts a variable-length key of up to 448 bits.
+ * <p>
+ * References:
  * <ol>
- *    <li>Schneier, Bruce: <i>Applied Cryptography</i>, Second Edition,
- *    336--339, 647--654 (1996 Bruce Schneier).</li>
- *    <li><a href="http://www.counterpane.com/blowfish.html">The
- *    Blowfish Encryption Algorithm.</a></li>
+ * <li>Schneier, Bruce: <i>Applied Cryptography</i>, Second Edition, 336--339,
+ * 647--654 (1996 Bruce Schneier).</li>
+ * <li><a href="http://www.counterpane.com/blowfish.html">The Blowfish
+ * Encryption Algorithm.</a></li>
  * </ol>
  */
-public class Blowfish extends BaseCipher
+public class Blowfish
+    extends BaseCipher
 {
-
-  // Constants and variables
-  // -----------------------------------------------------------------
-
   private static final int DEFAULT_BLOCK_SIZE = 8;
-
   private static final int DEFAULT_KEY_SIZE = 8;
-
   private static final int MAX_KEY_LENGTH = 56;
-
   /** Initial value of the p-array. */
-  private static final int[] P = { 0x243f6a88, 0x85a308d3, 0x13198a2e,
-                                  0x03707344, 0xa4093822, 0x299f31d0,
-                                  0x082efa98, 0xec4e6c89, 0x452821e6,
-                                  0x38d01377, 0xbe5466cf, 0x34e90c6c,
-                                  0xc0ac29b7, 0xc97c50dd, 0x3f84d5b5,
-                                  0xb5470917, 0x9216d5d9, 0x8979fb1b };
-
+  private static final int[] P = {
+      0x243f6a88, 0x85a308d3, 0x13198a2e, 0x03707344, 0xa4093822, 0x299f31d0,
+      0x082efa98, 0xec4e6c89, 0x452821e6, 0x38d01377, 0xbe5466cf, 0x34e90c6c,
+      0xc0ac29b7, 0xc97c50dd, 0x3f84d5b5, 0xb5470917, 0x9216d5d9, 0x8979fb1b };
   /** Initial value of S-box 1. */
-  static final int[] KS0 = { 0xd1310ba6, 0x98dfb5ac, 0x2ffd72db, 0xd01adfb7,
-                            0xb8e1afed, 0x6a267e96, 0xba7c9045, 0xf12c7f99,
-                            0x24a19947, 0xb3916cf7, 0x0801f2e2, 0x858efc16,
-                            0x636920d8, 0x71574e69, 0xa458fea3, 0xf4933d7e,
-                            0x0d95748f, 0x728eb658, 0x718bcd58, 0x82154aee,
-                            0x7b54a41d, 0xc25a59b5, 0x9c30d539, 0x2af26013,
-                            0xc5d1b023, 0x286085f0, 0xca417918, 0xb8db38ef,
-                            0x8e79dcb0, 0x603a180e, 0x6c9e0e8b, 0xb01e8a3e,
-                            0xd71577c1, 0xbd314b27, 0x78af2fda, 0x55605c60,
-                            0xe65525f3, 0xaa55ab94, 0x57489862, 0x63e81440,
-                            0x55ca396a, 0x2aab10b6, 0xb4cc5c34, 0x1141e8ce,
-                            0xa15486af, 0x7c72e993, 0xb3ee1411, 0x636fbc2a,
-                            0x2ba9c55d, 0x741831f6, 0xce5c3e16, 0x9b87931e,
-                            0xafd6ba33, 0x6c24cf5c, 0x7a325381, 0x28958677,
-                            0x3b8f4898, 0x6b4bb9af, 0xc4bfe81b, 0x66282193,
-                            0x61d809cc, 0xfb21a991, 0x487cac60, 0x5dec8032,
-                            0xef845d5d, 0xe98575b1, 0xdc262302, 0xeb651b88,
-                            0x23893e81, 0xd396acc5, 0x0f6d6ff3, 0x83f44239,
-                            0x2e0b4482, 0xa4842004, 0x69c8f04a, 0x9e1f9b5e,
-                            0x21c66842, 0xf6e96c9a, 0x670c9c61, 0xabd388f0,
-                            0x6a51a0d2, 0xd8542f68, 0x960fa728, 0xab5133a3,
-                            0x6eef0b6c, 0x137a3be4, 0xba3bf050, 0x7efb2a98,
-                            0xa1f1651d, 0x39af0176, 0x66ca593e, 0x82430e88,
-                            0x8cee8619, 0x456f9fb4, 0x7d84a5c3, 0x3b8b5ebe,
-                            0xe06f75d8, 0x85c12073, 0x401a449f, 0x56c16aa6,
-                            0x4ed3aa62, 0x363f7706, 0x1bfedf72, 0x429b023d,
-                            0x37d0d724, 0xd00a1248, 0xdb0fead3, 0x49f1c09b,
-                            0x075372c9, 0x80991b7b, 0x25d479d8, 0xf6e8def7,
-                            0xe3fe501a, 0xb6794c3b, 0x976ce0bd, 0x04c006ba,
-                            0xc1a94fb6, 0x409f60c4, 0x5e5c9ec2, 0x196a2463,
-                            0x68fb6faf, 0x3e6c53b5, 0x1339b2eb, 0x3b52ec6f,
-                            0x6dfc511f, 0x9b30952c, 0xcc814544, 0xaf5ebd09,
-                            0xbee3d004, 0xde334afd, 0x660f2807, 0x192e4bb3,
-                            0xc0cba857, 0x45c8740f, 0xd20b5f39, 0xb9d3fbdb,
-                            0x5579c0bd, 0x1a60320a, 0xd6a100c6, 0x402c7279,
-                            0x679f25fe, 0xfb1fa3cc, 0x8ea5e9f8, 0xdb3222f8,
-                            0x3c7516df, 0xfd616b15, 0x2f501ec8, 0xad0552ab,
-                            0x323db5fa, 0xfd238760, 0x53317b48, 0x3e00df82,
-                            0x9e5c57bb, 0xca6f8ca0, 0x1a87562e, 0xdf1769db,
-                            0xd542a8f6, 0x287effc3, 0xac6732c6, 0x8c4f5573,
-                            0x695b27b0, 0xbbca58c8, 0xe1ffa35d, 0xb8f011a0,
-                            0x10fa3d98, 0xfd2183b8, 0x4afcb56c, 0x2dd1d35b,
-                            0x9a53e479, 0xb6f84565, 0xd28e49bc, 0x4bfb9790,
-                            0xe1ddf2da, 0xa4cb7e33, 0x62fb1341, 0xcee4c6e8,
-                            0xef20cada, 0x36774c01, 0xd07e9efe, 0x2bf11fb4,
-                            0x95dbda4d, 0xae909198, 0xeaad8e71, 0x6b93d5a0,
-                            0xd08ed1d0, 0xafc725e0, 0x8e3c5b2f, 0x8e7594b7,
-                            0x8ff6e2fb, 0xf2122b64, 0x8888b812, 0x900df01c,
-                            0x4fad5ea0, 0x688fc31c, 0xd1cff191, 0xb3a8c1ad,
-                            0x2f2f2218, 0xbe0e1777, 0xea752dfe, 0x8b021fa1,
-                            0xe5a0cc0f, 0xb56f74e8, 0x18acf3d6, 0xce89e299,
-                            0xb4a84fe0, 0xfd13e0b7, 0x7cc43b81, 0xd2ada8d9,
-                            0x165fa266, 0x80957705, 0x93cc7314, 0x211a1477,
-                            0xe6ad2065, 0x77b5fa86, 0xc75442f5, 0xfb9d35cf,
-                            0xebcdaf0c, 0x7b3e89a0, 0xd6411bd3, 0xae1e7e49,
-                            0x00250e2d, 0x2071b35e, 0x226800bb, 0x57b8e0af,
-                            0x2464369b, 0xf009b91e, 0x5563911d, 0x59dfa6aa,
-                            0x78c14389, 0xd95a537f, 0x207d5ba2, 0x02e5b9c5,
-                            0x83260376, 0x6295cfa9, 0x11c81968, 0x4e734a41,
-                            0xb3472dca, 0x7b14a94a, 0x1b510052, 0x9a532915,
-                            0xd60f573f, 0xbc9bc6e4, 0x2b60a476, 0x81e67400,
-                            0x08ba6fb5, 0x571be91f, 0xf296ec6b, 0x2a0dd915,
-                            0xb6636521, 0xe7b9f9b6, 0xff34052e, 0xc5855664,
-                            0x53b02d5d, 0xa99f8fa1, 0x08ba4799, 0x6e85076a };
-
+  static final int[] KS0 = {
+      0xd1310ba6, 0x98dfb5ac, 0x2ffd72db, 0xd01adfb7, 0xb8e1afed, 0x6a267e96,
+      0xba7c9045, 0xf12c7f99, 0x24a19947, 0xb3916cf7, 0x0801f2e2, 0x858efc16,
+      0x636920d8, 0x71574e69, 0xa458fea3, 0xf4933d7e, 0x0d95748f, 0x728eb658,
+      0x718bcd58, 0x82154aee, 0x7b54a41d, 0xc25a59b5, 0x9c30d539, 0x2af26013,
+      0xc5d1b023, 0x286085f0, 0xca417918, 0xb8db38ef, 0x8e79dcb0, 0x603a180e,
+      0x6c9e0e8b, 0xb01e8a3e, 0xd71577c1, 0xbd314b27, 0x78af2fda, 0x55605c60,
+      0xe65525f3, 0xaa55ab94, 0x57489862, 0x63e81440, 0x55ca396a, 0x2aab10b6,
+      0xb4cc5c34, 0x1141e8ce, 0xa15486af, 0x7c72e993, 0xb3ee1411, 0x636fbc2a,
+      0x2ba9c55d, 0x741831f6, 0xce5c3e16, 0x9b87931e, 0xafd6ba33, 0x6c24cf5c,
+      0x7a325381, 0x28958677, 0x3b8f4898, 0x6b4bb9af, 0xc4bfe81b, 0x66282193,
+      0x61d809cc, 0xfb21a991, 0x487cac60, 0x5dec8032, 0xef845d5d, 0xe98575b1,
+      0xdc262302, 0xeb651b88, 0x23893e81, 0xd396acc5, 0x0f6d6ff3, 0x83f44239,
+      0x2e0b4482, 0xa4842004, 0x69c8f04a, 0x9e1f9b5e, 0x21c66842, 0xf6e96c9a,
+      0x670c9c61, 0xabd388f0, 0x6a51a0d2, 0xd8542f68, 0x960fa728, 0xab5133a3,
+      0x6eef0b6c, 0x137a3be4, 0xba3bf050, 0x7efb2a98, 0xa1f1651d, 0x39af0176,
+      0x66ca593e, 0x82430e88, 0x8cee8619, 0x456f9fb4, 0x7d84a5c3, 0x3b8b5ebe,
+      0xe06f75d8, 0x85c12073, 0x401a449f, 0x56c16aa6, 0x4ed3aa62, 0x363f7706,
+      0x1bfedf72, 0x429b023d, 0x37d0d724, 0xd00a1248, 0xdb0fead3, 0x49f1c09b,
+      0x075372c9, 0x80991b7b, 0x25d479d8, 0xf6e8def7, 0xe3fe501a, 0xb6794c3b,
+      0x976ce0bd, 0x04c006ba, 0xc1a94fb6, 0x409f60c4, 0x5e5c9ec2, 0x196a2463,
+      0x68fb6faf, 0x3e6c53b5, 0x1339b2eb, 0x3b52ec6f, 0x6dfc511f, 0x9b30952c,
+      0xcc814544, 0xaf5ebd09, 0xbee3d004, 0xde334afd, 0x660f2807, 0x192e4bb3,
+      0xc0cba857, 0x45c8740f, 0xd20b5f39, 0xb9d3fbdb, 0x5579c0bd, 0x1a60320a,
+      0xd6a100c6, 0x402c7279, 0x679f25fe, 0xfb1fa3cc, 0x8ea5e9f8, 0xdb3222f8,
+      0x3c7516df, 0xfd616b15, 0x2f501ec8, 0xad0552ab, 0x323db5fa, 0xfd238760,
+      0x53317b48, 0x3e00df82, 0x9e5c57bb, 0xca6f8ca0, 0x1a87562e, 0xdf1769db,
+      0xd542a8f6, 0x287effc3, 0xac6732c6, 0x8c4f5573, 0x695b27b0, 0xbbca58c8,
+      0xe1ffa35d, 0xb8f011a0, 0x10fa3d98, 0xfd2183b8, 0x4afcb56c, 0x2dd1d35b,
+      0x9a53e479, 0xb6f84565, 0xd28e49bc, 0x4bfb9790, 0xe1ddf2da, 0xa4cb7e33,
+      0x62fb1341, 0xcee4c6e8, 0xef20cada, 0x36774c01, 0xd07e9efe, 0x2bf11fb4,
+      0x95dbda4d, 0xae909198, 0xeaad8e71, 0x6b93d5a0, 0xd08ed1d0, 0xafc725e0,
+      0x8e3c5b2f, 0x8e7594b7, 0x8ff6e2fb, 0xf2122b64, 0x8888b812, 0x900df01c,
+      0x4fad5ea0, 0x688fc31c, 0xd1cff191, 0xb3a8c1ad, 0x2f2f2218, 0xbe0e1777,
+      0xea752dfe, 0x8b021fa1, 0xe5a0cc0f, 0xb56f74e8, 0x18acf3d6, 0xce89e299,
+      0xb4a84fe0, 0xfd13e0b7, 0x7cc43b81, 0xd2ada8d9, 0x165fa266, 0x80957705,
+      0x93cc7314, 0x211a1477, 0xe6ad2065, 0x77b5fa86, 0xc75442f5, 0xfb9d35cf,
+      0xebcdaf0c, 0x7b3e89a0, 0xd6411bd3, 0xae1e7e49, 0x00250e2d, 0x2071b35e,
+      0x226800bb, 0x57b8e0af, 0x2464369b, 0xf009b91e, 0x5563911d, 0x59dfa6aa,
+      0x78c14389, 0xd95a537f, 0x207d5ba2, 0x02e5b9c5, 0x83260376, 0x6295cfa9,
+      0x11c81968, 0x4e734a41, 0xb3472dca, 0x7b14a94a, 0x1b510052, 0x9a532915,
+      0xd60f573f, 0xbc9bc6e4, 0x2b60a476, 0x81e67400, 0x08ba6fb5, 0x571be91f,
+      0xf296ec6b, 0x2a0dd915, 0xb6636521, 0xe7b9f9b6, 0xff34052e, 0xc5855664,
+      0x53b02d5d, 0xa99f8fa1, 0x08ba4799, 0x6e85076a };
   /** Initial value of S-box 2. */
-  private static final int[] KS1 = { 0x4b7a70e9, 0xb5b32944, 0xdb75092e,
-                                    0xc4192623, 0xad6ea6b0, 0x49a7df7d,
-                                    0x9cee60b8, 0x8fedb266, 0xecaa8c71,
-                                    0x699a17ff, 0x5664526c, 0xc2b19ee1,
-                                    0x193602a5, 0x75094c29, 0xa0591340,
-                                    0xe4183a3e, 0x3f54989a, 0x5b429d65,
-                                    0x6b8fe4d6, 0x99f73fd6, 0xa1d29c07,
-                                    0xefe830f5, 0x4d2d38e6, 0xf0255dc1,
-                                    0x4cdd2086, 0x8470eb26, 0x6382e9c6,
-                                    0x021ecc5e, 0x09686b3f, 0x3ebaefc9,
-                                    0x3c971814, 0x6b6a70a1, 0x687f3584,
-                                    0x52a0e286, 0xb79c5305, 0xaa500737,
-                                    0x3e07841c, 0x7fdeae5c, 0x8e7d44ec,
-                                    0x5716f2b8, 0xb03ada37, 0xf0500c0d,
-                                    0xf01c1f04, 0x0200b3ff, 0xae0cf51a,
-                                    0x3cb574b2, 0x25837a58, 0xdc0921bd,
-                                    0xd19113f9, 0x7ca92ff6, 0x94324773,
-                                    0x22f54701, 0x3ae5e581, 0x37c2dadc,
-                                    0xc8b57634, 0x9af3dda7, 0xa9446146,
-                                    0x0fd0030e, 0xecc8c73e, 0xa4751e41,
-                                    0xe238cd99, 0x3bea0e2f, 0x3280bba1,
-                                    0x183eb331, 0x4e548b38, 0x4f6db908,
-                                    0x6f420d03, 0xf60a04bf, 0x2cb81290,
-                                    0x24977c79, 0x5679b072, 0xbcaf89af,
-                                    0xde9a771f, 0xd9930810, 0xb38bae12,
-                                    0xdccf3f2e, 0x5512721f, 0x2e6b7124,
-                                    0x501adde6, 0x9f84cd87, 0x7a584718,
-                                    0x7408da17, 0xbc9f9abc, 0xe94b7d8c,
-                                    0xec7aec3a, 0xdb851dfa, 0x63094366,
-                                    0xc464c3d2, 0xef1c1847, 0x3215d908,
-                                    0xdd433b37, 0x24c2ba16, 0x12a14d43,
-                                    0x2a65c451, 0x50940002, 0x133ae4dd,
-                                    0x71dff89e, 0x10314e55, 0x81ac77d6,
-                                    0x5f11199b, 0x043556f1, 0xd7a3c76b,
-                                    0x3c11183b, 0x5924a509, 0xf28fe6ed,
-                                    0x97f1fbfa, 0x9ebabf2c, 0x1e153c6e,
-                                    0x86e34570, 0xeae96fb1, 0x860e5e0a,
-                                    0x5a3e2ab3, 0x771fe71c, 0x4e3d06fa,
-                                    0x2965dcb9, 0x99e71d0f, 0x803e89d6,
-                                    0x5266c825, 0x2e4cc978, 0x9c10b36a,
-                                    0xc6150eba, 0x94e2ea78, 0xa5fc3c53,
-                                    0x1e0a2df4, 0xf2f74ea7, 0x361d2b3d,
-                                    0x1939260f, 0x19c27960, 0x5223a708,
-                                    0xf71312b6, 0xebadfe6e, 0xeac31f66,
-                                    0xe3bc4595, 0xa67bc883, 0xb17f37d1,
-                                    0x018cff28, 0xc332ddef, 0xbe6c5aa5,
-                                    0x65582185, 0x68ab9802, 0xeecea50f,
-                                    0xdb2f953b, 0x2aef7dad, 0x5b6e2f84,
-                                    0x1521b628, 0x29076170, 0xecdd4775,
-                                    0x619f1510, 0x13cca830, 0xeb61bd96,
-                                    0x0334fe1e, 0xaa0363cf, 0xb5735c90,
-                                    0x4c70a239, 0xd59e9e0b, 0xcbaade14,
-                                    0xeecc86bc, 0x60622ca7, 0x9cab5cab,
-                                    0xb2f3846e, 0x648b1eaf, 0x19bdf0ca,
-                                    0xa02369b9, 0x655abb50, 0x40685a32,
-                                    0x3c2ab4b3, 0x319ee9d5, 0xc021b8f7,
-                                    0x9b540b19, 0x875fa099, 0x95f7997e,
-                                    0x623d7da8, 0xf837889a, 0x97e32d77,
-                                    0x11ed935f, 0x16681281, 0x0e358829,
-                                    0xc7e61fd6, 0x96dedfa1, 0x7858ba99,
-                                    0x57f584a5, 0x1b227263, 0x9b83c3ff,
-                                    0x1ac24696, 0xcdb30aeb, 0x532e3054,
-                                    0x8fd948e4, 0x6dbc3128, 0x58ebf2ef,
-                                    0x34c6ffea, 0xfe28ed61, 0xee7c3c73,
-                                    0x5d4a14d9, 0xe864b7e3, 0x42105d14,
-                                    0x203e13e0, 0x45eee2b6, 0xa3aaabea,
-                                    0xdb6c4f15, 0xfacb4fd0, 0xc742f442,
-                                    0xef6abbb5, 0x654f3b1d, 0x41cd2105,
-                                    0xd81e799e, 0x86854dc7, 0xe44b476a,
-                                    0x3d816250, 0xcf62a1f2, 0x5b8d2646,
-                                    0xfc8883a0, 0xc1c7b6a3, 0x7f1524c3,
-                                    0x69cb7492, 0x47848a0b, 0x5692b285,
-                                    0x095bbf00, 0xad19489d, 0x1462b174,
-                                    0x23820e00, 0x58428d2a, 0x0c55f5ea,
-                                    0x1dadf43e, 0x233f7061, 0x3372f092,
-                                    0x8d937e41, 0xd65fecf1, 0x6c223bdb,
-                                    0x7cde3759, 0xcbee7460, 0x4085f2a7,
-                                    0xce77326e, 0xa6078084, 0x19f8509e,
-                                    0xe8efd855, 0x61d99735, 0xa969a7aa,
-                                    0xc50c06c2, 0x5a04abfc, 0x800bcadc,
-                                    0x9e447a2e, 0xc3453484, 0xfdd56705,
-                                    0x0e1e9ec9, 0xdb73dbd3, 0x105588cd,
-                                    0x675fda79, 0xe3674340, 0xc5c43465,
-                                    0x713e38d8, 0x3d28f89e, 0xf16dff20,
-                                    0x153e21e7, 0x8fb03d4a, 0xe6e39f2b,
-                                    0xdb83adf7 };
-
+  private static final int[] KS1 = {
+      0x4b7a70e9, 0xb5b32944, 0xdb75092e, 0xc4192623, 0xad6ea6b0, 0x49a7df7d,
+      0x9cee60b8, 0x8fedb266, 0xecaa8c71, 0x699a17ff, 0x5664526c, 0xc2b19ee1,
+      0x193602a5, 0x75094c29, 0xa0591340, 0xe4183a3e, 0x3f54989a, 0x5b429d65,
+      0x6b8fe4d6, 0x99f73fd6, 0xa1d29c07, 0xefe830f5, 0x4d2d38e6, 0xf0255dc1,
+      0x4cdd2086, 0x8470eb26, 0x6382e9c6, 0x021ecc5e, 0x09686b3f, 0x3ebaefc9,
+      0x3c971814, 0x6b6a70a1, 0x687f3584, 0x52a0e286, 0xb79c5305, 0xaa500737,
+      0x3e07841c, 0x7fdeae5c, 0x8e7d44ec, 0x5716f2b8, 0xb03ada37, 0xf0500c0d,
+      0xf01c1f04, 0x0200b3ff, 0xae0cf51a, 0x3cb574b2, 0x25837a58, 0xdc0921bd,
+      0xd19113f9, 0x7ca92ff6, 0x94324773, 0x22f54701, 0x3ae5e581, 0x37c2dadc,
+      0xc8b57634, 0x9af3dda7, 0xa9446146, 0x0fd0030e, 0xecc8c73e, 0xa4751e41,
+      0xe238cd99, 0x3bea0e2f, 0x3280bba1, 0x183eb331, 0x4e548b38, 0x4f6db908,
+      0x6f420d03, 0xf60a04bf, 0x2cb81290, 0x24977c79, 0x5679b072, 0xbcaf89af,
+      0xde9a771f, 0xd9930810, 0xb38bae12, 0xdccf3f2e, 0x5512721f, 0x2e6b7124,
+      0x501adde6, 0x9f84cd87, 0x7a584718, 0x7408da17, 0xbc9f9abc, 0xe94b7d8c,
+      0xec7aec3a, 0xdb851dfa, 0x63094366, 0xc464c3d2, 0xef1c1847, 0x3215d908,
+      0xdd433b37, 0x24c2ba16, 0x12a14d43, 0x2a65c451, 0x50940002, 0x133ae4dd,
+      0x71dff89e, 0x10314e55, 0x81ac77d6, 0x5f11199b, 0x043556f1, 0xd7a3c76b,
+      0x3c11183b, 0x5924a509, 0xf28fe6ed, 0x97f1fbfa, 0x9ebabf2c, 0x1e153c6e,
+      0x86e34570, 0xeae96fb1, 0x860e5e0a, 0x5a3e2ab3, 0x771fe71c, 0x4e3d06fa,
+      0x2965dcb9, 0x99e71d0f, 0x803e89d6, 0x5266c825, 0x2e4cc978, 0x9c10b36a,
+      0xc6150eba, 0x94e2ea78, 0xa5fc3c53, 0x1e0a2df4, 0xf2f74ea7, 0x361d2b3d,
+      0x1939260f, 0x19c27960, 0x5223a708, 0xf71312b6, 0xebadfe6e, 0xeac31f66,
+      0xe3bc4595, 0xa67bc883, 0xb17f37d1, 0x018cff28, 0xc332ddef, 0xbe6c5aa5,
+      0x65582185, 0x68ab9802, 0xeecea50f, 0xdb2f953b, 0x2aef7dad, 0x5b6e2f84,
+      0x1521b628, 0x29076170, 0xecdd4775, 0x619f1510, 0x13cca830, 0xeb61bd96,
+      0x0334fe1e, 0xaa0363cf, 0xb5735c90, 0x4c70a239, 0xd59e9e0b, 0xcbaade14,
+      0xeecc86bc, 0x60622ca7, 0x9cab5cab, 0xb2f3846e, 0x648b1eaf, 0x19bdf0ca,
+      0xa02369b9, 0x655abb50, 0x40685a32, 0x3c2ab4b3, 0x319ee9d5, 0xc021b8f7,
+      0x9b540b19, 0x875fa099, 0x95f7997e, 0x623d7da8, 0xf837889a, 0x97e32d77,
+      0x11ed935f, 0x16681281, 0x0e358829, 0xc7e61fd6, 0x96dedfa1, 0x7858ba99,
+      0x57f584a5, 0x1b227263, 0x9b83c3ff, 0x1ac24696, 0xcdb30aeb, 0x532e3054,
+      0x8fd948e4, 0x6dbc3128, 0x58ebf2ef, 0x34c6ffea, 0xfe28ed61, 0xee7c3c73,
+      0x5d4a14d9, 0xe864b7e3, 0x42105d14, 0x203e13e0, 0x45eee2b6, 0xa3aaabea,
+      0xdb6c4f15, 0xfacb4fd0, 0xc742f442, 0xef6abbb5, 0x654f3b1d, 0x41cd2105,
+      0xd81e799e, 0x86854dc7, 0xe44b476a, 0x3d816250, 0xcf62a1f2, 0x5b8d2646,
+      0xfc8883a0, 0xc1c7b6a3, 0x7f1524c3, 0x69cb7492, 0x47848a0b, 0x5692b285,
+      0x095bbf00, 0xad19489d, 0x1462b174, 0x23820e00, 0x58428d2a, 0x0c55f5ea,
+      0x1dadf43e, 0x233f7061, 0x3372f092, 0x8d937e41, 0xd65fecf1, 0x6c223bdb,
+      0x7cde3759, 0xcbee7460, 0x4085f2a7, 0xce77326e, 0xa6078084, 0x19f8509e,
+      0xe8efd855, 0x61d99735, 0xa969a7aa, 0xc50c06c2, 0x5a04abfc, 0x800bcadc,
+      0x9e447a2e, 0xc3453484, 0xfdd56705, 0x0e1e9ec9, 0xdb73dbd3, 0x105588cd,
+      0x675fda79, 0xe3674340, 0xc5c43465, 0x713e38d8, 0x3d28f89e, 0xf16dff20,
+      0x153e21e7, 0x8fb03d4a, 0xe6e39f2b, 0xdb83adf7 };
   /** Initial value of S-box 3. */
-  private static final int[] KS2 = { 0xe93d5a68, 0x948140f7, 0xf64c261c,
-                                    0x94692934, 0x411520f7, 0x7602d4f7,
-                                    0xbcf46b2e, 0xd4a20068, 0xd4082471,
-                                    0x3320f46a, 0x43b7d4b7, 0x500061af,
-                                    0x1e39f62e, 0x97244546, 0x14214f74,
-                                    0xbf8b8840, 0x4d95fc1d, 0x96b591af,
-                                    0x70f4ddd3, 0x66a02f45, 0xbfbc09ec,
-                                    0x03bd9785, 0x7fac6dd0, 0x31cb8504,
-                                    0x96eb27b3, 0x55fd3941, 0xda2547e6,
-                                    0xabca0a9a, 0x28507825, 0x530429f4,
-                                    0x0a2c86da, 0xe9b66dfb, 0x68dc1462,
-                                    0xd7486900, 0x680ec0a4, 0x27a18dee,
-                                    0x4f3ffea2, 0xe887ad8c, 0xb58ce006,
-                                    0x7af4d6b6, 0xaace1e7c, 0xd3375fec,
-                                    0xce78a399, 0x406b2a42, 0x20fe9e35,
-                                    0xd9f385b9, 0xee39d7ab, 0x3b124e8b,
-                                    0x1dc9faf7, 0x4b6d1856, 0x26a36631,
-                                    0xeae397b2, 0x3a6efa74, 0xdd5b4332,
-                                    0x6841e7f7, 0xca7820fb, 0xfb0af54e,
-                                    0xd8feb397, 0x454056ac, 0xba489527,
-                                    0x55533a3a, 0x20838d87, 0xfe6ba9b7,
-                                    0xd096954b, 0x55a867bc, 0xa1159a58,
-                                    0xcca92963, 0x99e1db33, 0xa62a4a56,
-                                    0x3f3125f9, 0x5ef47e1c, 0x9029317c,
-                                    0xfdf8e802, 0x04272f70, 0x80bb155c,
-                                    0x05282ce3, 0x95c11548, 0xe4c66d22,
-                                    0x48c1133f, 0xc70f86dc, 0x07f9c9ee,
-                                    0x41041f0f, 0x404779a4, 0x5d886e17,
-                                    0x325f51eb, 0xd59bc0d1, 0xf2bcc18f,
-                                    0x41113564, 0x257b7834, 0x602a9c60,
-                                    0xdff8e8a3, 0x1f636c1b, 0x0e12b4c2,
-                                    0x02e1329e, 0xaf664fd1, 0xcad18115,
-                                    0x6b2395e0, 0x333e92e1, 0x3b240b62,
-                                    0xeebeb922, 0x85b2a20e, 0xe6ba0d99,
-                                    0xde720c8c, 0x2da2f728, 0xd0127845,
-                                    0x95b794fd, 0x647d0862, 0xe7ccf5f0,
-                                    0x5449a36f, 0x877d48fa, 0xc39dfd27,
-                                    0xf33e8d1e, 0x0a476341, 0x992eff74,
-                                    0x3a6f6eab, 0xf4f8fd37, 0xa812dc60,
-                                    0xa1ebddf8, 0x991be14c, 0xdb6e6b0d,
-                                    0xc67b5510, 0x6d672c37, 0x2765d43b,
-                                    0xdcd0e804, 0xf1290dc7, 0xcc00ffa3,
-                                    0xb5390f92, 0x690fed0b, 0x667b9ffb,
-                                    0xcedb7d9c, 0xa091cf0b, 0xd9155ea3,
-                                    0xbb132f88, 0x515bad24, 0x7b9479bf,
-                                    0x763bd6eb, 0x37392eb3, 0xcc115979,
-                                    0x8026e297, 0xf42e312d, 0x6842ada7,
-                                    0xc66a2b3b, 0x12754ccc, 0x782ef11c,
-                                    0x6a124237, 0xb79251e7, 0x06a1bbe6,
-                                    0x4bfb6350, 0x1a6b1018, 0x11caedfa,
-                                    0x3d25bdd8, 0xe2e1c3c9, 0x44421659,
-                                    0x0a121386, 0xd90cec6e, 0xd5abea2a,
-                                    0x64af674e, 0xda86a85f, 0xbebfe988,
-                                    0x64e4c3fe, 0x9dbc8057, 0xf0f7c086,
-                                    0x60787bf8, 0x6003604d, 0xd1fd8346,
-                                    0xf6381fb0, 0x7745ae04, 0xd736fccc,
-                                    0x83426b33, 0xf01eab71, 0xb0804187,
-                                    0x3c005e5f, 0x77a057be, 0xbde8ae24,
-                                    0x55464299, 0xbf582e61, 0x4e58f48f,
-                                    0xf2ddfda2, 0xf474ef38, 0x8789bdc2,
-                                    0x5366f9c3, 0xc8b38e74, 0xb475f255,
-                                    0x46fcd9b9, 0x7aeb2661, 0x8b1ddf84,
-                                    0x846a0e79, 0x915f95e2, 0x466e598e,
-                                    0x20b45770, 0x8cd55591, 0xc902de4c,
-                                    0xb90bace1, 0xbb8205d0, 0x11a86248,
-                                    0x7574a99e, 0xb77f19b6, 0xe0a9dc09,
-                                    0x662d09a1, 0xc4324633, 0xe85a1f02,
-                                    0x09f0be8c, 0x4a99a025, 0x1d6efe10,
-                                    0x1ab93d1d, 0x0ba5a4df, 0xa186f20f,
-                                    0x2868f169, 0xdcb7da83, 0x573906fe,
-                                    0xa1e2ce9b, 0x4fcd7f52, 0x50115e01,
-                                    0xa70683fa, 0xa002b5c4, 0x0de6d027,
-                                    0x9af88c27, 0x773f8641, 0xc3604c06,
-                                    0x61a806b5, 0xf0177a28, 0xc0f586e0,
-                                    0x006058aa, 0x30dc7d62, 0x11e69ed7,
-                                    0x2338ea63, 0x53c2dd94, 0xc2c21634,
-                                    0xbbcbee56, 0x90bcb6de, 0xebfc7da1,
-                                    0xce591d76, 0x6f05e409, 0x4b7c0188,
-                                    0x39720a3d, 0x7c927c24, 0x86e3725f,
-                                    0x724d9db9, 0x1ac15bb4, 0xd39eb8fc,
-                                    0xed545578, 0x08fca5b5, 0xd83d7cd3,
-                                    0x4dad0fc4, 0x1e50ef5e, 0xb161e6f8,
-                                    0xa28514d9, 0x6c51133c, 0x6fd5c7e7,
-                                    0x56e14ec4, 0x362abfce, 0xddc6c837,
-                                    0xd79a3234, 0x92638212, 0x670efa8e,
-                                    0x406000e0 };
-
+  private static final int[] KS2 = {
+      0xe93d5a68, 0x948140f7, 0xf64c261c, 0x94692934, 0x411520f7, 0x7602d4f7,
+      0xbcf46b2e, 0xd4a20068, 0xd4082471, 0x3320f46a, 0x43b7d4b7, 0x500061af,
+      0x1e39f62e, 0x97244546, 0x14214f74, 0xbf8b8840, 0x4d95fc1d, 0x96b591af,
+      0x70f4ddd3, 0x66a02f45, 0xbfbc09ec, 0x03bd9785, 0x7fac6dd0, 0x31cb8504,
+      0x96eb27b3, 0x55fd3941, 0xda2547e6, 0xabca0a9a, 0x28507825, 0x530429f4,
+      0x0a2c86da, 0xe9b66dfb, 0x68dc1462, 0xd7486900, 0x680ec0a4, 0x27a18dee,
+      0x4f3ffea2, 0xe887ad8c, 0xb58ce006, 0x7af4d6b6, 0xaace1e7c, 0xd3375fec,
+      0xce78a399, 0x406b2a42, 0x20fe9e35, 0xd9f385b9, 0xee39d7ab, 0x3b124e8b,
+      0x1dc9faf7, 0x4b6d1856, 0x26a36631, 0xeae397b2, 0x3a6efa74, 0xdd5b4332,
+      0x6841e7f7, 0xca7820fb, 0xfb0af54e, 0xd8feb397, 0x454056ac, 0xba489527,
+      0x55533a3a, 0x20838d87, 0xfe6ba9b7, 0xd096954b, 0x55a867bc, 0xa1159a58,
+      0xcca92963, 0x99e1db33, 0xa62a4a56, 0x3f3125f9, 0x5ef47e1c, 0x9029317c,
+      0xfdf8e802, 0x04272f70, 0x80bb155c, 0x05282ce3, 0x95c11548, 0xe4c66d22,
+      0x48c1133f, 0xc70f86dc, 0x07f9c9ee, 0x41041f0f, 0x404779a4, 0x5d886e17,
+      0x325f51eb, 0xd59bc0d1, 0xf2bcc18f, 0x41113564, 0x257b7834, 0x602a9c60,
+      0xdff8e8a3, 0x1f636c1b, 0x0e12b4c2, 0x02e1329e, 0xaf664fd1, 0xcad18115,
+      0x6b2395e0, 0x333e92e1, 0x3b240b62, 0xeebeb922, 0x85b2a20e, 0xe6ba0d99,
+      0xde720c8c, 0x2da2f728, 0xd0127845, 0x95b794fd, 0x647d0862, 0xe7ccf5f0,
+      0x5449a36f, 0x877d48fa, 0xc39dfd27, 0xf33e8d1e, 0x0a476341, 0x992eff74,
+      0x3a6f6eab, 0xf4f8fd37, 0xa812dc60, 0xa1ebddf8, 0x991be14c, 0xdb6e6b0d,
+      0xc67b5510, 0x6d672c37, 0x2765d43b, 0xdcd0e804, 0xf1290dc7, 0xcc00ffa3,
+      0xb5390f92, 0x690fed0b, 0x667b9ffb, 0xcedb7d9c, 0xa091cf0b, 0xd9155ea3,
+      0xbb132f88, 0x515bad24, 0x7b9479bf, 0x763bd6eb, 0x37392eb3, 0xcc115979,
+      0x8026e297, 0xf42e312d, 0x6842ada7, 0xc66a2b3b, 0x12754ccc, 0x782ef11c,
+      0x6a124237, 0xb79251e7, 0x06a1bbe6, 0x4bfb6350, 0x1a6b1018, 0x11caedfa,
+      0x3d25bdd8, 0xe2e1c3c9, 0x44421659, 0x0a121386, 0xd90cec6e, 0xd5abea2a,
+      0x64af674e, 0xda86a85f, 0xbebfe988, 0x64e4c3fe, 0x9dbc8057, 0xf0f7c086,
+      0x60787bf8, 0x6003604d, 0xd1fd8346, 0xf6381fb0, 0x7745ae04, 0xd736fccc,
+      0x83426b33, 0xf01eab71, 0xb0804187, 0x3c005e5f, 0x77a057be, 0xbde8ae24,
+      0x55464299, 0xbf582e61, 0x4e58f48f, 0xf2ddfda2, 0xf474ef38, 0x8789bdc2,
+      0x5366f9c3, 0xc8b38e74, 0xb475f255, 0x46fcd9b9, 0x7aeb2661, 0x8b1ddf84,
+      0x846a0e79, 0x915f95e2, 0x466e598e, 0x20b45770, 0x8cd55591, 0xc902de4c,
+      0xb90bace1, 0xbb8205d0, 0x11a86248, 0x7574a99e, 0xb77f19b6, 0xe0a9dc09,
+      0x662d09a1, 0xc4324633, 0xe85a1f02, 0x09f0be8c, 0x4a99a025, 0x1d6efe10,
+      0x1ab93d1d, 0x0ba5a4df, 0xa186f20f, 0x2868f169, 0xdcb7da83, 0x573906fe,
+      0xa1e2ce9b, 0x4fcd7f52, 0x50115e01, 0xa70683fa, 0xa002b5c4, 0x0de6d027,
+      0x9af88c27, 0x773f8641, 0xc3604c06, 0x61a806b5, 0xf0177a28, 0xc0f586e0,
+      0x006058aa, 0x30dc7d62, 0x11e69ed7, 0x2338ea63, 0x53c2dd94, 0xc2c21634,
+      0xbbcbee56, 0x90bcb6de, 0xebfc7da1, 0xce591d76, 0x6f05e409, 0x4b7c0188,
+      0x39720a3d, 0x7c927c24, 0x86e3725f, 0x724d9db9, 0x1ac15bb4, 0xd39eb8fc,
+      0xed545578, 0x08fca5b5, 0xd83d7cd3, 0x4dad0fc4, 0x1e50ef5e, 0xb161e6f8,
+      0xa28514d9, 0x6c51133c, 0x6fd5c7e7, 0x56e14ec4, 0x362abfce, 0xddc6c837,
+      0xd79a3234, 0x92638212, 0x670efa8e, 0x406000e0 };
   /** Initial value of S-box 4. */
-  private static final int[] KS3 = { 0x3a39ce37, 0xd3faf5cf, 0xabc27737,
-                                    0x5ac52d1b, 0x5cb0679e, 0x4fa33742,
-                                    0xd3822740, 0x99bc9bbe, 0xd5118e9d,
-                                    0xbf0f7315, 0xd62d1c7e, 0xc700c47b,
-                                    0xb78c1b6b, 0x21a19045, 0xb26eb1be,
-                                    0x6a366eb4, 0x5748ab2f, 0xbc946e79,
-                                    0xc6a376d2, 0x6549c2c8, 0x530ff8ee,
-                                    0x468dde7d, 0xd5730a1d, 0x4cd04dc6,
-                                    0x2939bbdb, 0xa9ba4650, 0xac9526e8,
-                                    0xbe5ee304, 0xa1fad5f0, 0x6a2d519a,
-                                    0x63ef8ce2, 0x9a86ee22, 0xc089c2b8,
-                                    0x43242ef6, 0xa51e03aa, 0x9cf2d0a4,
-                                    0x83c061ba, 0x9be96a4d, 0x8fe51550,
-                                    0xba645bd6, 0x2826a2f9, 0xa73a3ae1,
-                                    0x4ba99586, 0xef5562e9, 0xc72fefd3,
-                                    0xf752f7da, 0x3f046f69, 0x77fa0a59,
-                                    0x80e4a915, 0x87b08601, 0x9b09e6ad,
-                                    0x3b3ee593, 0xe990fd5a, 0x9e34d797,
-                                    0x2cf0b7d9, 0x022b8b51, 0x96d5ac3a,
-                                    0x017da67d, 0xd1cf3ed6, 0x7c7d2d28,
-                                    0x1f9f25cf, 0xadf2b89b, 0x5ad6b472,
-                                    0x5a88f54c, 0xe029ac71, 0xe019a5e6,
-                                    0x47b0acfd, 0xed93fa9b, 0xe8d3c48d,
-                                    0x283b57cc, 0xf8d56629, 0x79132e28,
-                                    0x785f0191, 0xed756055, 0xf7960e44,
-                                    0xe3d35e8c, 0x15056dd4, 0x88f46dba,
-                                    0x03a16125, 0x0564f0bd, 0xc3eb9e15,
-                                    0x3c9057a2, 0x97271aec, 0xa93a072a,
-                                    0x1b3f6d9b, 0x1e6321f5, 0xf59c66fb,
-                                    0x26dcf319, 0x7533d928, 0xb155fdf5,
-                                    0x03563482, 0x8aba3cbb, 0x28517711,
-                                    0xc20ad9f8, 0xabcc5167, 0xccad925f,
-                                    0x4de81751, 0x3830dc8e, 0x379d5862,
-                                    0x9320f991, 0xea7a90c2, 0xfb3e7bce,
-                                    0x5121ce64, 0x774fbe32, 0xa8b6e37e,
-                                    0xc3293d46, 0x48de5369, 0x6413e680,
-                                    0xa2ae0810, 0xdd6db224, 0x69852dfd,
-                                    0x09072166, 0xb39a460a, 0x6445c0dd,
-                                    0x586cdecf, 0x1c20c8ae, 0x5bbef7dd,
-                                    0x1b588d40, 0xccd2017f, 0x6bb4e3bb,
-                                    0xdda26a7e, 0x3a59ff45, 0x3e350a44,
-                                    0xbcb4cdd5, 0x72eacea8, 0xfa6484bb,
-                                    0x8d6612ae, 0xbf3c6f47, 0xd29be463,
-                                    0x542f5d9e, 0xaec2771b, 0xf64e6370,
-                                    0x740e0d8d, 0xe75b1357, 0xf8721671,
-                                    0xaf537d5d, 0x4040cb08, 0x4eb4e2cc,
-                                    0x34d2466a, 0x0115af84, 0xe1b00428,
-                                    0x95983a1d, 0x06b89fb4, 0xce6ea048,
-                                    0x6f3f3b82, 0x3520ab82, 0x011a1d4b,
-                                    0x277227f8, 0x611560b1, 0xe7933fdc,
-                                    0xbb3a792b, 0x344525bd, 0xa08839e1,
-                                    0x51ce794b, 0x2f32c9b7, 0xa01fbac9,
-                                    0xe01cc87e, 0xbcc7d1f6, 0xcf0111c3,
-                                    0xa1e8aac7, 0x1a908749, 0xd44fbd9a,
-                                    0xd0dadecb, 0xd50ada38, 0x0339c32a,
-                                    0xc6913667, 0x8df9317c, 0xe0b12b4f,
-                                    0xf79e59b7, 0x43f5bb3a, 0xf2d519ff,
-                                    0x27d9459c, 0xbf97222c, 0x15e6fc2a,
-                                    0x0f91fc71, 0x9b941525, 0xfae59361,
-                                    0xceb69ceb, 0xc2a86459, 0x12baa8d1,
-                                    0xb6c1075e, 0xe3056a0c, 0x10d25065,
-                                    0xcb03a442, 0xe0ec6e0e, 0x1698db3b,
-                                    0x4c98a0be, 0x3278e964, 0x9f1f9532,
-                                    0xe0d392df, 0xd3a0342b, 0x8971f21e,
-                                    0x1b0a7441, 0x4ba3348c, 0xc5be7120,
-                                    0xc37632d8, 0xdf359f8d, 0x9b992f2e,
-                                    0xe60b6f47, 0x0fe3f11d, 0xe54cda54,
-                                    0x1edad891, 0xce6279cf, 0xcd3e7e6f,
-                                    0x1618b166, 0xfd2c1d05, 0x848fd2c5,
-                                    0xf6fb2299, 0xf523f357, 0xa6327623,
-                                    0x93a83531, 0x56cccd02, 0xacf08162,
-                                    0x5a75ebb5, 0x6e163697, 0x88d273cc,
-                                    0xde966292, 0x81b949d0, 0x4c50901b,
-                                    0x71c65614, 0xe6c6c7bd, 0x327a140a,
-                                    0x45e1d006, 0xc3f27b9a, 0xc9aa53fd,
-                                    0x62a80f00, 0xbb25bfe2, 0x35bdd2f6,
-                                    0x71126905, 0xb2040222, 0xb6cbcf7c,
-                                    0xcd769c2b, 0x53113ec0, 0x1640e3d3,
-                                    0x38abbd60, 0x2547adf0, 0xba38209c,
-                                    0xf746ce76, 0x77afa1c5, 0x20756060,
-                                    0x85cbfe4e, 0x8ae88dd8, 0x7aaaf9b0,
-                                    0x4cf9aa7e, 0x1948c25c, 0x02fb8a8c,
-                                    0x01c36ae4, 0xd6ebe1f9, 0x90d4f869,
-                                    0xa65cdea0, 0x3f09252d, 0xc208e69f,
-                                    0xb74e6132, 0xce77e25b, 0x578fdfe3,
-                                    0x3ac372e6 };
-
+  private static final int[] KS3 = {
+      0x3a39ce37, 0xd3faf5cf, 0xabc27737, 0x5ac52d1b, 0x5cb0679e, 0x4fa33742,
+      0xd3822740, 0x99bc9bbe, 0xd5118e9d, 0xbf0f7315, 0xd62d1c7e, 0xc700c47b,
+      0xb78c1b6b, 0x21a19045, 0xb26eb1be, 0x6a366eb4, 0x5748ab2f, 0xbc946e79,
+      0xc6a376d2, 0x6549c2c8, 0x530ff8ee, 0x468dde7d, 0xd5730a1d, 0x4cd04dc6,
+      0x2939bbdb, 0xa9ba4650, 0xac9526e8, 0xbe5ee304, 0xa1fad5f0, 0x6a2d519a,
+      0x63ef8ce2, 0x9a86ee22, 0xc089c2b8, 0x43242ef6, 0xa51e03aa, 0x9cf2d0a4,
+      0x83c061ba, 0x9be96a4d, 0x8fe51550, 0xba645bd6, 0x2826a2f9, 0xa73a3ae1,
+      0x4ba99586, 0xef5562e9, 0xc72fefd3, 0xf752f7da, 0x3f046f69, 0x77fa0a59,
+      0x80e4a915, 0x87b08601, 0x9b09e6ad, 0x3b3ee593, 0xe990fd5a, 0x9e34d797,
+      0x2cf0b7d9, 0x022b8b51, 0x96d5ac3a, 0x017da67d, 0xd1cf3ed6, 0x7c7d2d28,
+      0x1f9f25cf, 0xadf2b89b, 0x5ad6b472, 0x5a88f54c, 0xe029ac71, 0xe019a5e6,
+      0x47b0acfd, 0xed93fa9b, 0xe8d3c48d, 0x283b57cc, 0xf8d56629, 0x79132e28,
+      0x785f0191, 0xed756055, 0xf7960e44, 0xe3d35e8c, 0x15056dd4, 0x88f46dba,
+      0x03a16125, 0x0564f0bd, 0xc3eb9e15, 0x3c9057a2, 0x97271aec, 0xa93a072a,
+      0x1b3f6d9b, 0x1e6321f5, 0xf59c66fb, 0x26dcf319, 0x7533d928, 0xb155fdf5,
+      0x03563482, 0x8aba3cbb, 0x28517711, 0xc20ad9f8, 0xabcc5167, 0xccad925f,
+      0x4de81751, 0x3830dc8e, 0x379d5862, 0x9320f991, 0xea7a90c2, 0xfb3e7bce,
+      0x5121ce64, 0x774fbe32, 0xa8b6e37e, 0xc3293d46, 0x48de5369, 0x6413e680,
+      0xa2ae0810, 0xdd6db224, 0x69852dfd, 0x09072166, 0xb39a460a, 0x6445c0dd,
+      0x586cdecf, 0x1c20c8ae, 0x5bbef7dd, 0x1b588d40, 0xccd2017f, 0x6bb4e3bb,
+      0xdda26a7e, 0x3a59ff45, 0x3e350a44, 0xbcb4cdd5, 0x72eacea8, 0xfa6484bb,
+      0x8d6612ae, 0xbf3c6f47, 0xd29be463, 0x542f5d9e, 0xaec2771b, 0xf64e6370,
+      0x740e0d8d, 0xe75b1357, 0xf8721671, 0xaf537d5d, 0x4040cb08, 0x4eb4e2cc,
+      0x34d2466a, 0x0115af84, 0xe1b00428, 0x95983a1d, 0x06b89fb4, 0xce6ea048,
+      0x6f3f3b82, 0x3520ab82, 0x011a1d4b, 0x277227f8, 0x611560b1, 0xe7933fdc,
+      0xbb3a792b, 0x344525bd, 0xa08839e1, 0x51ce794b, 0x2f32c9b7, 0xa01fbac9,
+      0xe01cc87e, 0xbcc7d1f6, 0xcf0111c3, 0xa1e8aac7, 0x1a908749, 0xd44fbd9a,
+      0xd0dadecb, 0xd50ada38, 0x0339c32a, 0xc6913667, 0x8df9317c, 0xe0b12b4f,
+      0xf79e59b7, 0x43f5bb3a, 0xf2d519ff, 0x27d9459c, 0xbf97222c, 0x15e6fc2a,
+      0x0f91fc71, 0x9b941525, 0xfae59361, 0xceb69ceb, 0xc2a86459, 0x12baa8d1,
+      0xb6c1075e, 0xe3056a0c, 0x10d25065, 0xcb03a442, 0xe0ec6e0e, 0x1698db3b,
+      0x4c98a0be, 0x3278e964, 0x9f1f9532, 0xe0d392df, 0xd3a0342b, 0x8971f21e,
+      0x1b0a7441, 0x4ba3348c, 0xc5be7120, 0xc37632d8, 0xdf359f8d, 0x9b992f2e,
+      0xe60b6f47, 0x0fe3f11d, 0xe54cda54, 0x1edad891, 0xce6279cf, 0xcd3e7e6f,
+      0x1618b166, 0xfd2c1d05, 0x848fd2c5, 0xf6fb2299, 0xf523f357, 0xa6327623,
+      0x93a83531, 0x56cccd02, 0xacf08162, 0x5a75ebb5, 0x6e163697, 0x88d273cc,
+      0xde966292, 0x81b949d0, 0x4c50901b, 0x71c65614, 0xe6c6c7bd, 0x327a140a,
+      0x45e1d006, 0xc3f27b9a, 0xc9aa53fd, 0x62a80f00, 0xbb25bfe2, 0x35bdd2f6,
+      0x71126905, 0xb2040222, 0xb6cbcf7c, 0xcd769c2b, 0x53113ec0, 0x1640e3d3,
+      0x38abbd60, 0x2547adf0, 0xba38209c, 0xf746ce76, 0x77afa1c5, 0x20756060,
+      0x85cbfe4e, 0x8ae88dd8, 0x7aaaf9b0, 0x4cf9aa7e, 0x1948c25c, 0x02fb8a8c,
+      0x01c36ae4, 0xd6ebe1f9, 0x90d4f869, 0xa65cdea0, 0x3f09252d, 0xc208e69f,
+      0xb74e6132, 0xce77e25b, 0x578fdfe3, 0x3ac372e6 };
   /** Cache of the self test. */
   private static Boolean valid;
-
   /**
    * Test vector, as published in
    * href="http://www.counterpane.com/vectors.txt">http://www.counterpane.com/vectors.txt</a>.
@@ -424,20 +264,13 @@ public class Blowfish extends BaseCipher
    * CT=4EF997456198DD78
    */
   private static final byte[] TV_KEY = Util.toBytesFromString("0000000000000000");
-
   private static final byte[] TV_CT = Util.toBytesFromString("4EF997456198DD78");
 
-  // Constructors
-  // -----------------------------------------------------------------------
-
   public Blowfish()
   {
     super(Registry.BLOWFISH_CIPHER, DEFAULT_BLOCK_SIZE, DEFAULT_KEY_SIZE);
   }
 
-  // Clonable interface implementation.
-  // -----------------------------------------------------------------------
-
   public Object clone()
   {
     Blowfish result = new Blowfish();
@@ -445,36 +278,14 @@ public class Blowfish extends BaseCipher
     return result;
   }
 
-  // Implementations of abstract methods from BaseCipher
-  // -----------------------------------------------------------------------
-
   public Iterator keySizes()
   {
     return new Sequence(8, MAX_KEY_LENGTH, 8).iterator();
-    //       return new Iterator() {
-    //          private int i = 0;
-
-    //          public boolean hasNext() {
-    //             return i <= MAX_KEY_LENGTH-8;
-    //          }
-
-    //          public Object next() {
-    //             if (hasNext()) {
-    //                i += 8;
-    //                return new Integer(i);
-    //             }
-    //             return null;
-    //          }
-
-    //          public void remove() {
-    //             throw new UnsupportedOperationException();
-    //          }
-    //       };
   }
 
   public Iterator blockSizes()
   {
-    return Collections.singleton(new Integer(DEFAULT_BLOCK_SIZE)).iterator();
+    return Collections.singleton(Integer.valueOf(DEFAULT_BLOCK_SIZE)).iterator();
   }
 
   public Object makeKey(byte[] k, int bs)
@@ -485,7 +296,6 @@ public class Blowfish extends BaseCipher
     System.arraycopy(KS1, 0, ctx.s1, 0, KS1.length);
     System.arraycopy(KS2, 0, ctx.s2, 0, KS2.length);
     System.arraycopy(KS3, 0, ctx.s3, 0, KS3.length);
-
     // XOR the key with the P-box
     int l = 0;
     for (int i = 0; i < ctx.p.length; i++)
@@ -495,13 +305,10 @@ public class Blowfish extends BaseCipher
           {
             data = (data << 8) | (k[l++] & 0xff);
             if (l >= k.length)
-              {
-                l = 0;
-              }
+              l = 0;
           }
         ctx.p[i] ^= data;
       }
-
     // We swap the left and right words here only, so we can avoid
     // swapping altogether during encryption/decryption.
     int t;
@@ -559,18 +366,22 @@ public class Blowfish extends BaseCipher
   public void encrypt(byte[] in, int i, byte[] out, int o, Object k, int bs)
   {
     Block x = new Block();
-    x.left = (in[i] & 0xff) << 24 | (in[i + 1] & 0xff) << 16
-             | (in[i + 2] & 0xff) << 8 | (in[i + 3] & 0xff);
-    x.right = (in[i + 4] & 0xff) << 24 | (in[i + 5] & 0xff) << 16
-              | (in[i + 6] & 0xff) << 8 | (in[i + 7] & 0xff);
+    x.left =  (in[i    ] & 0xff) << 24
+            | (in[i + 1] & 0xff) << 16
+            | (in[i + 2] & 0xff) <<  8
+            | (in[i + 3] & 0xff);
+    x.right = (in[i + 4] & 0xff) << 24
+            | (in[i + 5] & 0xff) << 16
+            | (in[i + 6] & 0xff) <<  8
+            | (in[i + 7] & 0xff);
     blowfishEncrypt(x, (Context) k);
-    out[o] = (byte) (x.right >>> 24);
-    out[o + 1] = (byte) (x.right >>> 16);
-    out[o + 2] = (byte) (x.right >>> 8);
+    out[o    ] = (byte)(x.right >>> 24);
+    out[o + 1] = (byte)(x.right >>> 16);
+    out[o + 2] = (byte)(x.right >>>  8);
     out[o + 3] = (byte) x.right;
-    out[o + 4] = (byte) (x.left >>> 24);
-    out[o + 5] = (byte) (x.left >>> 16);
-    out[o + 6] = (byte) (x.left >>> 8);
+    out[o + 4] = (byte)(x.left >>> 24);
+    out[o + 5] = (byte)(x.left >>> 16);
+    out[o + 6] = (byte)(x.left >>>  8);
     out[o + 7] = (byte) x.left;
     x.left = x.right = 0;
   }
@@ -578,63 +389,96 @@ public class Blowfish extends BaseCipher
   public void decrypt(byte[] in, int i, byte[] out, int o, Object k, int bs)
   {
     Block x = new Block();
-    x.left = (in[i] & 0xff) << 24 | (in[i + 1] & 0xff) << 16
-             | (in[i + 2] & 0xff) << 8 | (in[i + 3] & 0xff);
-    x.right = (in[i + 4] & 0xff) << 24 | (in[i + 5] & 0xff) << 16
-              | (in[i + 6] & 0xff) << 8 | (in[i + 7] & 0xff);
+    x.left =  (in[i    ] & 0xff) << 24
+            | (in[i + 1] & 0xff) << 16
+            | (in[i + 2] & 0xff) <<  8
+            | (in[i + 3] & 0xff);
+    x.right = (in[i + 4] & 0xff) << 24
+            | (in[i + 5] & 0xff) << 16
+            | (in[i + 6] & 0xff) <<  8
+            | (in[i + 7] & 0xff);
     blowfishDecrypt(x, (Context) k);
-    out[o] = (byte) (x.right >>> 24);
-    out[o + 1] = (byte) (x.right >>> 16);
-    out[o + 2] = (byte) (x.right >>> 8);
+    out[o    ] = (byte)(x.right >>> 24);
+    out[o + 1] = (byte)(x.right >>> 16);
+    out[o + 2] = (byte)(x.right >>>  8);
     out[o + 3] = (byte) x.right;
-    out[o + 4] = (byte) (x.left >>> 24);
-    out[o + 5] = (byte) (x.left >>> 16);
-    out[o + 6] = (byte) (x.left >>> 8);
+    out[o + 4] = (byte)(x.left >>> 24);
+    out[o + 5] = (byte)(x.left >>> 16);
+    out[o + 6] = (byte)(x.left >>>  8);
     out[o + 7] = (byte) x.left;
     x.left = x.right = 0;
   }
 
-  // Own methods
-  // -----------------------------------------------------------------
-
   /** Encrypt a single pair of 32-bit integers. */
   private void blowfishEncrypt(Block x, Context ctx)
   {
     int[] p = ctx.p;
     int[] s0 = ctx.s0, s1 = ctx.s1, s2 = ctx.s2, s3 = ctx.s3;
     x.left ^= p[0];
-    x.right ^= ((s0[x.left >>> 24] + s1[x.left >>> 16 & 0xff]) ^ s2[x.left >>> 8 & 0xff])
-               + s3[x.left & 0xff] ^ p[1];
-    x.left ^= ((s0[x.right >>> 24] + s1[x.right >>> 16 & 0xff]) ^ s2[x.right >>> 8 & 0xff])
-              + s3[x.right & 0xff] ^ p[2];
-    x.right ^= ((s0[x.left >>> 24] + s1[x.left >>> 16 & 0xff]) ^ s2[x.left >>> 8 & 0xff])
-               + s3[x.left & 0xff] ^ p[3];
-    x.left ^= ((s0[x.right >>> 24] + s1[x.right >>> 16 & 0xff]) ^ s2[x.right >>> 8 & 0xff])
-              + s3[x.right & 0xff] ^ p[4];
-    x.right ^= ((s0[x.left >>> 24] + s1[x.left >>> 16 & 0xff]) ^ s2[x.left >>> 8 & 0xff])
-               + s3[x.left & 0xff] ^ p[5];
-    x.left ^= ((s0[x.right >>> 24] + s1[x.right >>> 16 & 0xff]) ^ s2[x.right >>> 8 & 0xff])
-              + s3[x.right & 0xff] ^ p[6];
-    x.right ^= ((s0[x.left >>> 24] + s1[x.left >>> 16 & 0xff]) ^ s2[x.left >>> 8 & 0xff])
-               + s3[x.left & 0xff] ^ p[7];
-    x.left ^= ((s0[x.right >>> 24] + s1[x.right >>> 16 & 0xff]) ^ s2[x.right >>> 8 & 0xff])
-              + s3[x.right & 0xff] ^ p[8];
-    x.right ^= ((s0[x.left >>> 24] + s1[x.left >>> 16 & 0xff]) ^ s2[x.left >>> 8 & 0xff])
-               + s3[x.left & 0xff] ^ p[9];
-    x.left ^= ((s0[x.right >>> 24] + s1[x.right >>> 16 & 0xff]) ^ s2[x.right >>> 8 & 0xff])
-              + s3[x.right & 0xff] ^ p[10];
-    x.right ^= ((s0[x.left >>> 24] + s1[x.left >>> 16 & 0xff]) ^ s2[x.left >>> 8 & 0xff])
-               + s3[x.left & 0xff] ^ p[11];
-    x.left ^= ((s0[x.right >>> 24] + s1[x.right >>> 16 & 0xff]) ^ s2[x.right >>> 8 & 0xff])
-              + s3[x.right & 0xff] ^ p[12];
-    x.right ^= ((s0[x.left >>> 24] + s1[x.left >>> 16 & 0xff]) ^ s2[x.left >>> 8 & 0xff])
-               + s3[x.left & 0xff] ^ p[13];
-    x.left ^= ((s0[x.right >>> 24] + s1[x.right >>> 16 & 0xff]) ^ s2[x.right >>> 8 & 0xff])
-              + s3[x.right & 0xff] ^ p[14];
-    x.right ^= ((s0[x.left >>> 24] + s1[x.left >>> 16 & 0xff]) ^ s2[x.left >>> 8 & 0xff])
-               + s3[x.left & 0xff] ^ p[15];
-    x.left ^= ((s0[x.right >>> 24] + s1[x.right >>> 16 & 0xff]) ^ s2[x.right >>> 8 & 0xff])
-              + s3[x.right & 0xff] ^ p[16];
+    x.right ^= ((s0[x.left  >>> 24       ]
+               + s1[x.left  >>> 16 & 0xff])
+               ^ s2[x.left  >>>  8 & 0xff])
+               + s3[x.left         & 0xff] ^ p[1];
+    x.left ^=  ((s0[x.right >>> 24       ]
+               + s1[x.right >>> 16 & 0xff])
+               ^ s2[x.right >>>  8 & 0xff])
+               + s3[x.right        & 0xff] ^ p[2];
+    x.right ^= ((s0[x.left  >>> 24       ]
+               + s1[x.left  >>> 16 & 0xff])
+               ^ s2[x.left  >>>  8 & 0xff])
+               + s3[x.left         & 0xff] ^ p[3];
+    x.left ^=  ((s0[x.right >>> 24       ]
+               + s1[x.right >>> 16 & 0xff])
+               ^ s2[x.right >>>  8 & 0xff])
+               + s3[x.right        & 0xff] ^ p[4];
+    x.right ^= ((s0[x.left  >>> 24       ]
+               + s1[x.left  >>> 16 & 0xff])
+               ^ s2[x.left  >>>  8 & 0xff])
+               + s3[x.left         & 0xff] ^ p[5];
+    x.left ^=  ((s0[x.right >>> 24       ]
+               + s1[x.right >>> 16 & 0xff])
+               ^ s2[x.right >>>  8 & 0xff])
+               + s3[x.right        & 0xff] ^ p[6];
+    x.right ^= ((s0[x.left  >>> 24       ]
+               + s1[x.left  >>> 16 & 0xff])
+               ^ s2[x.left  >>>  8 & 0xff])
+               + s3[x.left         & 0xff] ^ p[7];
+    x.left ^=  ((s0[x.right >>> 24       ]
+               + s1[x.right >>> 16 & 0xff])
+               ^ s2[x.right >>>  8 & 0xff])
+               + s3[x.right        & 0xff] ^ p[8];
+    x.right ^= ((s0[x.left  >>> 24       ]
+               + s1[x.left  >>> 16 & 0xff])
+               ^ s2[x.left  >>>  8 & 0xff])
+               + s3[x.left         & 0xff] ^ p[9];
+    x.left ^=  ((s0[x.right >>> 24       ]
+               + s1[x.right >>> 16 & 0xff])
+               ^ s2[x.right >>>  8 & 0xff])
+               + s3[x.right        & 0xff] ^ p[10];
+    x.right ^= ((s0[x.left  >>> 24       ]
+               + s1[x.left  >>> 16 & 0xff])
+               ^ s2[x.left  >>>  8 & 0xff])
+               + s3[x.left         & 0xff] ^ p[11];
+    x.left ^=  ((s0[x.right >>> 24       ]
+               + s1[x.right >>> 16 & 0xff])
+               ^ s2[x.right >>>  8 & 0xff])
+               + s3[x.right        & 0xff] ^ p[12];
+    x.right ^= ((s0[x.left  >>> 24       ]
+               + s1[x.left  >>> 16 & 0xff])
+               ^ s2[x.left  >>>  8 & 0xff])
+               + s3[x.left         & 0xff] ^ p[13];
+    x.left ^=  ((s0[x.right >>> 24       ]
+               + s1[x.right >>> 16 & 0xff])
+               ^ s2[x.right >>>  8 & 0xff])
+               + s3[x.right        & 0xff] ^ p[14];
+    x.right ^= ((s0[x.left  >>> 24       ]
+               + s1[x.left  >>> 16 & 0xff])
+               ^ s2[x.left  >>>  8 & 0xff])
+               + s3[x.left         & 0xff] ^ p[15];
+    x.left ^=  ((s0[x.right >>> 24       ]
+               + s1[x.right >>> 16 & 0xff])
+               ^ s2[x.right >>>  8 & 0xff])
+               + s3[x.right        & 0xff] ^ p[16];
     x.right ^= p[17];
   }
 
@@ -644,38 +488,70 @@ public class Blowfish extends BaseCipher
     int[] p = ctx.p;
     int[] s0 = ctx.s0, s1 = ctx.s1, s2 = ctx.s2, s3 = ctx.s3;
     x.left ^= p[17];
-    x.right ^= ((s0[x.left >>> 24] + s1[x.left >>> 16 & 0xff]) ^ s2[x.left >>> 8 & 0xff])
-               + s3[x.left & 0xff] ^ p[16];
-    x.left ^= ((s0[x.right >>> 24] + s1[x.right >>> 16 & 0xff]) ^ s2[x.right >>> 8 & 0xff])
-              + s3[x.right & 0xff] ^ p[15];
-    x.right ^= ((s0[x.left >>> 24] + s1[x.left >>> 16 & 0xff]) ^ s2[x.left >>> 8 & 0xff])
-               + s3[x.left & 0xff] ^ p[14];
-    x.left ^= ((s0[x.right >>> 24] + s1[x.right >>> 16 & 0xff]) ^ s2[x.right >>> 8 & 0xff])
-              + s3[x.right & 0xff] ^ p[13];
-    x.right ^= ((s0[x.left >>> 24] + s1[x.left >>> 16 & 0xff]) ^ s2[x.left >>> 8 & 0xff])
-               + s3[x.left & 0xff] ^ p[12];
-    x.left ^= ((s0[x.right >>> 24] + s1[x.right >>> 16 & 0xff]) ^ s2[x.right >>> 8 & 0xff])
-              + s3[x.right & 0xff] ^ p[11];
-    x.right ^= ((s0[x.left >>> 24] + s1[x.left >>> 16 & 0xff]) ^ s2[x.left >>> 8 & 0xff])
-               + s3[x.left & 0xff] ^ p[10];
-    x.left ^= ((s0[x.right >>> 24] + s1[x.right >>> 16 & 0xff]) ^ s2[x.right >>> 8 & 0xff])
-              + s3[x.right & 0xff] ^ p[9];
-    x.right ^= ((s0[x.left >>> 24] + s1[x.left >>> 16 & 0xff]) ^ s2[x.left >>> 8 & 0xff])
-               + s3[x.left & 0xff] ^ p[8];
-    x.left ^= ((s0[x.right >>> 24] + s1[x.right >>> 16 & 0xff]) ^ s2[x.right >>> 8 & 0xff])
-              + s3[x.right & 0xff] ^ p[7];
-    x.right ^= ((s0[x.left >>> 24] + s1[x.left >>> 16 & 0xff]) ^ s2[x.left >>> 8 & 0xff])
-               + s3[x.left & 0xff] ^ p[6];
-    x.left ^= ((s0[x.right >>> 24] + s1[x.right >>> 16 & 0xff]) ^ s2[x.right >>> 8 & 0xff])
-              + s3[x.right & 0xff] ^ p[5];
-    x.right ^= ((s0[x.left >>> 24] + s1[x.left >>> 16 & 0xff]) ^ s2[x.left >>> 8 & 0xff])
-               + s3[x.left & 0xff] ^ p[4];
-    x.left ^= ((s0[x.right >>> 24] + s1[x.right >>> 16 & 0xff]) ^ s2[x.right >>> 8 & 0xff])
-              + s3[x.right & 0xff] ^ p[3];
-    x.right ^= ((s0[x.left >>> 24] + s1[x.left >>> 16 & 0xff]) ^ s2[x.left >>> 8 & 0xff])
-               + s3[x.left & 0xff] ^ p[2];
-    x.left ^= ((s0[x.right >>> 24] + s1[x.right >>> 16 & 0xff]) ^ s2[x.right >>> 8 & 0xff])
-              + s3[x.right & 0xff] ^ p[1];
+    x.right ^= ((s0[x.left  >>> 24       ]
+               + s1[x.left  >>> 16 & 0xff])
+               ^ s2[x.left  >>>  8 & 0xff])
+               + s3[x.left         & 0xff] ^ p[16];
+    x.left ^=  ((s0[x.right >>> 24       ]
+               + s1[x.right >>> 16 & 0xff])
+               ^ s2[x.right >>>  8 & 0xff])
+               + s3[x.right        & 0xff] ^ p[15];
+    x.right ^= ((s0[x.left  >>> 24       ]
+               + s1[x.left  >>> 16 & 0xff])
+               ^ s2[x.left  >>>  8 & 0xff])
+               + s3[x.left         & 0xff] ^ p[14];
+    x.left ^=  ((s0[x.right >>> 24       ]
+               + s1[x.right >>> 16 & 0xff])
+               ^ s2[x.right >>>  8 & 0xff])
+               + s3[x.right        & 0xff] ^ p[13];
+    x.right ^= ((s0[x.left  >>> 24       ]
+               + s1[x.left  >>> 16 & 0xff])
+               ^ s2[x.left  >>>  8 & 0xff])
+               + s3[x.left         & 0xff] ^ p[12];
+    x.left ^=  ((s0[x.right >>> 24       ]
+               + s1[x.right >>> 16 & 0xff])
+               ^ s2[x.right >>>  8 & 0xff])
+               + s3[x.right        & 0xff] ^ p[11];
+    x.right ^= ((s0[x.left  >>> 24       ]
+               + s1[x.left  >>> 16 & 0xff])
+               ^ s2[x.left  >>>  8 & 0xff])
+               + s3[x.left         & 0xff] ^ p[10];
+    x.left ^=  ((s0[x.right >>> 24       ]
+               + s1[x.right >>> 16 & 0xff])
+               ^ s2[x.right >>>  8 & 0xff])
+               + s3[x.right        & 0xff] ^ p[9];
+    x.right ^= ((s0[x.left  >>> 24]
+               + s1[x.left  >>> 16 & 0xff])
+               ^ s2[x.left  >>>  8 & 0xff])
+               + s3[x.left         & 0xff] ^ p[8];
+    x.left ^=  ((s0[x.right >>> 24       ]
+               + s1[x.right >>> 16 & 0xff])
+               ^ s2[x.right >>>  8 & 0xff])
+               + s3[x.right        & 0xff] ^ p[7];
+    x.right ^= ((s0[x.left  >>> 24       ]
+               + s1[x.left  >>> 16 & 0xff])
+               ^ s2[x.left  >>>  8 & 0xff])
+               + s3[x.left         & 0xff] ^ p[6];
+    x.left ^=  ((s0[x.right >>> 24       ]
+               + s1[x.right >>> 16 & 0xff])
+               ^ s2[x.right >>>  8 & 0xff])
+               + s3[x.right        & 0xff] ^ p[5];
+    x.right ^= ((s0[x.left  >>> 24       ]
+               + s1[x.left  >>> 16 & 0xff])
+               ^ s2[x.left  >>>  8 & 0xff])
+               + s3[x.left         & 0xff] ^ p[4];
+    x.left ^=  ((s0[x.right >>> 24       ]
+               + s1[x.right >>> 16 & 0xff])
+               ^ s2[x.right >>>  8 & 0xff])
+               + s3[x.right        & 0xff] ^ p[3];
+    x.right ^= ((s0[x.left  >>> 24       ]
+               + s1[x.left  >>> 16 & 0xff])
+               ^ s2[x.left  >>>  8 & 0xff])
+               + s3[x.left         & 0xff] ^ p[2];
+    x.left ^=  ((s0[x.right >>> 24       ]
+               + s1[x.right >>> 16 & 0xff])
+               ^ s2[x.right >>>  8 & 0xff])
+               + s3[x.right        & 0xff] ^ p[1];
     x.right ^= p[0];
   }
 
@@ -685,30 +561,19 @@ public class Blowfish extends BaseCipher
       {
         boolean result = super.selfTest(); // symmetry
         if (result)
-          {
-            result = testKat(TV_KEY, TV_CT);
-          }
+          result = testKat(TV_KEY, TV_CT);
         valid = Boolean.valueOf(result);
       }
     return valid.booleanValue();
   }
 
-  // Inner classes.
-  // -----------------------------------------------------------------------
-
   /** A simple wrapper for the P- and S-boxes. */
-  private class Context implements Cloneable
+  private class Context
+      implements Cloneable
   {
-
-    // Constants and variables.
-    // --------------------------------------------------------------------
-
     /** The P-array. */
     int[] p, s0, s1, s2, s3;
 
-    // Constructors.
-    // --------------------------------------------------------------------
-
     /** Default 0-arguments constructor. */
     Context()
     {
@@ -733,9 +598,6 @@ public class Blowfish extends BaseCipher
       this.s3 = (int[]) that.s3.clone();
     }
 
-    // Clonable interface implementation.
-    // --------------------------------------------------------------------
-
     public Object clone()
     {
       return new Context(this);
@@ -746,4 +608,4 @@ public class Blowfish extends BaseCipher
   {
     int left, right;
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/cipher/Cast5.java b/libjava/classpath/gnu/javax/crypto/cipher/Cast5.java
index a0e0c60f33f..a7521530ce0 100644
--- a/libjava/classpath/gnu/javax/crypto/cipher/Cast5.java
+++ b/libjava/classpath/gnu/javax/crypto/cipher/Cast5.java
@@ -47,12 +47,11 @@ import java.util.Collections;
 import java.util.Iterator;
 
 /**
- * <p>An implmenetation of the <code>CAST5</code> (a.k.a. CAST-128) algorithm,
- * as per <i>RFC-2144</i>, dated May 1997.</p>
- *
- * <p>In this RFC, <i>Carlisle Adams</i> (the CA in CAST, ST stands for
- * <i>Stafford Tavares</i>) describes CAST5 as:</p>
- *
+ * An implmenetation of the <code>CAST5</code> (a.k.a. CAST-128) algorithm,
+ * as per <i>RFC-2144</i>, dated May 1997.
+ * <p>
+ * In this RFC, <i>Carlisle Adams</i> (the CA in CAST, ST stands for
+ * <i>Stafford Tavares</i>) describes CAST5 as:
  * <blockquote>
  *    "...a DES-like Substitution-Permutation Network (SPN) cryptosystem which
  *    appears to have good resistance to differential cryptanalysis, linear
@@ -61,19 +60,18 @@ import java.util.Iterator;
  *    Strict Avalanche Criterion (SAC), Bit Independence Criterion (BIC), no
  *    complementation property, and an absence of weak and semi-weak keys."
  * </blockquote>
- *
- * <p><code>CAST5</code> is a symmetric block cipher with a block-size of 8
+ * <p>
+ * <code>CAST5</code> is a symmetric block cipher with a block-size of 8
  * bytes and a variable key-size of up to 128 bits. Its authors, and their
  * employer (Entrust Technologies, a Nortel majority-owned company), made it
  * available worldwide on a royalty-free basis for commercial and non-commercial
- * uses.</p>
- *
- * <p>The <code>CAST5</code> encryption algorithm has been designed to allow a
+ * uses.
+ * <p>
+ * The <code>CAST5</code> encryption algorithm has been designed to allow a
  * key size that can vary from <code>40</code> bits to <code>128</code> bits,
  * in 8-bit increments (that is, the allowable key sizes are <code>40, 48, 56,
  * 64, ..., 112, 120,</code> and <code>128</code> bits. For variable keysize
- * operation, the specification is as follows:</p>
- *
+ * operation, the specification is as follows:
  * <ol>
  *   <li>For key sizes up to and including <code>80</code> bits (i.e.,
  *    <code>40, 48, 56, 64, 72,</code> and <code>80</code> bits), the algorithm
@@ -86,25 +84,19 @@ import java.util.Iterator;
  *    <code>128</code> bits (since the <code>CAST5</code> key schedule assumes
  *    an input key of <code>128</code> bits).</li>
  * </ol>
- *
- * <p>References:</p>
- *
+ * <p>
+ * References:
  * <ol>
  *    <li><a href="http://www.ietf.org/rfc/rfc2144.txt">The CAST-128 Encryption
  *    Algorithm</a>.<br>
  *    <a href="mailto:cadams@entrust.com">Carlisle Adams</a>.</li>
  * </ol>
  */
-public class Cast5 extends BaseCipher
+public class Cast5
+    extends BaseCipher
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   private static final int DEFAULT_BLOCK_SIZE = 8; // in bytes
-
   private static final int DEFAULT_KEY_SIZE = 5; // in bytes
-
   /**
    * KAT vector (from rfc-2144):
    * 40-bit  key         = 01 23 45 67 12
@@ -113,727 +105,372 @@ public class Cast5 extends BaseCipher
    *         ciphertext  = 7A C8 16 D1 6E 9B 30 2E
    */
   private static final byte[] KAT_KEY = Util.toBytesFromString("0123456712");
-
   private static final byte[] KAT_PT = Util.toBytesFromString("0123456789ABCDEF");
-
   private static final byte[] KAT_CT = Util.toBytesFromString("7AC816D16E9B302E");
-
   /** caches the result of the correctness test, once executed. */
   private static Boolean valid;
-
   // CAST5 S-boxes
-  private static final int[] S1 = { 0x30FB40D4, 0x9FA0FF0B, 0x6BECCD2F,
-                                   0x3F258C7A, 0x1E213F2F, 0x9C004DD3,
-                                   0x6003E540, 0xCF9FC949, 0xBFD4AF27,
-                                   0x88BBBDB5, 0xE2034090, 0x98D09675,
-                                   0x6E63A0E0, 0x15C361D2, 0xC2E7661D,
-                                   0x22D4FF8E, 0x28683B6F, 0xC07FD059,
-                                   0xFF2379C8, 0x775F50E2, 0x43C340D3,
-                                   0xDF2F8656, 0x887CA41A, 0xA2D2BD2D,
-                                   0xA1C9E0D6, 0x346C4819, 0x61B76D87,
-                                   0x22540F2F, 0x2ABE32E1, 0xAA54166B,
-                                   0x22568E3A, 0xA2D341D0, 0x66DB40C8,
-                                   0xA784392F, 0x004DFF2F, 0x2DB9D2DE,
-                                   0x97943FAC, 0x4A97C1D8, 0x527644B7,
-                                   0xB5F437A7, 0xB82CBAEF, 0xD751D159,
-                                   0x6FF7F0ED, 0x5A097A1F, 0x827B68D0,
-                                   0x90ECF52E, 0x22B0C054, 0xBC8E5935,
-                                   0x4B6D2F7F, 0x50BB64A2, 0xD2664910,
-                                   0xBEE5812D, 0xB7332290, 0xE93B159F,
-                                   0xB48EE411, 0x4BFF345D, 0xFD45C240,
-                                   0xAD31973F, 0xC4F6D02E, 0x55FC8165,
-                                   0xD5B1CAAD, 0xA1AC2DAE, 0xA2D4B76D,
-                                   0xC19B0C50, 0x882240F2, 0x0C6E4F38,
-                                   0xA4E4BFD7, 0x4F5BA272, 0x564C1D2F,
-                                   0xC59C5319, 0xB949E354, 0xB04669FE,
-                                   0xB1B6AB8A, 0xC71358DD, 0x6385C545,
-                                   0x110F935D, 0x57538AD5, 0x6A390493,
-                                   0xE63D37E0, 0x2A54F6B3, 0x3A787D5F,
-                                   0x6276A0B5, 0x19A6FCDF, 0x7A42206A,
-                                   0x29F9D4D5, 0xF61B1891, 0xBB72275E,
-                                   0xAA508167, 0x38901091, 0xC6B505EB,
-                                   0x84C7CB8C, 0x2AD75A0F, 0x874A1427,
-                                   0xA2D1936B, 0x2AD286AF, 0xAA56D291,
-                                   0xD7894360, 0x425C750D, 0x93B39E26,
-                                   0x187184C9, 0x6C00B32D, 0x73E2BB14,
-                                   0xA0BEBC3C, 0x54623779, 0x64459EAB,
-                                   0x3F328B82, 0x7718CF82, 0x59A2CEA6,
-                                   0x04EE002E, 0x89FE78E6, 0x3FAB0950,
-                                   0x325FF6C2, 0x81383F05, 0x6963C5C8,
-                                   0x76CB5AD6, 0xD49974C9, 0xCA180DCF,
-                                   0x380782D5, 0xC7FA5CF6, 0x8AC31511,
-                                   0x35E79E13, 0x47DA91D0, 0xF40F9086,
-                                   0xA7E2419E, 0x31366241, 0x051EF495,
-                                   0xAA573B04, 0x4A805D8D, 0x548300D0,
-                                   0x00322A3C, 0xBF64CDDF, 0xBA57A68E,
-                                   0x75C6372B, 0x50AFD341, 0xA7C13275,
-                                   0x915A0BF5, 0x6B54BFAB, 0x2B0B1426,
-                                   0xAB4CC9D7, 0x449CCD82, 0xF7FBF265,
-                                   0xAB85C5F3, 0x1B55DB94, 0xAAD4E324,
-                                   0xCFA4BD3F, 0x2DEAA3E2, 0x9E204D02,
-                                   0xC8BD25AC, 0xEADF55B3, 0xD5BD9E98,
-                                   0xE31231B2, 0x2AD5AD6C, 0x954329DE,
-                                   0xADBE4528, 0xD8710F69, 0xAA51C90F,
-                                   0xAA786BF6, 0x22513F1E, 0xAA51A79B,
-                                   0x2AD344CC, 0x7B5A41F0, 0xD37CFBAD,
-                                   0x1B069505, 0x41ECE491, 0xB4C332E6,
-                                   0x032268D4, 0xC9600ACC, 0xCE387E6D,
-                                   0xBF6BB16C, 0x6A70FB78, 0x0D03D9C9,
-                                   0xD4DF39DE, 0xE01063DA, 0x4736F464,
-                                   0x5AD328D8, 0xB347CC96, 0x75BB0FC3,
-                                   0x98511BFB, 0x4FFBCC35, 0xB58BCF6A,
-                                   0xE11F0ABC, 0xBFC5FE4A, 0xA70AEC10,
-                                   0xAC39570A, 0x3F04442F, 0x6188B153,
-                                   0xE0397A2E, 0x5727CB79, 0x9CEB418F,
-                                   0x1CACD68D, 0x2AD37C96, 0x0175CB9D,
-                                   0xC69DFF09, 0xC75B65F0, 0xD9DB40D8,
-                                   0xEC0E7779, 0x4744EAD4, 0xB11C3274,
-                                   0xDD24CB9E, 0x7E1C54BD, 0xF01144F9,
-                                   0xD2240EB1, 0x9675B3FD, 0xA3AC3755,
-                                   0xD47C27AF, 0x51C85F4D, 0x56907596,
-                                   0xA5BB15E6, 0x580304F0, 0xCA042CF1,
-                                   0x011A37EA, 0x8DBFAADB, 0x35BA3E4A,
-                                   0x3526FFA0, 0xC37B4D09, 0xBC306ED9,
-                                   0x98A52666, 0x5648F725, 0xFF5E569D,
-                                   0x0CED63D0, 0x7C63B2CF, 0x700B45E1,
-                                   0xD5EA50F1, 0x85A92872, 0xAF1FBDA7,
-                                   0xD4234870, 0xA7870BF3, 0x2D3B4D79,
-                                   0x42E04198, 0x0CD0EDE7, 0x26470DB8,
-                                   0xF881814C, 0x474D6AD7, 0x7C0C5E5C,
-                                   0xD1231959, 0x381B7298, 0xF5D2F4DB,
-                                   0xAB838653, 0x6E2F1E23, 0x83719C9E,
-                                   0xBD91E046, 0x9A56456E, 0xDC39200C,
-                                   0x20C8C571, 0x962BDA1C, 0xE1E696FF,
-                                   0xB141AB08, 0x7CCA89B9, 0x1A69E783,
-                                   0x02CC4843, 0xA2F7C579, 0x429EF47D,
-                                   0x427B169C, 0x5AC9F049, 0xDD8F0F00,
-                                   0x5C8165BF };
-
-  private static final int[] S2 = { 0x1F201094, 0xEF0BA75B, 0x69E3CF7E,
-                                   0x393F4380, 0xFE61CF7A, 0xEEC5207A,
-                                   0x55889C94, 0x72FC0651, 0xADA7EF79,
-                                   0x4E1D7235, 0xD55A63CE, 0xDE0436BA,
-                                   0x99C430EF, 0x5F0C0794, 0x18DCDB7D,
-                                   0xA1D6EFF3, 0xA0B52F7B, 0x59E83605,
-                                   0xEE15B094, 0xE9FFD909, 0xDC440086,
-                                   0xEF944459, 0xBA83CCB3, 0xE0C3CDFB,
-                                   0xD1DA4181, 0x3B092AB1, 0xF997F1C1,
-                                   0xA5E6CF7B, 0x01420DDB, 0xE4E7EF5B,
-                                   0x25A1FF41, 0xE180F806, 0x1FC41080,
-                                   0x179BEE7A, 0xD37AC6A9, 0xFE5830A4,
-                                   0x98DE8B7F, 0x77E83F4E, 0x79929269,
-                                   0x24FA9F7B, 0xE113C85B, 0xACC40083,
-                                   0xD7503525, 0xF7EA615F, 0x62143154,
-                                   0x0D554B63, 0x5D681121, 0xC866C359,
-                                   0x3D63CF73, 0xCEE234C0, 0xD4D87E87,
-                                   0x5C672B21, 0x071F6181, 0x39F7627F,
-                                   0x361E3084, 0xE4EB573B, 0x602F64A4,
-                                   0xD63ACD9C, 0x1BBC4635, 0x9E81032D,
-                                   0x2701F50C, 0x99847AB4, 0xA0E3DF79,
-                                   0xBA6CF38C, 0x10843094, 0x2537A95E,
-                                   0xF46F6FFE, 0xA1FF3B1F, 0x208CFB6A,
-                                   0x8F458C74, 0xD9E0A227, 0x4EC73A34,
-                                   0xFC884F69, 0x3E4DE8DF, 0xEF0E0088,
-                                   0x3559648D, 0x8A45388C, 0x1D804366,
-                                   0x721D9BFD, 0xA58684BB, 0xE8256333,
-                                   0x844E8212, 0x128D8098, 0xFED33FB4,
-                                   0xCE280AE1, 0x27E19BA5, 0xD5A6C252,
-                                   0xE49754BD, 0xC5D655DD, 0xEB667064,
-                                   0x77840B4D, 0xA1B6A801, 0x84DB26A9,
-                                   0xE0B56714, 0x21F043B7, 0xE5D05860,
-                                   0x54F03084, 0x066FF472, 0xA31AA153,
-                                   0xDADC4755, 0xB5625DBF, 0x68561BE6,
-                                   0x83CA6B94, 0x2D6ED23B, 0xECCF01DB,
-                                   0xA6D3D0BA, 0xB6803D5C, 0xAF77A709,
-                                   0x33B4A34C, 0x397BC8D6, 0x5EE22B95,
-                                   0x5F0E5304, 0x81ED6F61, 0x20E74364,
-                                   0xB45E1378, 0xDE18639B, 0x881CA122,
-                                   0xB96726D1, 0x8049A7E8, 0x22B7DA7B,
-                                   0x5E552D25, 0x5272D237, 0x79D2951C,
-                                   0xC60D894C, 0x488CB402, 0x1BA4FE5B,
-                                   0xA4B09F6B, 0x1CA815CF, 0xA20C3005,
-                                   0x8871DF63, 0xB9DE2FCB, 0x0CC6C9E9,
-                                   0x0BEEFF53, 0xE3214517, 0xB4542835,
-                                   0x9F63293C, 0xEE41E729, 0x6E1D2D7C,
-                                   0x50045286, 0x1E6685F3, 0xF33401C6,
-                                   0x30A22C95, 0x31A70850, 0x60930F13,
-                                   0x73F98417, 0xA1269859, 0xEC645C44,
-                                   0x52C877A9, 0xCDFF33A6, 0xA02B1741,
-                                   0x7CBAD9A2, 0x2180036F, 0x50D99C08,
-                                   0xCB3F4861, 0xC26BD765, 0x64A3F6AB,
-                                   0x80342676, 0x25A75E7B, 0xE4E6D1FC,
-                                   0x20C710E6, 0xCDF0B680, 0x17844D3B,
-                                   0x31EEF84D, 0x7E0824E4, 0x2CCB49EB,
-                                   0x846A3BAE, 0x8FF77888, 0xEE5D60F6,
-                                   0x7AF75673, 0x2FDD5CDB, 0xA11631C1,
-                                   0x30F66F43, 0xB3FAEC54, 0x157FD7FA,
-                                   0xEF8579CC, 0xD152DE58, 0xDB2FFD5E,
-                                   0x8F32CE19, 0x306AF97A, 0x02F03EF8,
-                                   0x99319AD5, 0xC242FA0F, 0xA7E3EBB0,
-                                   0xC68E4906, 0xB8DA230C, 0x80823028,
-                                   0xDCDEF3C8, 0xD35FB171, 0x088A1BC8,
-                                   0xBEC0C560, 0x61A3C9E8, 0xBCA8F54D,
-                                   0xC72FEFFA, 0x22822E99, 0x82C570B4,
-                                   0xD8D94E89, 0x8B1C34BC, 0x301E16E6,
-                                   0x273BE979, 0xB0FFEAA6, 0x61D9B8C6,
-                                   0x00B24869, 0xB7FFCE3F, 0x08DC283B,
-                                   0x43DAF65A, 0xF7E19798, 0x7619B72F,
-                                   0x8F1C9BA4, 0xDC8637A0, 0x16A7D3B1,
-                                   0x9FC393B7, 0xA7136EEB, 0xC6BCC63E,
-                                   0x1A513742, 0xEF6828BC, 0x520365D6,
-                                   0x2D6A77AB, 0x3527ED4B, 0x821FD216,
-                                   0x095C6E2E, 0xDB92F2FB, 0x5EEA29CB,
-                                   0x145892F5, 0x91584F7F, 0x5483697B,
-                                   0x2667A8CC, 0x85196048, 0x8C4BACEA,
-                                   0x833860D4, 0x0D23E0F9, 0x6C387E8A,
-                                   0x0AE6D249, 0xB284600C, 0xD835731D,
-                                   0xDCB1C647, 0xAC4C56EA, 0x3EBD81B3,
-                                   0x230EABB0, 0x6438BC87, 0xF0B5B1FA,
-                                   0x8F5EA2B3, 0xFC184642, 0x0A036B7A,
-                                   0x4FB089BD, 0x649DA589, 0xA345415E,
-                                   0x5C038323, 0x3E5D3BB9, 0x43D79572,
-                                   0x7E6DD07C, 0x06DFDF1E, 0x6C6CC4EF,
-                                   0x7160A539, 0x73BFBE70, 0x83877605,
-                                   0x4523ECF1 };
-
-  private static final int[] S3 = { 0x8DEFC240, 0x25FA5D9F, 0xEB903DBF,
-                                   0xE810C907, 0x47607FFF, 0x369FE44B,
-                                   0x8C1FC644, 0xAECECA90, 0xBEB1F9BF,
-                                   0xEEFBCAEA, 0xE8CF1950, 0x51DF07AE,
-                                   0x920E8806, 0xF0AD0548, 0xE13C8D83,
-                                   0x927010D5, 0x11107D9F, 0x07647DB9,
-                                   0xB2E3E4D4, 0x3D4F285E, 0xB9AFA820,
-                                   0xFADE82E0, 0xA067268B, 0x8272792E,
-                                   0x553FB2C0, 0x489AE22B, 0xD4EF9794,
-                                   0x125E3FBC, 0x21FFFCEE, 0x825B1BFD,
-                                   0x9255C5ED, 0x1257A240, 0x4E1A8302,
-                                   0xBAE07FFF, 0x528246E7, 0x8E57140E,
-                                   0x3373F7BF, 0x8C9F8188, 0xA6FC4EE8,
-                                   0xC982B5A5, 0xA8C01DB7, 0x579FC264,
-                                   0x67094F31, 0xF2BD3F5F, 0x40FFF7C1,
-                                   0x1FB78DFC, 0x8E6BD2C1, 0x437BE59B,
-                                   0x99B03DBF, 0xB5DBC64B, 0x638DC0E6,
-                                   0x55819D99, 0xA197C81C, 0x4A012D6E,
-                                   0xC5884A28, 0xCCC36F71, 0xB843C213,
-                                   0x6C0743F1, 0x8309893C, 0x0FEDDD5F,
-                                   0x2F7FE850, 0xD7C07F7E, 0x02507FBF,
-                                   0x5AFB9A04, 0xA747D2D0, 0x1651192E,
-                                   0xAF70BF3E, 0x58C31380, 0x5F98302E,
-                                   0x727CC3C4, 0x0A0FB402, 0x0F7FEF82,
-                                   0x8C96FDAD, 0x5D2C2AAE, 0x8EE99A49,
-                                   0x50DA88B8, 0x8427F4A0, 0x1EAC5790,
-                                   0x796FB449, 0x8252DC15, 0xEFBD7D9B,
-                                   0xA672597D, 0xADA840D8, 0x45F54504,
-                                   0xFA5D7403, 0xE83EC305, 0x4F91751A,
-                                   0x925669C2, 0x23EFE941, 0xA903F12E,
-                                   0x60270DF2, 0x0276E4B6, 0x94FD6574,
-                                   0x927985B2, 0x8276DBCB, 0x02778176,
-                                   0xF8AF918D, 0x4E48F79E, 0x8F616DDF,
-                                   0xE29D840E, 0x842F7D83, 0x340CE5C8,
-                                   0x96BBB682, 0x93B4B148, 0xEF303CAB,
-                                   0x984FAF28, 0x779FAF9B, 0x92DC560D,
-                                   0x224D1E20, 0x8437AA88, 0x7D29DC96,
-                                   0x2756D3DC, 0x8B907CEE, 0xB51FD240,
-                                   0xE7C07CE3, 0xE566B4A1, 0xC3E9615E,
-                                   0x3CF8209D, 0x6094D1E3, 0xCD9CA341,
-                                   0x5C76460E, 0x00EA983B, 0xD4D67881,
-                                   0xFD47572C, 0xF76CEDD9, 0xBDA8229C,
-                                   0x127DADAA, 0x438A074E, 0x1F97C090,
-                                   0x081BDB8A, 0x93A07EBE, 0xB938CA15,
-                                   0x97B03CFF, 0x3DC2C0F8, 0x8D1AB2EC,
-                                   0x64380E51, 0x68CC7BFB, 0xD90F2788,
-                                   0x12490181, 0x5DE5FFD4, 0xDD7EF86A,
-                                   0x76A2E214, 0xB9A40368, 0x925D958F,
-                                   0x4B39FFFA, 0xBA39AEE9, 0xA4FFD30B,
-                                   0xFAF7933B, 0x6D498623, 0x193CBCFA,
-                                   0x27627545, 0x825CF47A, 0x61BD8BA0,
-                                   0xD11E42D1, 0xCEAD04F4, 0x127EA392,
-                                   0x10428DB7, 0x8272A972, 0x9270C4A8,
-                                   0x127DE50B, 0x285BA1C8, 0x3C62F44F,
-                                   0x35C0EAA5, 0xE805D231, 0x428929FB,
-                                   0xB4FCDF82, 0x4FB66A53, 0x0E7DC15B,
-                                   0x1F081FAB, 0x108618AE, 0xFCFD086D,
-                                   0xF9FF2889, 0x694BCC11, 0x236A5CAE,
-                                   0x12DECA4D, 0x2C3F8CC5, 0xD2D02DFE,
-                                   0xF8EF5896, 0xE4CF52DA, 0x95155B67,
-                                   0x494A488C, 0xB9B6A80C, 0x5C8F82BC,
-                                   0x89D36B45, 0x3A609437, 0xEC00C9A9,
-                                   0x44715253, 0x0A874B49, 0xD773BC40,
-                                   0x7C34671C, 0x02717EF6, 0x4FEB5536,
-                                   0xA2D02FFF, 0xD2BF60C4, 0xD43F03C0,
-                                   0x50B4EF6D, 0x07478CD1, 0x006E1888,
-                                   0xA2E53F55, 0xB9E6D4BC, 0xA2048016,
-                                   0x97573833, 0xD7207D67, 0xDE0F8F3D,
-                                   0x72F87B33, 0xABCC4F33, 0x7688C55D,
-                                   0x7B00A6B0, 0x947B0001, 0x570075D2,
-                                   0xF9BB88F8, 0x8942019E, 0x4264A5FF,
-                                   0x856302E0, 0x72DBD92B, 0xEE971B69,
-                                   0x6EA22FDE, 0x5F08AE2B, 0xAF7A616D,
-                                   0xE5C98767, 0xCF1FEBD2, 0x61EFC8C2,
-                                   0xF1AC2571, 0xCC8239C2, 0x67214CB8,
-                                   0xB1E583D1, 0xB7DC3E62, 0x7F10BDCE,
-                                   0xF90A5C38, 0x0FF0443D, 0x606E6DC6,
-                                   0x60543A49, 0x5727C148, 0x2BE98A1D,
-                                   0x8AB41738, 0x20E1BE24, 0xAF96DA0F,
-                                   0x68458425, 0x99833BE5, 0x600D457D,
-                                   0x282F9350, 0x8334B362, 0xD91D1120,
-                                   0x2B6D8DA0, 0x642B1E31, 0x9C305A00,
-                                   0x52BCE688, 0x1B03588A, 0xF7BAEFD5,
-                                   0x4142ED9C, 0xA4315C11, 0x83323EC5,
-                                   0xDFEF4636, 0xA133C501, 0xE9D3531C,
-                                   0xEE353783 };
-
-  private static final int[] S4 = { 0x9DB30420, 0x1FB6E9DE, 0xA7BE7BEF,
-                                   0xD273A298, 0x4A4F7BDB, 0x64AD8C57,
-                                   0x85510443, 0xFA020ED1, 0x7E287AFF,
-                                   0xE60FB663, 0x095F35A1, 0x79EBF120,
-                                   0xFD059D43, 0x6497B7B1, 0xF3641F63,
-                                   0x241E4ADF, 0x28147F5F, 0x4FA2B8CD,
-                                   0xC9430040, 0x0CC32220, 0xFDD30B30,
-                                   0xC0A5374F, 0x1D2D00D9, 0x24147B15,
-                                   0xEE4D111A, 0x0FCA5167, 0x71FF904C,
-                                   0x2D195FFE, 0x1A05645F, 0x0C13FEFE,
-                                   0x081B08CA, 0x05170121, 0x80530100,
-                                   0xE83E5EFE, 0xAC9AF4F8, 0x7FE72701,
-                                   0xD2B8EE5F, 0x06DF4261, 0xBB9E9B8A,
-                                   0x7293EA25, 0xCE84FFDF, 0xF5718801,
-                                   0x3DD64B04, 0xA26F263B, 0x7ED48400,
-                                   0x547EEBE6, 0x446D4CA0, 0x6CF3D6F5,
-                                   0x2649ABDF, 0xAEA0C7F5, 0x36338CC1,
-                                   0x503F7E93, 0xD3772061, 0x11B638E1,
-                                   0x72500E03, 0xF80EB2BB, 0xABE0502E,
-                                   0xEC8D77DE, 0x57971E81, 0xE14F6746,
-                                   0xC9335400, 0x6920318F, 0x081DBB99,
-                                   0xFFC304A5, 0x4D351805, 0x7F3D5CE3,
-                                   0xA6C866C6, 0x5D5BCCA9, 0xDAEC6FEA,
-                                   0x9F926F91, 0x9F46222F, 0x3991467D,
-                                   0xA5BF6D8E, 0x1143C44F, 0x43958302,
-                                   0xD0214EEB, 0x022083B8, 0x3FB6180C,
-                                   0x18F8931E, 0x281658E6, 0x26486E3E,
-                                   0x8BD78A70, 0x7477E4C1, 0xB506E07C,
-                                   0xF32D0A25, 0x79098B02, 0xE4EABB81,
-                                   0x28123B23, 0x69DEAD38, 0x1574CA16,
-                                   0xDF871B62, 0x211C40B7, 0xA51A9EF9,
-                                   0x0014377B, 0x041E8AC8, 0x09114003,
-                                   0xBD59E4D2, 0xE3D156D5, 0x4FE876D5,
-                                   0x2F91A340, 0x557BE8DE, 0x00EAE4A7,
-                                   0x0CE5C2EC, 0x4DB4BBA6, 0xE756BDFF,
-                                   0xDD3369AC, 0xEC17B035, 0x06572327,
-                                   0x99AFC8B0, 0x56C8C391, 0x6B65811C,
-                                   0x5E146119, 0x6E85CB75, 0xBE07C002,
-                                   0xC2325577, 0x893FF4EC, 0x5BBFC92D,
-                                   0xD0EC3B25, 0xB7801AB7, 0x8D6D3B24,
-                                   0x20C763EF, 0xC366A5FC, 0x9C382880,
-                                   0x0ACE3205, 0xAAC9548A, 0xECA1D7C7,
-                                   0x041AFA32, 0x1D16625A, 0x6701902C,
-                                   0x9B757A54, 0x31D477F7, 0x9126B031,
-                                   0x36CC6FDB, 0xC70B8B46, 0xD9E66A48,
-                                   0x56E55A79, 0x026A4CEB, 0x52437EFF,
-                                   0x2F8F76B4, 0x0DF980A5, 0x8674CDE3,
-                                   0xEDDA04EB, 0x17A9BE04, 0x2C18F4DF,
-                                   0xB7747F9D, 0xAB2AF7B4, 0xEFC34D20,
-                                   0x2E096B7C, 0x1741A254, 0xE5B6A035,
-                                   0x213D42F6, 0x2C1C7C26, 0x61C2F50F,
-                                   0x6552DAF9, 0xD2C231F8, 0x25130F69,
-                                   0xD8167FA2, 0x0418F2C8, 0x001A96A6,
-                                   0x0D1526AB, 0x63315C21, 0x5E0A72EC,
-                                   0x49BAFEFD, 0x187908D9, 0x8D0DBD86,
-                                   0x311170A7, 0x3E9B640C, 0xCC3E10D7,
-                                   0xD5CAD3B6, 0x0CAEC388, 0xF73001E1,
-                                   0x6C728AFF, 0x71EAE2A1, 0x1F9AF36E,
-                                   0xCFCBD12F, 0xC1DE8417, 0xAC07BE6B,
-                                   0xCB44A1D8, 0x8B9B0F56, 0x013988C3,
-                                   0xB1C52FCA, 0xB4BE31CD, 0xD8782806,
-                                   0x12A3A4E2, 0x6F7DE532, 0x58FD7EB6,
-                                   0xD01EE900, 0x24ADFFC2, 0xF4990FC5,
-                                   0x9711AAC5, 0x001D7B95, 0x82E5E7D2,
-                                   0x109873F6, 0x00613096, 0xC32D9521,
-                                   0xADA121FF, 0x29908415, 0x7FBB977F,
-                                   0xAF9EB3DB, 0x29C9ED2A, 0x5CE2A465,
-                                   0xA730F32C, 0xD0AA3FE8, 0x8A5CC091,
-                                   0xD49E2CE7, 0x0CE454A9, 0xD60ACD86,
-                                   0x015F1919, 0x77079103, 0xDEA03AF6,
-                                   0x78A8565E, 0xDEE356DF, 0x21F05CBE,
-                                   0x8B75E387, 0xB3C50651, 0xB8A5C3EF,
-                                   0xD8EEB6D2, 0xE523BE77, 0xC2154529,
-                                   0x2F69EFDF, 0xAFE67AFB, 0xF470C4B2,
-                                   0xF3E0EB5B, 0xD6CC9876, 0x39E4460C,
-                                   0x1FDA8538, 0x1987832F, 0xCA007367,
-                                   0xA99144F8, 0x296B299E, 0x492FC295,
-                                   0x9266BEAB, 0xB5676E69, 0x9BD3DDDA,
-                                   0xDF7E052F, 0xDB25701C, 0x1B5E51EE,
-                                   0xF65324E6, 0x6AFCE36C, 0x0316CC04,
-                                   0x8644213E, 0xB7DC59D0, 0x7965291F,
-                                   0xCCD6FD43, 0x41823979, 0x932BCDF6,
-                                   0xB657C34D, 0x4EDFD282, 0x7AE5290C,
-                                   0x3CB9536B, 0x851E20FE, 0x9833557E,
-                                   0x13ECF0B0, 0xD3FFB372, 0x3F85C5C1,
-                                   0x0AEF7ED2 };
-
-  private static final int[] S5 = { 0x7EC90C04, 0x2C6E74B9, 0x9B0E66DF,
-                                   0xA6337911, 0xB86A7FFF, 0x1DD358F5,
-                                   0x44DD9D44, 0x1731167F, 0x08FBF1FA,
-                                   0xE7F511CC, 0xD2051B00, 0x735ABA00,
-                                   0x2AB722D8, 0x386381CB, 0xACF6243A,
-                                   0x69BEFD7A, 0xE6A2E77F, 0xF0C720CD,
-                                   0xC4494816, 0xCCF5C180, 0x38851640,
-                                   0x15B0A848, 0xE68B18CB, 0x4CAADEFF,
-                                   0x5F480A01, 0x0412B2AA, 0x259814FC,
-                                   0x41D0EFE2, 0x4E40B48D, 0x248EB6FB,
-                                   0x8DBA1CFE, 0x41A99B02, 0x1A550A04,
-                                   0xBA8F65CB, 0x7251F4E7, 0x95A51725,
-                                   0xC106ECD7, 0x97A5980A, 0xC539B9AA,
-                                   0x4D79FE6A, 0xF2F3F763, 0x68AF8040,
-                                   0xED0C9E56, 0x11B4958B, 0xE1EB5A88,
-                                   0x8709E6B0, 0xD7E07156, 0x4E29FEA7,
-                                   0x6366E52D, 0x02D1C000, 0xC4AC8E05,
-                                   0x9377F571, 0x0C05372A, 0x578535F2,
-                                   0x2261BE02, 0xD642A0C9, 0xDF13A280,
-                                   0x74B55BD2, 0x682199C0, 0xD421E5EC,
-                                   0x53FB3CE8, 0xC8ADEDB3, 0x28A87FC9,
-                                   0x3D959981, 0x5C1FF900, 0xFE38D399,
-                                   0x0C4EFF0B, 0x062407EA, 0xAA2F4FB1,
-                                   0x4FB96976, 0x90C79505, 0xB0A8A774,
-                                   0xEF55A1FF, 0xE59CA2C2, 0xA6B62D27,
-                                   0xE66A4263, 0xDF65001F, 0x0EC50966,
-                                   0xDFDD55BC, 0x29DE0655, 0x911E739A,
-                                   0x17AF8975, 0x32C7911C, 0x89F89468,
-                                   0x0D01E980, 0x524755F4, 0x03B63CC9,
-                                   0x0CC844B2, 0xBCF3F0AA, 0x87AC36E9,
-                                   0xE53A7426, 0x01B3D82B, 0x1A9E7449,
-                                   0x64EE2D7E, 0xCDDBB1DA, 0x01C94910,
-                                   0xB868BF80, 0x0D26F3FD, 0x9342EDE7,
-                                   0x04A5C284, 0x636737B6, 0x50F5B616,
-                                   0xF24766E3, 0x8ECA36C1, 0x136E05DB,
-                                   0xFEF18391, 0xFB887A37, 0xD6E7F7D4,
-                                   0xC7FB7DC9, 0x3063FCDF, 0xB6F589DE,
-                                   0xEC2941DA, 0x26E46695, 0xB7566419,
-                                   0xF654EFC5, 0xD08D58B7, 0x48925401,
-                                   0xC1BACB7F, 0xE5FF550F, 0xB6083049,
-                                   0x5BB5D0E8, 0x87D72E5A, 0xAB6A6EE1,
-                                   0x223A66CE, 0xC62BF3CD, 0x9E0885F9,
-                                   0x68CB3E47, 0x086C010F, 0xA21DE820,
-                                   0xD18B69DE, 0xF3F65777, 0xFA02C3F6,
-                                   0x407EDAC3, 0xCBB3D550, 0x1793084D,
-                                   0xB0D70EBA, 0x0AB378D5, 0xD951FB0C,
-                                   0xDED7DA56, 0x4124BBE4, 0x94CA0B56,
-                                   0x0F5755D1, 0xE0E1E56E, 0x6184B5BE,
-                                   0x580A249F, 0x94F74BC0, 0xE327888E,
-                                   0x9F7B5561, 0xC3DC0280, 0x05687715,
-                                   0x646C6BD7, 0x44904DB3, 0x66B4F0A3,
-                                   0xC0F1648A, 0x697ED5AF, 0x49E92FF6,
-                                   0x309E374F, 0x2CB6356A, 0x85808573,
-                                   0x4991F840, 0x76F0AE02, 0x083BE84D,
-                                   0x28421C9A, 0x44489406, 0x736E4CB8,
-                                   0xC1092910, 0x8BC95FC6, 0x7D869CF4,
-                                   0x134F616F, 0x2E77118D, 0xB31B2BE1,
-                                   0xAA90B472, 0x3CA5D717, 0x7D161BBA,
-                                   0x9CAD9010, 0xAF462BA2, 0x9FE459D2,
-                                   0x45D34559, 0xD9F2DA13, 0xDBC65487,
-                                   0xF3E4F94E, 0x176D486F, 0x097C13EA,
-                                   0x631DA5C7, 0x445F7382, 0x175683F4,
-                                   0xCDC66A97, 0x70BE0288, 0xB3CDCF72,
-                                   0x6E5DD2F3, 0x20936079, 0x459B80A5,
-                                   0xBE60E2DB, 0xA9C23101, 0xEBA5315C,
-                                   0x224E42F2, 0x1C5C1572, 0xF6721B2C,
-                                   0x1AD2FFF3, 0x8C25404E, 0x324ED72F,
-                                   0x4067B7FD, 0x0523138E, 0x5CA3BC78,
-                                   0xDC0FD66E, 0x75922283, 0x784D6B17,
-                                   0x58EBB16E, 0x44094F85, 0x3F481D87,
-                                   0xFCFEAE7B, 0x77B5FF76, 0x8C2302BF,
-                                   0xAAF47556, 0x5F46B02A, 0x2B092801,
-                                   0x3D38F5F7, 0x0CA81F36, 0x52AF4A8A,
-                                   0x66D5E7C0, 0xDF3B0874, 0x95055110,
-                                   0x1B5AD7A8, 0xF61ED5AD, 0x6CF6E479,
-                                   0x20758184, 0xD0CEFA65, 0x88F7BE58,
-                                   0x4A046826, 0x0FF6F8F3, 0xA09C7F70,
-                                   0x5346ABA0, 0x5CE96C28, 0xE176EDA3,
-                                   0x6BAC307F, 0x376829D2, 0x85360FA9,
-                                   0x17E3FE2A, 0x24B79767, 0xF5A96B20,
-                                   0xD6CD2595, 0x68FF1EBF, 0x7555442C,
-                                   0xF19F06BE, 0xF9E0659A, 0xEEB9491D,
-                                   0x34010718, 0xBB30CAB8, 0xE822FE15,
-                                   0x88570983, 0x750E6249, 0xDA627E55,
-                                   0x5E76FFA8, 0xB1534546, 0x6D47DE08,
-                                   0xEFE9E7D4 };
-
-  private static final int[] S6 = { 0xF6FA8F9D, 0x2CAC6CE1, 0x4CA34867,
-                                   0xE2337F7C, 0x95DB08E7, 0x016843B4,
-                                   0xECED5CBC, 0x325553AC, 0xBF9F0960,
-                                   0xDFA1E2ED, 0x83F0579D, 0x63ED86B9,
-                                   0x1AB6A6B8, 0xDE5EBE39, 0xF38FF732,
-                                   0x8989B138, 0x33F14961, 0xC01937BD,
-                                   0xF506C6DA, 0xE4625E7E, 0xA308EA99,
-                                   0x4E23E33C, 0x79CBD7CC, 0x48A14367,
-                                   0xA3149619, 0xFEC94BD5, 0xA114174A,
-                                   0xEAA01866, 0xA084DB2D, 0x09A8486F,
-                                   0xA888614A, 0x2900AF98, 0x01665991,
-                                   0xE1992863, 0xC8F30C60, 0x2E78EF3C,
-                                   0xD0D51932, 0xCF0FEC14, 0xF7CA07D2,
-                                   0xD0A82072, 0xFD41197E, 0x9305A6B0,
-                                   0xE86BE3DA, 0x74BED3CD, 0x372DA53C,
-                                   0x4C7F4448, 0xDAB5D440, 0x6DBA0EC3,
-                                   0x083919A7, 0x9FBAEED9, 0x49DBCFB0,
-                                   0x4E670C53, 0x5C3D9C01, 0x64BDB941,
-                                   0x2C0E636A, 0xBA7DD9CD, 0xEA6F7388,
-                                   0xE70BC762, 0x35F29ADB, 0x5C4CDD8D,
-                                   0xF0D48D8C, 0xB88153E2, 0x08A19866,
-                                   0x1AE2EAC8, 0x284CAF89, 0xAA928223,
-                                   0x9334BE53, 0x3B3A21BF, 0x16434BE3,
-                                   0x9AEA3906, 0xEFE8C36E, 0xF890CDD9,
-                                   0x80226DAE, 0xC340A4A3, 0xDF7E9C09,
-                                   0xA694A807, 0x5B7C5ECC, 0x221DB3A6,
-                                   0x9A69A02F, 0x68818A54, 0xCEB2296F,
-                                   0x53C0843A, 0xFE893655, 0x25BFE68A,
-                                   0xB4628ABC, 0xCF222EBF, 0x25AC6F48,
-                                   0xA9A99387, 0x53BDDB65, 0xE76FFBE7,
-                                   0xE967FD78, 0x0BA93563, 0x8E342BC1,
-                                   0xE8A11BE9, 0x4980740D, 0xC8087DFC,
-                                   0x8DE4BF99, 0xA11101A0, 0x7FD37975,
-                                   0xDA5A26C0, 0xE81F994F, 0x9528CD89,
-                                   0xFD339FED, 0xB87834BF, 0x5F04456D,
-                                   0x22258698, 0xC9C4C83B, 0x2DC156BE,
-                                   0x4F628DAA, 0x57F55EC5, 0xE2220ABE,
-                                   0xD2916EBF, 0x4EC75B95, 0x24F2C3C0,
-                                   0x42D15D99, 0xCD0D7FA0, 0x7B6E27FF,
-                                   0xA8DC8AF0, 0x7345C106, 0xF41E232F,
-                                   0x35162386, 0xE6EA8926, 0x3333B094,
-                                   0x157EC6F2, 0x372B74AF, 0x692573E4,
-                                   0xE9A9D848, 0xF3160289, 0x3A62EF1D,
-                                   0xA787E238, 0xF3A5F676, 0x74364853,
-                                   0x20951063, 0x4576698D, 0xB6FAD407,
-                                   0x592AF950, 0x36F73523, 0x4CFB6E87,
-                                   0x7DA4CEC0, 0x6C152DAA, 0xCB0396A8,
-                                   0xC50DFE5D, 0xFCD707AB, 0x0921C42F,
-                                   0x89DFF0BB, 0x5FE2BE78, 0x448F4F33,
-                                   0x754613C9, 0x2B05D08D, 0x48B9D585,
-                                   0xDC049441, 0xC8098F9B, 0x7DEDE786,
-                                   0xC39A3373, 0x42410005, 0x6A091751,
-                                   0x0EF3C8A6, 0x890072D6, 0x28207682,
-                                   0xA9A9F7BE, 0xBF32679D, 0xD45B5B75,
-                                   0xB353FD00, 0xCBB0E358, 0x830F220A,
-                                   0x1F8FB214, 0xD372CF08, 0xCC3C4A13,
-                                   0x8CF63166, 0x061C87BE, 0x88C98F88,
-                                   0x6062E397, 0x47CF8E7A, 0xB6C85283,
-                                   0x3CC2ACFB, 0x3FC06976, 0x4E8F0252,
-                                   0x64D8314D, 0xDA3870E3, 0x1E665459,
-                                   0xC10908F0, 0x513021A5, 0x6C5B68B7,
-                                   0x822F8AA0, 0x3007CD3E, 0x74719EEF,
-                                   0xDC872681, 0x073340D4, 0x7E432FD9,
-                                   0x0C5EC241, 0x8809286C, 0xF592D891,
-                                   0x08A930F6, 0x957EF305, 0xB7FBFFBD,
-                                   0xC266E96F, 0x6FE4AC98, 0xB173ECC0,
-                                   0xBC60B42A, 0x953498DA, 0xFBA1AE12,
-                                   0x2D4BD736, 0x0F25FAAB, 0xA4F3FCEB,
-                                   0xE2969123, 0x257F0C3D, 0x9348AF49,
-                                   0x361400BC, 0xE8816F4A, 0x3814F200,
-                                   0xA3F94043, 0x9C7A54C2, 0xBC704F57,
-                                   0xDA41E7F9, 0xC25AD33A, 0x54F4A084,
-                                   0xB17F5505, 0x59357CBE, 0xEDBD15C8,
-                                   0x7F97C5AB, 0xBA5AC7B5, 0xB6F6DEAF,
-                                   0x3A479C3A, 0x5302DA25, 0x653D7E6A,
-                                   0x54268D49, 0x51A477EA, 0x5017D55B,
-                                   0xD7D25D88, 0x44136C76, 0x0404A8C8,
-                                   0xB8E5A121, 0xB81A928A, 0x60ED5869,
-                                   0x97C55B96, 0xEAEC991B, 0x29935913,
-                                   0x01FDB7F1, 0x088E8DFA, 0x9AB6F6F5,
-                                   0x3B4CBF9F, 0x4A5DE3AB, 0xE6051D35,
-                                   0xA0E1D855, 0xD36B4CF1, 0xF544EDEB,
-                                   0xB0E93524, 0xBEBB8FBD, 0xA2D762CF,
-                                   0x49C92F54, 0x38B5F331, 0x7128A454,
-                                   0x48392905, 0xA65B1DB8, 0x851C97BD,
-                                   0xD675CF2F };
-
-  private static final int[] S7 = { 0x85E04019, 0x332BF567, 0x662DBFFF,
-                                   0xCFC65693, 0x2A8D7F6F, 0xAB9BC912,
-                                   0xDE6008A1, 0x2028DA1F, 0x0227BCE7,
-                                   0x4D642916, 0x18FAC300, 0x50F18B82,
-                                   0x2CB2CB11, 0xB232E75C, 0x4B3695F2,
-                                   0xB28707DE, 0xA05FBCF6, 0xCD4181E9,
-                                   0xE150210C, 0xE24EF1BD, 0xB168C381,
-                                   0xFDE4E789, 0x5C79B0D8, 0x1E8BFD43,
-                                   0x4D495001, 0x38BE4341, 0x913CEE1D,
-                                   0x92A79C3F, 0x089766BE, 0xBAEEADF4,
-                                   0x1286BECF, 0xB6EACB19, 0x2660C200,
-                                   0x7565BDE4, 0x64241F7A, 0x8248DCA9,
-                                   0xC3B3AD66, 0x28136086, 0x0BD8DFA8,
-                                   0x356D1CF2, 0x107789BE, 0xB3B2E9CE,
-                                   0x0502AA8F, 0x0BC0351E, 0x166BF52A,
-                                   0xEB12FF82, 0xE3486911, 0xD34D7516,
-                                   0x4E7B3AFF, 0x5F43671B, 0x9CF6E037,
-                                   0x4981AC83, 0x334266CE, 0x8C9341B7,
-                                   0xD0D854C0, 0xCB3A6C88, 0x47BC2829,
-                                   0x4725BA37, 0xA66AD22B, 0x7AD61F1E,
-                                   0x0C5CBAFA, 0x4437F107, 0xB6E79962,
-                                   0x42D2D816, 0x0A961288, 0xE1A5C06E,
-                                   0x13749E67, 0x72FC081A, 0xB1D139F7,
-                                   0xF9583745, 0xCF19DF58, 0xBEC3F756,
-                                   0xC06EBA30, 0x07211B24, 0x45C28829,
-                                   0xC95E317F, 0xBC8EC511, 0x38BC46E9,
-                                   0xC6E6FA14, 0xBAE8584A, 0xAD4EBC46,
-                                   0x468F508B, 0x7829435F, 0xF124183B,
-                                   0x821DBA9F, 0xAFF60FF4, 0xEA2C4E6D,
-                                   0x16E39264, 0x92544A8B, 0x009B4FC3,
-                                   0xABA68CED, 0x9AC96F78, 0x06A5B79A,
-                                   0xB2856E6E, 0x1AEC3CA9, 0xBE838688,
-                                   0x0E0804E9, 0x55F1BE56, 0xE7E5363B,
-                                   0xB3A1F25D, 0xF7DEBB85, 0x61FE033C,
-                                   0x16746233, 0x3C034C28, 0xDA6D0C74,
-                                   0x79AAC56C, 0x3CE4E1AD, 0x51F0C802,
-                                   0x98F8F35A, 0x1626A49F, 0xEED82B29,
-                                   0x1D382FE3, 0x0C4FB99A, 0xBB325778,
-                                   0x3EC6D97B, 0x6E77A6A9, 0xCB658B5C,
-                                   0xD45230C7, 0x2BD1408B, 0x60C03EB7,
-                                   0xB9068D78, 0xA33754F4, 0xF430C87D,
-                                   0xC8A71302, 0xB96D8C32, 0xEBD4E7BE,
-                                   0xBE8B9D2D, 0x7979FB06, 0xE7225308,
-                                   0x8B75CF77, 0x11EF8DA4, 0xE083C858,
-                                   0x8D6B786F, 0x5A6317A6, 0xFA5CF7A0,
-                                   0x5DDA0033, 0xF28EBFB0, 0xF5B9C310,
-                                   0xA0EAC280, 0x08B9767A, 0xA3D9D2B0,
-                                   0x79D34217, 0x021A718D, 0x9AC6336A,
-                                   0x2711FD60, 0x438050E3, 0x069908A8,
-                                   0x3D7FEDC4, 0x826D2BEF, 0x4EEB8476,
-                                   0x488DCF25, 0x36C9D566, 0x28E74E41,
-                                   0xC2610ACA, 0x3D49A9CF, 0xBAE3B9DF,
-                                   0xB65F8DE6, 0x92AEAF64, 0x3AC7D5E6,
-                                   0x9EA80509, 0xF22B017D, 0xA4173F70,
-                                   0xDD1E16C3, 0x15E0D7F9, 0x50B1B887,
-                                   0x2B9F4FD5, 0x625ABA82, 0x6A017962,
-                                   0x2EC01B9C, 0x15488AA9, 0xD716E740,
-                                   0x40055A2C, 0x93D29A22, 0xE32DBF9A,
-                                   0x058745B9, 0x3453DC1E, 0xD699296E,
-                                   0x496CFF6F, 0x1C9F4986, 0xDFE2ED07,
-                                   0xB87242D1, 0x19DE7EAE, 0x053E561A,
-                                   0x15AD6F8C, 0x66626C1C, 0x7154C24C,
-                                   0xEA082B2A, 0x93EB2939, 0x17DCB0F0,
-                                   0x58D4F2AE, 0x9EA294FB, 0x52CF564C,
-                                   0x9883FE66, 0x2EC40581, 0x763953C3,
-                                   0x01D6692E, 0xD3A0C108, 0xA1E7160E,
-                                   0xE4F2DFA6, 0x693ED285, 0x74904698,
-                                   0x4C2B0EDD, 0x4F757656, 0x5D393378,
-                                   0xA132234F, 0x3D321C5D, 0xC3F5E194,
-                                   0x4B269301, 0xC79F022F, 0x3C997E7E,
-                                   0x5E4F9504, 0x3FFAFBBD, 0x76F7AD0E,
-                                   0x296693F4, 0x3D1FCE6F, 0xC61E45BE,
-                                   0xD3B5AB34, 0xF72BF9B7, 0x1B0434C0,
-                                   0x4E72B567, 0x5592A33D, 0xB5229301,
-                                   0xCFD2A87F, 0x60AEB767, 0x1814386B,
-                                   0x30BCC33D, 0x38A0C07D, 0xFD1606F2,
-                                   0xC363519B, 0x589DD390, 0x5479F8E6,
-                                   0x1CB8D647, 0x97FD61A9, 0xEA7759F4,
-                                   0x2D57539D, 0x569A58CF, 0xE84E63AD,
-                                   0x462E1B78, 0x6580F87E, 0xF3817914,
-                                   0x91DA55F4, 0x40A230F3, 0xD1988F35,
-                                   0xB6E318D2, 0x3FFA50BC, 0x3D40F021,
-                                   0xC3C0BDAE, 0x4958C24C, 0x518F36B2,
-                                   0x84B1D370, 0x0FEDCE83, 0x878DDADA,
-                                   0xF2A279C7, 0x94E01BE8, 0x90716F4B,
-                                   0x954B8AA3 };
-
-  private static final int[] S8 = { 0xE216300D, 0xBBDDFFFC, 0xA7EBDABD,
-                                   0x35648095, 0x7789F8B7, 0xE6C1121B,
-                                   0x0E241600, 0x052CE8B5, 0x11A9CFB0,
-                                   0xE5952F11, 0xECE7990A, 0x9386D174,
-                                   0x2A42931C, 0x76E38111, 0xB12DEF3A,
-                                   0x37DDDDFC, 0xDE9ADEB1, 0x0A0CC32C,
-                                   0xBE197029, 0x84A00940, 0xBB243A0F,
-                                   0xB4D137CF, 0xB44E79F0, 0x049EEDFD,
-                                   0x0B15A15D, 0x480D3168, 0x8BBBDE5A,
-                                   0x669DED42, 0xC7ECE831, 0x3F8F95E7,
-                                   0x72DF191B, 0x7580330D, 0x94074251,
-                                   0x5C7DCDFA, 0xABBE6D63, 0xAA402164,
-                                   0xB301D40A, 0x02E7D1CA, 0x53571DAE,
-                                   0x7A3182A2, 0x12A8DDEC, 0xFDAA335D,
-                                   0x176F43E8, 0x71FB46D4, 0x38129022,
-                                   0xCE949AD4, 0xB84769AD, 0x965BD862,
-                                   0x82F3D055, 0x66FB9767, 0x15B80B4E,
-                                   0x1D5B47A0, 0x4CFDE06F, 0xC28EC4B8,
-                                   0x57E8726E, 0x647A78FC, 0x99865D44,
-                                   0x608BD593, 0x6C200E03, 0x39DC5FF6,
-                                   0x5D0B00A3, 0xAE63AFF2, 0x7E8BD632,
-                                   0x70108C0C, 0xBBD35049, 0x2998DF04,
-                                   0x980CF42A, 0x9B6DF491, 0x9E7EDD53,
-                                   0x06918548, 0x58CB7E07, 0x3B74EF2E,
-                                   0x522FFFB1, 0xD24708CC, 0x1C7E27CD,
-                                   0xA4EB215B, 0x3CF1D2E2, 0x19B47A38,
-                                   0x424F7618, 0x35856039, 0x9D17DEE7,
-                                   0x27EB35E6, 0xC9AFF67B, 0x36BAF5B8,
-                                   0x09C467CD, 0xC18910B1, 0xE11DBF7B,
-                                   0x06CD1AF8, 0x7170C608, 0x2D5E3354,
-                                   0xD4DE495A, 0x64C6D006, 0xBCC0C62C,
-                                   0x3DD00DB3, 0x708F8F34, 0x77D51B42,
-                                   0x264F620F, 0x24B8D2BF, 0x15C1B79E,
-                                   0x46A52564, 0xF8D7E54E, 0x3E378160,
-                                   0x7895CDA5, 0x859C15A5, 0xE6459788,
-                                   0xC37BC75F, 0xDB07BA0C, 0x0676A3AB,
-                                   0x7F229B1E, 0x31842E7B, 0x24259FD7,
-                                   0xF8BEF472, 0x835FFCB8, 0x6DF4C1F2,
-                                   0x96F5B195, 0xFD0AF0FC, 0xB0FE134C,
-                                   0xE2506D3D, 0x4F9B12EA, 0xF215F225,
-                                   0xA223736F, 0x9FB4C428, 0x25D04979,
-                                   0x34C713F8, 0xC4618187, 0xEA7A6E98,
-                                   0x7CD16EFC, 0x1436876C, 0xF1544107,
-                                   0xBEDEEE14, 0x56E9AF27, 0xA04AA441,
-                                   0x3CF7C899, 0x92ECBAE6, 0xDD67016D,
-                                   0x151682EB, 0xA842EEDF, 0xFDBA60B4,
-                                   0xF1907B75, 0x20E3030F, 0x24D8C29E,
-                                   0xE139673B, 0xEFA63FB8, 0x71873054,
-                                   0xB6F2CF3B, 0x9F326442, 0xCB15A4CC,
-                                   0xB01A4504, 0xF1E47D8D, 0x844A1BE5,
-                                   0xBAE7DFDC, 0x42CBDA70, 0xCD7DAE0A,
-                                   0x57E85B7A, 0xD53F5AF6, 0x20CF4D8C,
-                                   0xCEA4D428, 0x79D130A4, 0x3486EBFB,
-                                   0x33D3CDDC, 0x77853B53, 0x37EFFCB5,
-                                   0xC5068778, 0xE580B3E6, 0x4E68B8F4,
-                                   0xC5C8B37E, 0x0D809EA2, 0x398FEB7C,
-                                   0x132A4F94, 0x43B7950E, 0x2FEE7D1C,
-                                   0x223613BD, 0xDD06CAA2, 0x37DF932B,
-                                   0xC4248289, 0xACF3EBC3, 0x5715F6B7,
-                                   0xEF3478DD, 0xF267616F, 0xC148CBE4,
-                                   0x9052815E, 0x5E410FAB, 0xB48A2465,
-                                   0x2EDA7FA4, 0xE87B40E4, 0xE98EA084,
-                                   0x5889E9E1, 0xEFD390FC, 0xDD07D35B,
-                                   0xDB485694, 0x38D7E5B2, 0x57720101,
-                                   0x730EDEBC, 0x5B643113, 0x94917E4F,
-                                   0x503C2FBA, 0x646F1282, 0x7523D24A,
-                                   0xE0779695, 0xF9C17A8F, 0x7A5B2121,
-                                   0xD187B896, 0x29263A4D, 0xBA510CDF,
-                                   0x81F47C9F, 0xAD1163ED, 0xEA7B5965,
-                                   0x1A00726E, 0x11403092, 0x00DA6D77,
-                                   0x4A0CDD61, 0xAD1F4603, 0x605BDFB0,
-                                   0x9EEDC364, 0x22EBE6A8, 0xCEE7D28A,
-                                   0xA0E736A0, 0x5564A6B9, 0x10853209,
-                                   0xC7EB8F37, 0x2DE705CA, 0x8951570F,
-                                   0xDF09822B, 0xBD691A6C, 0xAA12E4F2,
-                                   0x87451C0F, 0xE0F6A27A, 0x3ADA4819,
-                                   0x4CF1764F, 0x0D771C2B, 0x67CDB156,
-                                   0x350D8384, 0x5938FA0F, 0x42399EF3,
-                                   0x36997B07, 0x0E84093D, 0x4AA93E61,
-                                   0x8360D87B, 0x1FA98B0C, 0x1149382C,
-                                   0xE97625A5, 0x0614D1B7, 0x0E25244B,
-                                   0x0C768347, 0x589E8D82, 0x0D2059D1,
-                                   0xA466BB1E, 0xF8DA0A82, 0x04F19130,
-                                   0xBA6E4EC0, 0x99265164, 0x1EE7230D,
-                                   0x50B2AD80, 0xEAEE6801, 0x8DB2A283,
-                                   0xEA8BF59E };
-
+  private static final int[] S1 = {
+      0x30FB40D4, 0x9FA0FF0B, 0x6BECCD2F, 0x3F258C7A, 0x1E213F2F, 0x9C004DD3,
+      0x6003E540, 0xCF9FC949, 0xBFD4AF27, 0x88BBBDB5, 0xE2034090, 0x98D09675,
+      0x6E63A0E0, 0x15C361D2, 0xC2E7661D, 0x22D4FF8E, 0x28683B6F, 0xC07FD059,
+      0xFF2379C8, 0x775F50E2, 0x43C340D3, 0xDF2F8656, 0x887CA41A, 0xA2D2BD2D,
+      0xA1C9E0D6, 0x346C4819, 0x61B76D87, 0x22540F2F, 0x2ABE32E1, 0xAA54166B,
+      0x22568E3A, 0xA2D341D0, 0x66DB40C8, 0xA784392F, 0x004DFF2F, 0x2DB9D2DE,
+      0x97943FAC, 0x4A97C1D8, 0x527644B7, 0xB5F437A7, 0xB82CBAEF, 0xD751D159,
+      0x6FF7F0ED, 0x5A097A1F, 0x827B68D0, 0x90ECF52E, 0x22B0C054, 0xBC8E5935,
+      0x4B6D2F7F, 0x50BB64A2, 0xD2664910, 0xBEE5812D, 0xB7332290, 0xE93B159F,
+      0xB48EE411, 0x4BFF345D, 0xFD45C240, 0xAD31973F, 0xC4F6D02E, 0x55FC8165,
+      0xD5B1CAAD, 0xA1AC2DAE, 0xA2D4B76D, 0xC19B0C50, 0x882240F2, 0x0C6E4F38,
+      0xA4E4BFD7, 0x4F5BA272, 0x564C1D2F, 0xC59C5319, 0xB949E354, 0xB04669FE,
+      0xB1B6AB8A, 0xC71358DD, 0x6385C545, 0x110F935D, 0x57538AD5, 0x6A390493,
+      0xE63D37E0, 0x2A54F6B3, 0x3A787D5F, 0x6276A0B5, 0x19A6FCDF, 0x7A42206A,
+      0x29F9D4D5, 0xF61B1891, 0xBB72275E, 0xAA508167, 0x38901091, 0xC6B505EB,
+      0x84C7CB8C, 0x2AD75A0F, 0x874A1427, 0xA2D1936B, 0x2AD286AF, 0xAA56D291,
+      0xD7894360, 0x425C750D, 0x93B39E26, 0x187184C9, 0x6C00B32D, 0x73E2BB14,
+      0xA0BEBC3C, 0x54623779, 0x64459EAB, 0x3F328B82, 0x7718CF82, 0x59A2CEA6,
+      0x04EE002E, 0x89FE78E6, 0x3FAB0950, 0x325FF6C2, 0x81383F05, 0x6963C5C8,
+      0x76CB5AD6, 0xD49974C9, 0xCA180DCF, 0x380782D5, 0xC7FA5CF6, 0x8AC31511,
+      0x35E79E13, 0x47DA91D0, 0xF40F9086, 0xA7E2419E, 0x31366241, 0x051EF495,
+      0xAA573B04, 0x4A805D8D, 0x548300D0, 0x00322A3C, 0xBF64CDDF, 0xBA57A68E,
+      0x75C6372B, 0x50AFD341, 0xA7C13275, 0x915A0BF5, 0x6B54BFAB, 0x2B0B1426,
+      0xAB4CC9D7, 0x449CCD82, 0xF7FBF265, 0xAB85C5F3, 0x1B55DB94, 0xAAD4E324,
+      0xCFA4BD3F, 0x2DEAA3E2, 0x9E204D02, 0xC8BD25AC, 0xEADF55B3, 0xD5BD9E98,
+      0xE31231B2, 0x2AD5AD6C, 0x954329DE, 0xADBE4528, 0xD8710F69, 0xAA51C90F,
+      0xAA786BF6, 0x22513F1E, 0xAA51A79B, 0x2AD344CC, 0x7B5A41F0, 0xD37CFBAD,
+      0x1B069505, 0x41ECE491, 0xB4C332E6, 0x032268D4, 0xC9600ACC, 0xCE387E6D,
+      0xBF6BB16C, 0x6A70FB78, 0x0D03D9C9, 0xD4DF39DE, 0xE01063DA, 0x4736F464,
+      0x5AD328D8, 0xB347CC96, 0x75BB0FC3, 0x98511BFB, 0x4FFBCC35, 0xB58BCF6A,
+      0xE11F0ABC, 0xBFC5FE4A, 0xA70AEC10, 0xAC39570A, 0x3F04442F, 0x6188B153,
+      0xE0397A2E, 0x5727CB79, 0x9CEB418F, 0x1CACD68D, 0x2AD37C96, 0x0175CB9D,
+      0xC69DFF09, 0xC75B65F0, 0xD9DB40D8, 0xEC0E7779, 0x4744EAD4, 0xB11C3274,
+      0xDD24CB9E, 0x7E1C54BD, 0xF01144F9, 0xD2240EB1, 0x9675B3FD, 0xA3AC3755,
+      0xD47C27AF, 0x51C85F4D, 0x56907596, 0xA5BB15E6, 0x580304F0, 0xCA042CF1,
+      0x011A37EA, 0x8DBFAADB, 0x35BA3E4A, 0x3526FFA0, 0xC37B4D09, 0xBC306ED9,
+      0x98A52666, 0x5648F725, 0xFF5E569D, 0x0CED63D0, 0x7C63B2CF, 0x700B45E1,
+      0xD5EA50F1, 0x85A92872, 0xAF1FBDA7, 0xD4234870, 0xA7870BF3, 0x2D3B4D79,
+      0x42E04198, 0x0CD0EDE7, 0x26470DB8, 0xF881814C, 0x474D6AD7, 0x7C0C5E5C,
+      0xD1231959, 0x381B7298, 0xF5D2F4DB, 0xAB838653, 0x6E2F1E23, 0x83719C9E,
+      0xBD91E046, 0x9A56456E, 0xDC39200C, 0x20C8C571, 0x962BDA1C, 0xE1E696FF,
+      0xB141AB08, 0x7CCA89B9, 0x1A69E783, 0x02CC4843, 0xA2F7C579, 0x429EF47D,
+      0x427B169C, 0x5AC9F049, 0xDD8F0F00, 0x5C8165BF };
+  private static final int[] S2 = {
+      0x1F201094, 0xEF0BA75B, 0x69E3CF7E, 0x393F4380, 0xFE61CF7A, 0xEEC5207A,
+      0x55889C94, 0x72FC0651, 0xADA7EF79, 0x4E1D7235, 0xD55A63CE, 0xDE0436BA,
+      0x99C430EF, 0x5F0C0794, 0x18DCDB7D, 0xA1D6EFF3, 0xA0B52F7B, 0x59E83605,
+      0xEE15B094, 0xE9FFD909, 0xDC440086, 0xEF944459, 0xBA83CCB3, 0xE0C3CDFB,
+      0xD1DA4181, 0x3B092AB1, 0xF997F1C1, 0xA5E6CF7B, 0x01420DDB, 0xE4E7EF5B,
+      0x25A1FF41, 0xE180F806, 0x1FC41080, 0x179BEE7A, 0xD37AC6A9, 0xFE5830A4,
+      0x98DE8B7F, 0x77E83F4E, 0x79929269, 0x24FA9F7B, 0xE113C85B, 0xACC40083,
+      0xD7503525, 0xF7EA615F, 0x62143154, 0x0D554B63, 0x5D681121, 0xC866C359,
+      0x3D63CF73, 0xCEE234C0, 0xD4D87E87, 0x5C672B21, 0x071F6181, 0x39F7627F,
+      0x361E3084, 0xE4EB573B, 0x602F64A4, 0xD63ACD9C, 0x1BBC4635, 0x9E81032D,
+      0x2701F50C, 0x99847AB4, 0xA0E3DF79, 0xBA6CF38C, 0x10843094, 0x2537A95E,
+      0xF46F6FFE, 0xA1FF3B1F, 0x208CFB6A, 0x8F458C74, 0xD9E0A227, 0x4EC73A34,
+      0xFC884F69, 0x3E4DE8DF, 0xEF0E0088, 0x3559648D, 0x8A45388C, 0x1D804366,
+      0x721D9BFD, 0xA58684BB, 0xE8256333, 0x844E8212, 0x128D8098, 0xFED33FB4,
+      0xCE280AE1, 0x27E19BA5, 0xD5A6C252, 0xE49754BD, 0xC5D655DD, 0xEB667064,
+      0x77840B4D, 0xA1B6A801, 0x84DB26A9, 0xE0B56714, 0x21F043B7, 0xE5D05860,
+      0x54F03084, 0x066FF472, 0xA31AA153, 0xDADC4755, 0xB5625DBF, 0x68561BE6,
+      0x83CA6B94, 0x2D6ED23B, 0xECCF01DB, 0xA6D3D0BA, 0xB6803D5C, 0xAF77A709,
+      0x33B4A34C, 0x397BC8D6, 0x5EE22B95, 0x5F0E5304, 0x81ED6F61, 0x20E74364,
+      0xB45E1378, 0xDE18639B, 0x881CA122, 0xB96726D1, 0x8049A7E8, 0x22B7DA7B,
+      0x5E552D25, 0x5272D237, 0x79D2951C, 0xC60D894C, 0x488CB402, 0x1BA4FE5B,
+      0xA4B09F6B, 0x1CA815CF, 0xA20C3005, 0x8871DF63, 0xB9DE2FCB, 0x0CC6C9E9,
+      0x0BEEFF53, 0xE3214517, 0xB4542835, 0x9F63293C, 0xEE41E729, 0x6E1D2D7C,
+      0x50045286, 0x1E6685F3, 0xF33401C6, 0x30A22C95, 0x31A70850, 0x60930F13,
+      0x73F98417, 0xA1269859, 0xEC645C44, 0x52C877A9, 0xCDFF33A6, 0xA02B1741,
+      0x7CBAD9A2, 0x2180036F, 0x50D99C08, 0xCB3F4861, 0xC26BD765, 0x64A3F6AB,
+      0x80342676, 0x25A75E7B, 0xE4E6D1FC, 0x20C710E6, 0xCDF0B680, 0x17844D3B,
+      0x31EEF84D, 0x7E0824E4, 0x2CCB49EB, 0x846A3BAE, 0x8FF77888, 0xEE5D60F6,
+      0x7AF75673, 0x2FDD5CDB, 0xA11631C1, 0x30F66F43, 0xB3FAEC54, 0x157FD7FA,
+      0xEF8579CC, 0xD152DE58, 0xDB2FFD5E, 0x8F32CE19, 0x306AF97A, 0x02F03EF8,
+      0x99319AD5, 0xC242FA0F, 0xA7E3EBB0, 0xC68E4906, 0xB8DA230C, 0x80823028,
+      0xDCDEF3C8, 0xD35FB171, 0x088A1BC8, 0xBEC0C560, 0x61A3C9E8, 0xBCA8F54D,
+      0xC72FEFFA, 0x22822E99, 0x82C570B4, 0xD8D94E89, 0x8B1C34BC, 0x301E16E6,
+      0x273BE979, 0xB0FFEAA6, 0x61D9B8C6, 0x00B24869, 0xB7FFCE3F, 0x08DC283B,
+      0x43DAF65A, 0xF7E19798, 0x7619B72F, 0x8F1C9BA4, 0xDC8637A0, 0x16A7D3B1,
+      0x9FC393B7, 0xA7136EEB, 0xC6BCC63E, 0x1A513742, 0xEF6828BC, 0x520365D6,
+      0x2D6A77AB, 0x3527ED4B, 0x821FD216, 0x095C6E2E, 0xDB92F2FB, 0x5EEA29CB,
+      0x145892F5, 0x91584F7F, 0x5483697B, 0x2667A8CC, 0x85196048, 0x8C4BACEA,
+      0x833860D4, 0x0D23E0F9, 0x6C387E8A, 0x0AE6D249, 0xB284600C, 0xD835731D,
+      0xDCB1C647, 0xAC4C56EA, 0x3EBD81B3, 0x230EABB0, 0x6438BC87, 0xF0B5B1FA,
+      0x8F5EA2B3, 0xFC184642, 0x0A036B7A, 0x4FB089BD, 0x649DA589, 0xA345415E,
+      0x5C038323, 0x3E5D3BB9, 0x43D79572, 0x7E6DD07C, 0x06DFDF1E, 0x6C6CC4EF,
+      0x7160A539, 0x73BFBE70, 0x83877605, 0x4523ECF1 };
+  private static final int[] S3 = {
+      0x8DEFC240, 0x25FA5D9F, 0xEB903DBF, 0xE810C907, 0x47607FFF, 0x369FE44B,
+      0x8C1FC644, 0xAECECA90, 0xBEB1F9BF, 0xEEFBCAEA, 0xE8CF1950, 0x51DF07AE,
+      0x920E8806, 0xF0AD0548, 0xE13C8D83, 0x927010D5, 0x11107D9F, 0x07647DB9,
+      0xB2E3E4D4, 0x3D4F285E, 0xB9AFA820, 0xFADE82E0, 0xA067268B, 0x8272792E,
+      0x553FB2C0, 0x489AE22B, 0xD4EF9794, 0x125E3FBC, 0x21FFFCEE, 0x825B1BFD,
+      0x9255C5ED, 0x1257A240, 0x4E1A8302, 0xBAE07FFF, 0x528246E7, 0x8E57140E,
+      0x3373F7BF, 0x8C9F8188, 0xA6FC4EE8, 0xC982B5A5, 0xA8C01DB7, 0x579FC264,
+      0x67094F31, 0xF2BD3F5F, 0x40FFF7C1, 0x1FB78DFC, 0x8E6BD2C1, 0x437BE59B,
+      0x99B03DBF, 0xB5DBC64B, 0x638DC0E6, 0x55819D99, 0xA197C81C, 0x4A012D6E,
+      0xC5884A28, 0xCCC36F71, 0xB843C213, 0x6C0743F1, 0x8309893C, 0x0FEDDD5F,
+      0x2F7FE850, 0xD7C07F7E, 0x02507FBF, 0x5AFB9A04, 0xA747D2D0, 0x1651192E,
+      0xAF70BF3E, 0x58C31380, 0x5F98302E, 0x727CC3C4, 0x0A0FB402, 0x0F7FEF82,
+      0x8C96FDAD, 0x5D2C2AAE, 0x8EE99A49, 0x50DA88B8, 0x8427F4A0, 0x1EAC5790,
+      0x796FB449, 0x8252DC15, 0xEFBD7D9B, 0xA672597D, 0xADA840D8, 0x45F54504,
+      0xFA5D7403, 0xE83EC305, 0x4F91751A, 0x925669C2, 0x23EFE941, 0xA903F12E,
+      0x60270DF2, 0x0276E4B6, 0x94FD6574, 0x927985B2, 0x8276DBCB, 0x02778176,
+      0xF8AF918D, 0x4E48F79E, 0x8F616DDF, 0xE29D840E, 0x842F7D83, 0x340CE5C8,
+      0x96BBB682, 0x93B4B148, 0xEF303CAB, 0x984FAF28, 0x779FAF9B, 0x92DC560D,
+      0x224D1E20, 0x8437AA88, 0x7D29DC96, 0x2756D3DC, 0x8B907CEE, 0xB51FD240,
+      0xE7C07CE3, 0xE566B4A1, 0xC3E9615E, 0x3CF8209D, 0x6094D1E3, 0xCD9CA341,
+      0x5C76460E, 0x00EA983B, 0xD4D67881, 0xFD47572C, 0xF76CEDD9, 0xBDA8229C,
+      0x127DADAA, 0x438A074E, 0x1F97C090, 0x081BDB8A, 0x93A07EBE, 0xB938CA15,
+      0x97B03CFF, 0x3DC2C0F8, 0x8D1AB2EC, 0x64380E51, 0x68CC7BFB, 0xD90F2788,
+      0x12490181, 0x5DE5FFD4, 0xDD7EF86A, 0x76A2E214, 0xB9A40368, 0x925D958F,
+      0x4B39FFFA, 0xBA39AEE9, 0xA4FFD30B, 0xFAF7933B, 0x6D498623, 0x193CBCFA,
+      0x27627545, 0x825CF47A, 0x61BD8BA0, 0xD11E42D1, 0xCEAD04F4, 0x127EA392,
+      0x10428DB7, 0x8272A972, 0x9270C4A8, 0x127DE50B, 0x285BA1C8, 0x3C62F44F,
+      0x35C0EAA5, 0xE805D231, 0x428929FB, 0xB4FCDF82, 0x4FB66A53, 0x0E7DC15B,
+      0x1F081FAB, 0x108618AE, 0xFCFD086D, 0xF9FF2889, 0x694BCC11, 0x236A5CAE,
+      0x12DECA4D, 0x2C3F8CC5, 0xD2D02DFE, 0xF8EF5896, 0xE4CF52DA, 0x95155B67,
+      0x494A488C, 0xB9B6A80C, 0x5C8F82BC, 0x89D36B45, 0x3A609437, 0xEC00C9A9,
+      0x44715253, 0x0A874B49, 0xD773BC40, 0x7C34671C, 0x02717EF6, 0x4FEB5536,
+      0xA2D02FFF, 0xD2BF60C4, 0xD43F03C0, 0x50B4EF6D, 0x07478CD1, 0x006E1888,
+      0xA2E53F55, 0xB9E6D4BC, 0xA2048016, 0x97573833, 0xD7207D67, 0xDE0F8F3D,
+      0x72F87B33, 0xABCC4F33, 0x7688C55D, 0x7B00A6B0, 0x947B0001, 0x570075D2,
+      0xF9BB88F8, 0x8942019E, 0x4264A5FF, 0x856302E0, 0x72DBD92B, 0xEE971B69,
+      0x6EA22FDE, 0x5F08AE2B, 0xAF7A616D, 0xE5C98767, 0xCF1FEBD2, 0x61EFC8C2,
+      0xF1AC2571, 0xCC8239C2, 0x67214CB8, 0xB1E583D1, 0xB7DC3E62, 0x7F10BDCE,
+      0xF90A5C38, 0x0FF0443D, 0x606E6DC6, 0x60543A49, 0x5727C148, 0x2BE98A1D,
+      0x8AB41738, 0x20E1BE24, 0xAF96DA0F, 0x68458425, 0x99833BE5, 0x600D457D,
+      0x282F9350, 0x8334B362, 0xD91D1120, 0x2B6D8DA0, 0x642B1E31, 0x9C305A00,
+      0x52BCE688, 0x1B03588A, 0xF7BAEFD5, 0x4142ED9C, 0xA4315C11, 0x83323EC5,
+      0xDFEF4636, 0xA133C501, 0xE9D3531C, 0xEE353783 };
+  private static final int[] S4 = {
+      0x9DB30420, 0x1FB6E9DE, 0xA7BE7BEF, 0xD273A298, 0x4A4F7BDB, 0x64AD8C57,
+      0x85510443, 0xFA020ED1, 0x7E287AFF, 0xE60FB663, 0x095F35A1, 0x79EBF120,
+      0xFD059D43, 0x6497B7B1, 0xF3641F63, 0x241E4ADF, 0x28147F5F, 0x4FA2B8CD,
+      0xC9430040, 0x0CC32220, 0xFDD30B30, 0xC0A5374F, 0x1D2D00D9, 0x24147B15,
+      0xEE4D111A, 0x0FCA5167, 0x71FF904C, 0x2D195FFE, 0x1A05645F, 0x0C13FEFE,
+      0x081B08CA, 0x05170121, 0x80530100, 0xE83E5EFE, 0xAC9AF4F8, 0x7FE72701,
+      0xD2B8EE5F, 0x06DF4261, 0xBB9E9B8A, 0x7293EA25, 0xCE84FFDF, 0xF5718801,
+      0x3DD64B04, 0xA26F263B, 0x7ED48400, 0x547EEBE6, 0x446D4CA0, 0x6CF3D6F5,
+      0x2649ABDF, 0xAEA0C7F5, 0x36338CC1, 0x503F7E93, 0xD3772061, 0x11B638E1,
+      0x72500E03, 0xF80EB2BB, 0xABE0502E, 0xEC8D77DE, 0x57971E81, 0xE14F6746,
+      0xC9335400, 0x6920318F, 0x081DBB99, 0xFFC304A5, 0x4D351805, 0x7F3D5CE3,
+      0xA6C866C6, 0x5D5BCCA9, 0xDAEC6FEA, 0x9F926F91, 0x9F46222F, 0x3991467D,
+      0xA5BF6D8E, 0x1143C44F, 0x43958302, 0xD0214EEB, 0x022083B8, 0x3FB6180C,
+      0x18F8931E, 0x281658E6, 0x26486E3E, 0x8BD78A70, 0x7477E4C1, 0xB506E07C,
+      0xF32D0A25, 0x79098B02, 0xE4EABB81, 0x28123B23, 0x69DEAD38, 0x1574CA16,
+      0xDF871B62, 0x211C40B7, 0xA51A9EF9, 0x0014377B, 0x041E8AC8, 0x09114003,
+      0xBD59E4D2, 0xE3D156D5, 0x4FE876D5, 0x2F91A340, 0x557BE8DE, 0x00EAE4A7,
+      0x0CE5C2EC, 0x4DB4BBA6, 0xE756BDFF, 0xDD3369AC, 0xEC17B035, 0x06572327,
+      0x99AFC8B0, 0x56C8C391, 0x6B65811C, 0x5E146119, 0x6E85CB75, 0xBE07C002,
+      0xC2325577, 0x893FF4EC, 0x5BBFC92D, 0xD0EC3B25, 0xB7801AB7, 0x8D6D3B24,
+      0x20C763EF, 0xC366A5FC, 0x9C382880, 0x0ACE3205, 0xAAC9548A, 0xECA1D7C7,
+      0x041AFA32, 0x1D16625A, 0x6701902C, 0x9B757A54, 0x31D477F7, 0x9126B031,
+      0x36CC6FDB, 0xC70B8B46, 0xD9E66A48, 0x56E55A79, 0x026A4CEB, 0x52437EFF,
+      0x2F8F76B4, 0x0DF980A5, 0x8674CDE3, 0xEDDA04EB, 0x17A9BE04, 0x2C18F4DF,
+      0xB7747F9D, 0xAB2AF7B4, 0xEFC34D20, 0x2E096B7C, 0x1741A254, 0xE5B6A035,
+      0x213D42F6, 0x2C1C7C26, 0x61C2F50F, 0x6552DAF9, 0xD2C231F8, 0x25130F69,
+      0xD8167FA2, 0x0418F2C8, 0x001A96A6, 0x0D1526AB, 0x63315C21, 0x5E0A72EC,
+      0x49BAFEFD, 0x187908D9, 0x8D0DBD86, 0x311170A7, 0x3E9B640C, 0xCC3E10D7,
+      0xD5CAD3B6, 0x0CAEC388, 0xF73001E1, 0x6C728AFF, 0x71EAE2A1, 0x1F9AF36E,
+      0xCFCBD12F, 0xC1DE8417, 0xAC07BE6B, 0xCB44A1D8, 0x8B9B0F56, 0x013988C3,
+      0xB1C52FCA, 0xB4BE31CD, 0xD8782806, 0x12A3A4E2, 0x6F7DE532, 0x58FD7EB6,
+      0xD01EE900, 0x24ADFFC2, 0xF4990FC5, 0x9711AAC5, 0x001D7B95, 0x82E5E7D2,
+      0x109873F6, 0x00613096, 0xC32D9521, 0xADA121FF, 0x29908415, 0x7FBB977F,
+      0xAF9EB3DB, 0x29C9ED2A, 0x5CE2A465, 0xA730F32C, 0xD0AA3FE8, 0x8A5CC091,
+      0xD49E2CE7, 0x0CE454A9, 0xD60ACD86, 0x015F1919, 0x77079103, 0xDEA03AF6,
+      0x78A8565E, 0xDEE356DF, 0x21F05CBE, 0x8B75E387, 0xB3C50651, 0xB8A5C3EF,
+      0xD8EEB6D2, 0xE523BE77, 0xC2154529, 0x2F69EFDF, 0xAFE67AFB, 0xF470C4B2,
+      0xF3E0EB5B, 0xD6CC9876, 0x39E4460C, 0x1FDA8538, 0x1987832F, 0xCA007367,
+      0xA99144F8, 0x296B299E, 0x492FC295, 0x9266BEAB, 0xB5676E69, 0x9BD3DDDA,
+      0xDF7E052F, 0xDB25701C, 0x1B5E51EE, 0xF65324E6, 0x6AFCE36C, 0x0316CC04,
+      0x8644213E, 0xB7DC59D0, 0x7965291F, 0xCCD6FD43, 0x41823979, 0x932BCDF6,
+      0xB657C34D, 0x4EDFD282, 0x7AE5290C, 0x3CB9536B, 0x851E20FE, 0x9833557E,
+      0x13ECF0B0, 0xD3FFB372, 0x3F85C5C1, 0x0AEF7ED2 };
+  private static final int[] S5 = {
+      0x7EC90C04, 0x2C6E74B9, 0x9B0E66DF, 0xA6337911, 0xB86A7FFF, 0x1DD358F5,
+      0x44DD9D44, 0x1731167F, 0x08FBF1FA, 0xE7F511CC, 0xD2051B00, 0x735ABA00,
+      0x2AB722D8, 0x386381CB, 0xACF6243A, 0x69BEFD7A, 0xE6A2E77F, 0xF0C720CD,
+      0xC4494816, 0xCCF5C180, 0x38851640, 0x15B0A848, 0xE68B18CB, 0x4CAADEFF,
+      0x5F480A01, 0x0412B2AA, 0x259814FC, 0x41D0EFE2, 0x4E40B48D, 0x248EB6FB,
+      0x8DBA1CFE, 0x41A99B02, 0x1A550A04, 0xBA8F65CB, 0x7251F4E7, 0x95A51725,
+      0xC106ECD7, 0x97A5980A, 0xC539B9AA, 0x4D79FE6A, 0xF2F3F763, 0x68AF8040,
+      0xED0C9E56, 0x11B4958B, 0xE1EB5A88, 0x8709E6B0, 0xD7E07156, 0x4E29FEA7,
+      0x6366E52D, 0x02D1C000, 0xC4AC8E05, 0x9377F571, 0x0C05372A, 0x578535F2,
+      0x2261BE02, 0xD642A0C9, 0xDF13A280, 0x74B55BD2, 0x682199C0, 0xD421E5EC,
+      0x53FB3CE8, 0xC8ADEDB3, 0x28A87FC9, 0x3D959981, 0x5C1FF900, 0xFE38D399,
+      0x0C4EFF0B, 0x062407EA, 0xAA2F4FB1, 0x4FB96976, 0x90C79505, 0xB0A8A774,
+      0xEF55A1FF, 0xE59CA2C2, 0xA6B62D27, 0xE66A4263, 0xDF65001F, 0x0EC50966,
+      0xDFDD55BC, 0x29DE0655, 0x911E739A, 0x17AF8975, 0x32C7911C, 0x89F89468,
+      0x0D01E980, 0x524755F4, 0x03B63CC9, 0x0CC844B2, 0xBCF3F0AA, 0x87AC36E9,
+      0xE53A7426, 0x01B3D82B, 0x1A9E7449, 0x64EE2D7E, 0xCDDBB1DA, 0x01C94910,
+      0xB868BF80, 0x0D26F3FD, 0x9342EDE7, 0x04A5C284, 0x636737B6, 0x50F5B616,
+      0xF24766E3, 0x8ECA36C1, 0x136E05DB, 0xFEF18391, 0xFB887A37, 0xD6E7F7D4,
+      0xC7FB7DC9, 0x3063FCDF, 0xB6F589DE, 0xEC2941DA, 0x26E46695, 0xB7566419,
+      0xF654EFC5, 0xD08D58B7, 0x48925401, 0xC1BACB7F, 0xE5FF550F, 0xB6083049,
+      0x5BB5D0E8, 0x87D72E5A, 0xAB6A6EE1, 0x223A66CE, 0xC62BF3CD, 0x9E0885F9,
+      0x68CB3E47, 0x086C010F, 0xA21DE820, 0xD18B69DE, 0xF3F65777, 0xFA02C3F6,
+      0x407EDAC3, 0xCBB3D550, 0x1793084D, 0xB0D70EBA, 0x0AB378D5, 0xD951FB0C,
+      0xDED7DA56, 0x4124BBE4, 0x94CA0B56, 0x0F5755D1, 0xE0E1E56E, 0x6184B5BE,
+      0x580A249F, 0x94F74BC0, 0xE327888E, 0x9F7B5561, 0xC3DC0280, 0x05687715,
+      0x646C6BD7, 0x44904DB3, 0x66B4F0A3, 0xC0F1648A, 0x697ED5AF, 0x49E92FF6,
+      0x309E374F, 0x2CB6356A, 0x85808573, 0x4991F840, 0x76F0AE02, 0x083BE84D,
+      0x28421C9A, 0x44489406, 0x736E4CB8, 0xC1092910, 0x8BC95FC6, 0x7D869CF4,
+      0x134F616F, 0x2E77118D, 0xB31B2BE1, 0xAA90B472, 0x3CA5D717, 0x7D161BBA,
+      0x9CAD9010, 0xAF462BA2, 0x9FE459D2, 0x45D34559, 0xD9F2DA13, 0xDBC65487,
+      0xF3E4F94E, 0x176D486F, 0x097C13EA, 0x631DA5C7, 0x445F7382, 0x175683F4,
+      0xCDC66A97, 0x70BE0288, 0xB3CDCF72, 0x6E5DD2F3, 0x20936079, 0x459B80A5,
+      0xBE60E2DB, 0xA9C23101, 0xEBA5315C, 0x224E42F2, 0x1C5C1572, 0xF6721B2C,
+      0x1AD2FFF3, 0x8C25404E, 0x324ED72F, 0x4067B7FD, 0x0523138E, 0x5CA3BC78,
+      0xDC0FD66E, 0x75922283, 0x784D6B17, 0x58EBB16E, 0x44094F85, 0x3F481D87,
+      0xFCFEAE7B, 0x77B5FF76, 0x8C2302BF, 0xAAF47556, 0x5F46B02A, 0x2B092801,
+      0x3D38F5F7, 0x0CA81F36, 0x52AF4A8A, 0x66D5E7C0, 0xDF3B0874, 0x95055110,
+      0x1B5AD7A8, 0xF61ED5AD, 0x6CF6E479, 0x20758184, 0xD0CEFA65, 0x88F7BE58,
+      0x4A046826, 0x0FF6F8F3, 0xA09C7F70, 0x5346ABA0, 0x5CE96C28, 0xE176EDA3,
+      0x6BAC307F, 0x376829D2, 0x85360FA9, 0x17E3FE2A, 0x24B79767, 0xF5A96B20,
+      0xD6CD2595, 0x68FF1EBF, 0x7555442C, 0xF19F06BE, 0xF9E0659A, 0xEEB9491D,
+      0x34010718, 0xBB30CAB8, 0xE822FE15, 0x88570983, 0x750E6249, 0xDA627E55,
+      0x5E76FFA8, 0xB1534546, 0x6D47DE08, 0xEFE9E7D4 };
+  private static final int[] S6 = {
+      0xF6FA8F9D, 0x2CAC6CE1, 0x4CA34867, 0xE2337F7C, 0x95DB08E7, 0x016843B4,
+      0xECED5CBC, 0x325553AC, 0xBF9F0960, 0xDFA1E2ED, 0x83F0579D, 0x63ED86B9,
+      0x1AB6A6B8, 0xDE5EBE39, 0xF38FF732, 0x8989B138, 0x33F14961, 0xC01937BD,
+      0xF506C6DA, 0xE4625E7E, 0xA308EA99, 0x4E23E33C, 0x79CBD7CC, 0x48A14367,
+      0xA3149619, 0xFEC94BD5, 0xA114174A, 0xEAA01866, 0xA084DB2D, 0x09A8486F,
+      0xA888614A, 0x2900AF98, 0x01665991, 0xE1992863, 0xC8F30C60, 0x2E78EF3C,
+      0xD0D51932, 0xCF0FEC14, 0xF7CA07D2, 0xD0A82072, 0xFD41197E, 0x9305A6B0,
+      0xE86BE3DA, 0x74BED3CD, 0x372DA53C, 0x4C7F4448, 0xDAB5D440, 0x6DBA0EC3,
+      0x083919A7, 0x9FBAEED9, 0x49DBCFB0, 0x4E670C53, 0x5C3D9C01, 0x64BDB941,
+      0x2C0E636A, 0xBA7DD9CD, 0xEA6F7388, 0xE70BC762, 0x35F29ADB, 0x5C4CDD8D,
+      0xF0D48D8C, 0xB88153E2, 0x08A19866, 0x1AE2EAC8, 0x284CAF89, 0xAA928223,
+      0x9334BE53, 0x3B3A21BF, 0x16434BE3, 0x9AEA3906, 0xEFE8C36E, 0xF890CDD9,
+      0x80226DAE, 0xC340A4A3, 0xDF7E9C09, 0xA694A807, 0x5B7C5ECC, 0x221DB3A6,
+      0x9A69A02F, 0x68818A54, 0xCEB2296F, 0x53C0843A, 0xFE893655, 0x25BFE68A,
+      0xB4628ABC, 0xCF222EBF, 0x25AC6F48, 0xA9A99387, 0x53BDDB65, 0xE76FFBE7,
+      0xE967FD78, 0x0BA93563, 0x8E342BC1, 0xE8A11BE9, 0x4980740D, 0xC8087DFC,
+      0x8DE4BF99, 0xA11101A0, 0x7FD37975, 0xDA5A26C0, 0xE81F994F, 0x9528CD89,
+      0xFD339FED, 0xB87834BF, 0x5F04456D, 0x22258698, 0xC9C4C83B, 0x2DC156BE,
+      0x4F628DAA, 0x57F55EC5, 0xE2220ABE, 0xD2916EBF, 0x4EC75B95, 0x24F2C3C0,
+      0x42D15D99, 0xCD0D7FA0, 0x7B6E27FF, 0xA8DC8AF0, 0x7345C106, 0xF41E232F,
+      0x35162386, 0xE6EA8926, 0x3333B094, 0x157EC6F2, 0x372B74AF, 0x692573E4,
+      0xE9A9D848, 0xF3160289, 0x3A62EF1D, 0xA787E238, 0xF3A5F676, 0x74364853,
+      0x20951063, 0x4576698D, 0xB6FAD407, 0x592AF950, 0x36F73523, 0x4CFB6E87,
+      0x7DA4CEC0, 0x6C152DAA, 0xCB0396A8, 0xC50DFE5D, 0xFCD707AB, 0x0921C42F,
+      0x89DFF0BB, 0x5FE2BE78, 0x448F4F33, 0x754613C9, 0x2B05D08D, 0x48B9D585,
+      0xDC049441, 0xC8098F9B, 0x7DEDE786, 0xC39A3373, 0x42410005, 0x6A091751,
+      0x0EF3C8A6, 0x890072D6, 0x28207682, 0xA9A9F7BE, 0xBF32679D, 0xD45B5B75,
+      0xB353FD00, 0xCBB0E358, 0x830F220A, 0x1F8FB214, 0xD372CF08, 0xCC3C4A13,
+      0x8CF63166, 0x061C87BE, 0x88C98F88, 0x6062E397, 0x47CF8E7A, 0xB6C85283,
+      0x3CC2ACFB, 0x3FC06976, 0x4E8F0252, 0x64D8314D, 0xDA3870E3, 0x1E665459,
+      0xC10908F0, 0x513021A5, 0x6C5B68B7, 0x822F8AA0, 0x3007CD3E, 0x74719EEF,
+      0xDC872681, 0x073340D4, 0x7E432FD9, 0x0C5EC241, 0x8809286C, 0xF592D891,
+      0x08A930F6, 0x957EF305, 0xB7FBFFBD, 0xC266E96F, 0x6FE4AC98, 0xB173ECC0,
+      0xBC60B42A, 0x953498DA, 0xFBA1AE12, 0x2D4BD736, 0x0F25FAAB, 0xA4F3FCEB,
+      0xE2969123, 0x257F0C3D, 0x9348AF49, 0x361400BC, 0xE8816F4A, 0x3814F200,
+      0xA3F94043, 0x9C7A54C2, 0xBC704F57, 0xDA41E7F9, 0xC25AD33A, 0x54F4A084,
+      0xB17F5505, 0x59357CBE, 0xEDBD15C8, 0x7F97C5AB, 0xBA5AC7B5, 0xB6F6DEAF,
+      0x3A479C3A, 0x5302DA25, 0x653D7E6A, 0x54268D49, 0x51A477EA, 0x5017D55B,
+      0xD7D25D88, 0x44136C76, 0x0404A8C8, 0xB8E5A121, 0xB81A928A, 0x60ED5869,
+      0x97C55B96, 0xEAEC991B, 0x29935913, 0x01FDB7F1, 0x088E8DFA, 0x9AB6F6F5,
+      0x3B4CBF9F, 0x4A5DE3AB, 0xE6051D35, 0xA0E1D855, 0xD36B4CF1, 0xF544EDEB,
+      0xB0E93524, 0xBEBB8FBD, 0xA2D762CF, 0x49C92F54, 0x38B5F331, 0x7128A454,
+      0x48392905, 0xA65B1DB8, 0x851C97BD, 0xD675CF2F };
+  private static final int[] S7 = {
+      0x85E04019, 0x332BF567, 0x662DBFFF, 0xCFC65693, 0x2A8D7F6F, 0xAB9BC912,
+      0xDE6008A1, 0x2028DA1F, 0x0227BCE7, 0x4D642916, 0x18FAC300, 0x50F18B82,
+      0x2CB2CB11, 0xB232E75C, 0x4B3695F2, 0xB28707DE, 0xA05FBCF6, 0xCD4181E9,
+      0xE150210C, 0xE24EF1BD, 0xB168C381, 0xFDE4E789, 0x5C79B0D8, 0x1E8BFD43,
+      0x4D495001, 0x38BE4341, 0x913CEE1D, 0x92A79C3F, 0x089766BE, 0xBAEEADF4,
+      0x1286BECF, 0xB6EACB19, 0x2660C200, 0x7565BDE4, 0x64241F7A, 0x8248DCA9,
+      0xC3B3AD66, 0x28136086, 0x0BD8DFA8, 0x356D1CF2, 0x107789BE, 0xB3B2E9CE,
+      0x0502AA8F, 0x0BC0351E, 0x166BF52A, 0xEB12FF82, 0xE3486911, 0xD34D7516,
+      0x4E7B3AFF, 0x5F43671B, 0x9CF6E037, 0x4981AC83, 0x334266CE, 0x8C9341B7,
+      0xD0D854C0, 0xCB3A6C88, 0x47BC2829, 0x4725BA37, 0xA66AD22B, 0x7AD61F1E,
+      0x0C5CBAFA, 0x4437F107, 0xB6E79962, 0x42D2D816, 0x0A961288, 0xE1A5C06E,
+      0x13749E67, 0x72FC081A, 0xB1D139F7, 0xF9583745, 0xCF19DF58, 0xBEC3F756,
+      0xC06EBA30, 0x07211B24, 0x45C28829, 0xC95E317F, 0xBC8EC511, 0x38BC46E9,
+      0xC6E6FA14, 0xBAE8584A, 0xAD4EBC46, 0x468F508B, 0x7829435F, 0xF124183B,
+      0x821DBA9F, 0xAFF60FF4, 0xEA2C4E6D, 0x16E39264, 0x92544A8B, 0x009B4FC3,
+      0xABA68CED, 0x9AC96F78, 0x06A5B79A, 0xB2856E6E, 0x1AEC3CA9, 0xBE838688,
+      0x0E0804E9, 0x55F1BE56, 0xE7E5363B, 0xB3A1F25D, 0xF7DEBB85, 0x61FE033C,
+      0x16746233, 0x3C034C28, 0xDA6D0C74, 0x79AAC56C, 0x3CE4E1AD, 0x51F0C802,
+      0x98F8F35A, 0x1626A49F, 0xEED82B29, 0x1D382FE3, 0x0C4FB99A, 0xBB325778,
+      0x3EC6D97B, 0x6E77A6A9, 0xCB658B5C, 0xD45230C7, 0x2BD1408B, 0x60C03EB7,
+      0xB9068D78, 0xA33754F4, 0xF430C87D, 0xC8A71302, 0xB96D8C32, 0xEBD4E7BE,
+      0xBE8B9D2D, 0x7979FB06, 0xE7225308, 0x8B75CF77, 0x11EF8DA4, 0xE083C858,
+      0x8D6B786F, 0x5A6317A6, 0xFA5CF7A0, 0x5DDA0033, 0xF28EBFB0, 0xF5B9C310,
+      0xA0EAC280, 0x08B9767A, 0xA3D9D2B0, 0x79D34217, 0x021A718D, 0x9AC6336A,
+      0x2711FD60, 0x438050E3, 0x069908A8, 0x3D7FEDC4, 0x826D2BEF, 0x4EEB8476,
+      0x488DCF25, 0x36C9D566, 0x28E74E41, 0xC2610ACA, 0x3D49A9CF, 0xBAE3B9DF,
+      0xB65F8DE6, 0x92AEAF64, 0x3AC7D5E6, 0x9EA80509, 0xF22B017D, 0xA4173F70,
+      0xDD1E16C3, 0x15E0D7F9, 0x50B1B887, 0x2B9F4FD5, 0x625ABA82, 0x6A017962,
+      0x2EC01B9C, 0x15488AA9, 0xD716E740, 0x40055A2C, 0x93D29A22, 0xE32DBF9A,
+      0x058745B9, 0x3453DC1E, 0xD699296E, 0x496CFF6F, 0x1C9F4986, 0xDFE2ED07,
+      0xB87242D1, 0x19DE7EAE, 0x053E561A, 0x15AD6F8C, 0x66626C1C, 0x7154C24C,
+      0xEA082B2A, 0x93EB2939, 0x17DCB0F0, 0x58D4F2AE, 0x9EA294FB, 0x52CF564C,
+      0x9883FE66, 0x2EC40581, 0x763953C3, 0x01D6692E, 0xD3A0C108, 0xA1E7160E,
+      0xE4F2DFA6, 0x693ED285, 0x74904698, 0x4C2B0EDD, 0x4F757656, 0x5D393378,
+      0xA132234F, 0x3D321C5D, 0xC3F5E194, 0x4B269301, 0xC79F022F, 0x3C997E7E,
+      0x5E4F9504, 0x3FFAFBBD, 0x76F7AD0E, 0x296693F4, 0x3D1FCE6F, 0xC61E45BE,
+      0xD3B5AB34, 0xF72BF9B7, 0x1B0434C0, 0x4E72B567, 0x5592A33D, 0xB5229301,
+      0xCFD2A87F, 0x60AEB767, 0x1814386B, 0x30BCC33D, 0x38A0C07D, 0xFD1606F2,
+      0xC363519B, 0x589DD390, 0x5479F8E6, 0x1CB8D647, 0x97FD61A9, 0xEA7759F4,
+      0x2D57539D, 0x569A58CF, 0xE84E63AD, 0x462E1B78, 0x6580F87E, 0xF3817914,
+      0x91DA55F4, 0x40A230F3, 0xD1988F35, 0xB6E318D2, 0x3FFA50BC, 0x3D40F021,
+      0xC3C0BDAE, 0x4958C24C, 0x518F36B2, 0x84B1D370, 0x0FEDCE83, 0x878DDADA,
+      0xF2A279C7, 0x94E01BE8, 0x90716F4B, 0x954B8AA3 };
+  private static final int[] S8 = {
+      0xE216300D, 0xBBDDFFFC, 0xA7EBDABD, 0x35648095, 0x7789F8B7, 0xE6C1121B,
+      0x0E241600, 0x052CE8B5, 0x11A9CFB0, 0xE5952F11, 0xECE7990A, 0x9386D174,
+      0x2A42931C, 0x76E38111, 0xB12DEF3A, 0x37DDDDFC, 0xDE9ADEB1, 0x0A0CC32C,
+      0xBE197029, 0x84A00940, 0xBB243A0F, 0xB4D137CF, 0xB44E79F0, 0x049EEDFD,
+      0x0B15A15D, 0x480D3168, 0x8BBBDE5A, 0x669DED42, 0xC7ECE831, 0x3F8F95E7,
+      0x72DF191B, 0x7580330D, 0x94074251, 0x5C7DCDFA, 0xABBE6D63, 0xAA402164,
+      0xB301D40A, 0x02E7D1CA, 0x53571DAE, 0x7A3182A2, 0x12A8DDEC, 0xFDAA335D,
+      0x176F43E8, 0x71FB46D4, 0x38129022, 0xCE949AD4, 0xB84769AD, 0x965BD862,
+      0x82F3D055, 0x66FB9767, 0x15B80B4E, 0x1D5B47A0, 0x4CFDE06F, 0xC28EC4B8,
+      0x57E8726E, 0x647A78FC, 0x99865D44, 0x608BD593, 0x6C200E03, 0x39DC5FF6,
+      0x5D0B00A3, 0xAE63AFF2, 0x7E8BD632, 0x70108C0C, 0xBBD35049, 0x2998DF04,
+      0x980CF42A, 0x9B6DF491, 0x9E7EDD53, 0x06918548, 0x58CB7E07, 0x3B74EF2E,
+      0x522FFFB1, 0xD24708CC, 0x1C7E27CD, 0xA4EB215B, 0x3CF1D2E2, 0x19B47A38,
+      0x424F7618, 0x35856039, 0x9D17DEE7, 0x27EB35E6, 0xC9AFF67B, 0x36BAF5B8,
+      0x09C467CD, 0xC18910B1, 0xE11DBF7B, 0x06CD1AF8, 0x7170C608, 0x2D5E3354,
+      0xD4DE495A, 0x64C6D006, 0xBCC0C62C, 0x3DD00DB3, 0x708F8F34, 0x77D51B42,
+      0x264F620F, 0x24B8D2BF, 0x15C1B79E, 0x46A52564, 0xF8D7E54E, 0x3E378160,
+      0x7895CDA5, 0x859C15A5, 0xE6459788, 0xC37BC75F, 0xDB07BA0C, 0x0676A3AB,
+      0x7F229B1E, 0x31842E7B, 0x24259FD7, 0xF8BEF472, 0x835FFCB8, 0x6DF4C1F2,
+      0x96F5B195, 0xFD0AF0FC, 0xB0FE134C, 0xE2506D3D, 0x4F9B12EA, 0xF215F225,
+      0xA223736F, 0x9FB4C428, 0x25D04979, 0x34C713F8, 0xC4618187, 0xEA7A6E98,
+      0x7CD16EFC, 0x1436876C, 0xF1544107, 0xBEDEEE14, 0x56E9AF27, 0xA04AA441,
+      0x3CF7C899, 0x92ECBAE6, 0xDD67016D, 0x151682EB, 0xA842EEDF, 0xFDBA60B4,
+      0xF1907B75, 0x20E3030F, 0x24D8C29E, 0xE139673B, 0xEFA63FB8, 0x71873054,
+      0xB6F2CF3B, 0x9F326442, 0xCB15A4CC, 0xB01A4504, 0xF1E47D8D, 0x844A1BE5,
+      0xBAE7DFDC, 0x42CBDA70, 0xCD7DAE0A, 0x57E85B7A, 0xD53F5AF6, 0x20CF4D8C,
+      0xCEA4D428, 0x79D130A4, 0x3486EBFB, 0x33D3CDDC, 0x77853B53, 0x37EFFCB5,
+      0xC5068778, 0xE580B3E6, 0x4E68B8F4, 0xC5C8B37E, 0x0D809EA2, 0x398FEB7C,
+      0x132A4F94, 0x43B7950E, 0x2FEE7D1C, 0x223613BD, 0xDD06CAA2, 0x37DF932B,
+      0xC4248289, 0xACF3EBC3, 0x5715F6B7, 0xEF3478DD, 0xF267616F, 0xC148CBE4,
+      0x9052815E, 0x5E410FAB, 0xB48A2465, 0x2EDA7FA4, 0xE87B40E4, 0xE98EA084,
+      0x5889E9E1, 0xEFD390FC, 0xDD07D35B, 0xDB485694, 0x38D7E5B2, 0x57720101,
+      0x730EDEBC, 0x5B643113, 0x94917E4F, 0x503C2FBA, 0x646F1282, 0x7523D24A,
+      0xE0779695, 0xF9C17A8F, 0x7A5B2121, 0xD187B896, 0x29263A4D, 0xBA510CDF,
+      0x81F47C9F, 0xAD1163ED, 0xEA7B5965, 0x1A00726E, 0x11403092, 0x00DA6D77,
+      0x4A0CDD61, 0xAD1F4603, 0x605BDFB0, 0x9EEDC364, 0x22EBE6A8, 0xCEE7D28A,
+      0xA0E736A0, 0x5564A6B9, 0x10853209, 0xC7EB8F37, 0x2DE705CA, 0x8951570F,
+      0xDF09822B, 0xBD691A6C, 0xAA12E4F2, 0x87451C0F, 0xE0F6A27A, 0x3ADA4819,
+      0x4CF1764F, 0x0D771C2B, 0x67CDB156, 0x350D8384, 0x5938FA0F, 0x42399EF3,
+      0x36997B07, 0x0E84093D, 0x4AA93E61, 0x8360D87B, 0x1FA98B0C, 0x1149382C,
+      0xE97625A5, 0x0614D1B7, 0x0E25244B, 0x0C768347, 0x589E8D82, 0x0D2059D1,
+      0xA466BB1E, 0xF8DA0A82, 0x04F19130, 0xBA6E4EC0, 0x99265164, 0x1EE7230D,
+      0x50B2AD80, 0xEAEE6801, 0x8DB2A283, 0xEA8BF59E };
   private static final int _12_ROUNDS = 12;
-
   private static final int _16_ROUNDS = 16;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial 0-arguments constructor. */
   public Cast5()
   {
     super(Registry.CAST5_CIPHER, DEFAULT_BLOCK_SIZE, DEFAULT_KEY_SIZE);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
    * Assuming the input is a 32-bit block organised as: b31b30b29...b0, this
    * method returns an array of 4 Java ints, containing from position 0 onward
@@ -848,26 +485,17 @@ public class Cast5 extends BaseCipher
     return new int[] { x >>> 24, (x >>> 16) & 0xFF, (x >>> 8) & 0xFF, x & 0xFF };
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.lang.Cloneable interface implementation ----------------------------
-
   public Object clone()
   {
     Cast5 result = new Cast5();
     result.currentBlockSize = this.currentBlockSize;
-
     return result;
   }
 
-  // IBlockCipherSpi interface implementation --------------------------------
-
   public Iterator blockSizes()
   {
     ArrayList al = new ArrayList();
-    al.add(new Integer(DEFAULT_BLOCK_SIZE));
-
+    al.add(Integer.valueOf(DEFAULT_BLOCK_SIZE));
     return Collections.unmodifiableList(al).iterator();
   }
 
@@ -875,49 +503,43 @@ public class Cast5 extends BaseCipher
   {
     ArrayList al = new ArrayList();
     for (int n = 5; n < 17; n++)
-      {
-        al.add(new Integer(n));
-      }
-
+      al.add(Integer.valueOf(n));
     return Collections.unmodifiableList(al).iterator();
   }
 
   public Object makeKey(byte[] uk, int bs) throws InvalidKeyException
   {
     if (bs != DEFAULT_BLOCK_SIZE)
-      {
-        throw new IllegalArgumentException();
-      }
+      throw new IllegalArgumentException();
     if (uk == null)
-      {
-        throw new InvalidKeyException("Empty key");
-      }
+      throw new InvalidKeyException("Empty key");
     int len = uk.length;
     if (len < 5 || len > 16)
-      {
-        throw new InvalidKeyException(
-                                      "Key size (in bytes) is not in the range [5..16]");
-      }
-
+      throw new InvalidKeyException("Key size (in bytes) is not in the range [5..16]");
     Cast5Key result = new Cast5Key();
     result.rounds = (len < 11) ? _12_ROUNDS : _16_ROUNDS;
     byte[] kk = new byte[16];
     System.arraycopy(uk, 0, kk, 0, len);
-
     int z0z1z2z3, z4z5z6z7, z8z9zAzB, zCzDzEzF;
     int z0, z1, z2, z3, z4, z5, z6, z7, z8, z9, zA, zB, zC, zD, zE, zF;
     int x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, xA, xB, xC, xD, xE, xF;
     int[] b;
-
-    int x0x1x2x3 = kk[0] << 24 | (kk[1] & 0xFF) << 16 | (kk[2] & 0xFF) << 8
-                   | (kk[3] & 0xFF);
-    int x4x5x6x7 = kk[4] << 24 | (kk[5] & 0xFF) << 16 | (kk[6] & 0xFF) << 8
-                   | (kk[7] & 0xFF);
-    int x8x9xAxB = kk[8] << 24 | (kk[9] & 0xFF) << 16 | (kk[10] & 0xFF) << 8
-                   | (kk[11] & 0xFF);
-    int xCxDxExF = kk[12] << 24 | (kk[13] & 0xFF) << 16 | (kk[14] & 0xFF) << 8
-                   | (kk[15] & 0xFF);
-
+    int x0x1x2x3 =  kk[0 ]         << 24
+                 | (kk[1 ] & 0xFF) << 16
+                 | (kk[2 ] & 0xFF) << 8
+                 | (kk[3 ] & 0xFF);
+    int x4x5x6x7 =  kk[4 ]         << 24
+                 | (kk[5 ] & 0xFF) << 16
+                 | (kk[6 ] & 0xFF) << 8
+                 | (kk[7 ] & 0xFF);
+    int x8x9xAxB =  kk[8 ]         << 24
+                 | (kk[9 ] & 0xFF) << 16
+                 | (kk[10] & 0xFF) << 8
+                 | (kk[11] & 0xFF);
+    int xCxDxExF =  kk[12]         << 24
+                 | (kk[13] & 0xFF) << 16
+                 | (kk[14] & 0xFF) << 8
+                 | (kk[15] & 0xFF);
     b = unscramble(x0x1x2x3);
     x0 = b[0];
     x1 = b[1];
@@ -938,7 +560,6 @@ public class Cast5 extends BaseCipher
     xD = b[1];
     xE = b[2];
     xF = b[3];
-
     z0z1z2z3 = x0x1x2x3 ^ S5[xD] ^ S6[xF] ^ S7[xC] ^ S8[xE] ^ S7[x8];
     b = unscramble(z0z1z2z3);
     z0 = b[0];
@@ -963,12 +584,10 @@ public class Cast5 extends BaseCipher
     zD = b[1];
     zE = b[2];
     zF = b[3];
-
     result.Km0 = S5[z8] ^ S6[z9] ^ S7[z7] ^ S8[z6] ^ S5[z2];
     result.Km1 = S5[zA] ^ S6[zB] ^ S7[z5] ^ S8[z4] ^ S6[z6];
     result.Km2 = S5[zC] ^ S6[zD] ^ S7[z3] ^ S8[z2] ^ S7[z9];
     result.Km3 = S5[zE] ^ S6[zF] ^ S7[z1] ^ S8[z0] ^ S8[zC];
-
     x0x1x2x3 = z8z9zAzB ^ S5[z5] ^ S6[z7] ^ S7[z4] ^ S8[z6] ^ S7[z0];
     b = unscramble(x0x1x2x3);
     x0 = b[0];
@@ -993,12 +612,10 @@ public class Cast5 extends BaseCipher
     xD = b[1];
     xE = b[2];
     xF = b[3];
-
     result.Km4 = S5[x3] ^ S6[x2] ^ S7[xC] ^ S8[xD] ^ S5[x8];
     result.Km5 = S5[x1] ^ S6[x0] ^ S7[xE] ^ S8[xF] ^ S6[xD];
     result.Km6 = S5[x7] ^ S6[x6] ^ S7[x8] ^ S8[x9] ^ S7[x3];
     result.Km7 = S5[x5] ^ S6[x4] ^ S7[xA] ^ S8[xB] ^ S8[x7];
-
     z0z1z2z3 = x0x1x2x3 ^ S5[xD] ^ S6[xF] ^ S7[xC] ^ S8[xE] ^ S7[x8];
     b = unscramble(z0z1z2z3);
     z0 = b[0];
@@ -1023,12 +640,10 @@ public class Cast5 extends BaseCipher
     zD = b[1];
     zE = b[2];
     zF = b[3];
-
     result.Km8 = S5[z3] ^ S6[z2] ^ S7[zC] ^ S8[zD] ^ S5[z9];
     result.Km9 = S5[z1] ^ S6[z0] ^ S7[zE] ^ S8[zF] ^ S6[zC];
     result.Km10 = S5[z7] ^ S6[z6] ^ S7[z8] ^ S8[z9] ^ S7[z2];
     result.Km11 = S5[z5] ^ S6[z4] ^ S7[zA] ^ S8[zB] ^ S8[z6];
-
     x0x1x2x3 = z8z9zAzB ^ S5[z5] ^ S6[z7] ^ S7[z4] ^ S8[z6] ^ S7[z0];
     b = unscramble(x0x1x2x3);
     x0 = b[0];
@@ -1053,17 +668,14 @@ public class Cast5 extends BaseCipher
     xD = b[1];
     xE = b[2];
     xF = b[3];
-
     result.Km12 = S5[x8] ^ S6[x9] ^ S7[x7] ^ S8[x6] ^ S5[x3];
     result.Km13 = S5[xA] ^ S6[xB] ^ S7[x5] ^ S8[x4] ^ S6[x7];
     result.Km14 = S5[xC] ^ S6[xD] ^ S7[x3] ^ S8[x2] ^ S7[x8];
     result.Km15 = S5[xE] ^ S6[xF] ^ S7[x1] ^ S8[x0] ^ S8[xD];
-
     // The remaining half is identical to what is given above, carrying on
     // from the last created x0..xF to generate keys K17 - K32. These keys
     // will be used as the 'rotation' keys and as such only the five least
     // significant bits are to be considered.
-
     z0z1z2z3 = x0x1x2x3 ^ S5[xD] ^ S6[xF] ^ S7[xC] ^ S8[xE] ^ S7[x8];
     b = unscramble(z0z1z2z3);
     z0 = b[0];
@@ -1088,12 +700,10 @@ public class Cast5 extends BaseCipher
     zD = b[1];
     zE = b[2];
     zF = b[3];
-
     result.Kr0 = (S5[z8] ^ S6[z9] ^ S7[z7] ^ S8[z6] ^ S5[z2]) & 0x1F;
     result.Kr1 = (S5[zA] ^ S6[zB] ^ S7[z5] ^ S8[z4] ^ S6[z6]) & 0x1F;
     result.Kr2 = (S5[zC] ^ S6[zD] ^ S7[z3] ^ S8[z2] ^ S7[z9]) & 0x1F;
     result.Kr3 = (S5[zE] ^ S6[zF] ^ S7[z1] ^ S8[z0] ^ S8[zC]) & 0x1F;
-
     x0x1x2x3 = z8z9zAzB ^ S5[z5] ^ S6[z7] ^ S7[z4] ^ S8[z6] ^ S7[z0];
     b = unscramble(x0x1x2x3);
     x0 = b[0];
@@ -1118,12 +728,10 @@ public class Cast5 extends BaseCipher
     xD = b[1];
     xE = b[2];
     xF = b[3];
-
     result.Kr4 = (S5[x3] ^ S6[x2] ^ S7[xC] ^ S8[xD] ^ S5[x8]) & 0x1F;
     result.Kr5 = (S5[x1] ^ S6[x0] ^ S7[xE] ^ S8[xF] ^ S6[xD]) & 0x1F;
     result.Kr6 = (S5[x7] ^ S6[x6] ^ S7[x8] ^ S8[x9] ^ S7[x3]) & 0x1F;
     result.Kr7 = (S5[x5] ^ S6[x4] ^ S7[xA] ^ S8[xB] ^ S8[x7]) & 0x1F;
-
     z0z1z2z3 = x0x1x2x3 ^ S5[xD] ^ S6[xF] ^ S7[xC] ^ S8[xE] ^ S7[x8];
     b = unscramble(z0z1z2z3);
     z0 = b[0];
@@ -1148,12 +756,10 @@ public class Cast5 extends BaseCipher
     zD = b[1];
     zE = b[2];
     zF = b[3];
-
     result.Kr8 = (S5[z3] ^ S6[z2] ^ S7[zC] ^ S8[zD] ^ S5[z9]) & 0x1F;
     result.Kr9 = (S5[z1] ^ S6[z0] ^ S7[zE] ^ S8[zF] ^ S6[zC]) & 0x1F;
     result.Kr10 = (S5[z7] ^ S6[z6] ^ S7[z8] ^ S8[z9] ^ S7[z2]) & 0x1F;
     result.Kr11 = (S5[z5] ^ S6[z4] ^ S7[zA] ^ S8[zB] ^ S8[z6]) & 0x1F;
-
     x0x1x2x3 = z8z9zAzB ^ S5[z5] ^ S6[z7] ^ S7[z4] ^ S8[z6] ^ S7[z0];
     b = unscramble(x0x1x2x3);
     x0 = b[0];
@@ -1178,23 +784,19 @@ public class Cast5 extends BaseCipher
     xD = b[1];
     xE = b[2];
     xF = b[3];
-
     result.Kr12 = (S5[x8] ^ S6[x9] ^ S7[x7] ^ S8[x6] ^ S5[x3]) & 0x1F;
     result.Kr13 = (S5[xA] ^ S6[xB] ^ S7[x5] ^ S8[x4] ^ S6[x7]) & 0x1F;
     result.Kr14 = (S5[xC] ^ S6[xD] ^ S7[x3] ^ S8[x2] ^ S7[x8]) & 0x1F;
     result.Kr15 = (S5[xE] ^ S6[xF] ^ S7[x1] ^ S8[x0] ^ S8[xD]) & 0x1F;
-
     return result;
   }
 
   /**
-   * <p>The full encryption algorithm is given in the following four steps.</p>
-   *
+   * The full encryption algorithm is given in the following four steps.
    * <pre>
    *    INPUT:  plaintext m1...m64; key K = k1...k128.
    *    OUTPUT: ciphertext c1...c64.
    * </pre>
-   *
    * <ol>
    *   <li>(key schedule) Compute 16 pairs of subkeys {Kmi, Kri} from a user
    *    key (see makeKey() method).</li>
@@ -1210,13 +812,12 @@ public class Cast5 extends BaseCipher
    *   <li>c1...c64 <-- (R16,L16). (Exchange final blocks L16, R16 and
    *    concatenate to form the ciphertext.)</li>
    * </ol>
-   *
-   * <p>Decryption is identical to the encryption algorithm given above, except
+   * <p>
+   * Decryption is identical to the encryption algorithm given above, except
    * that the rounds (and therefore the subkey pairs) are used in reverse order
-   * to compute (L0,R0) from (R16,L16).</p>
-   *
-   * <p>Looking at the iterations/rounds in pairs we have:</p>
-   *
+   * to compute (L0,R0) from (R16,L16).
+   * <p>
+   * Looking at the iterations/rounds in pairs we have:
    * <pre>
    *    (1a)    Li = Ri-1;
    *    (1b)    Ri = Li-1 ^ Fi(Ri-1);
@@ -1249,16 +850,16 @@ public class Cast5 extends BaseCipher
   public void encrypt(byte[] in, int i, byte[] out, int j, Object k, int bs)
   {
     if (bs != DEFAULT_BLOCK_SIZE)
-      {
-        throw new IllegalArgumentException();
-      }
+      throw new IllegalArgumentException();
     Cast5Key K = (Cast5Key) k;
-
-    int L = (in[i++] & 0xFF) << 24 | (in[i++] & 0xFF) << 16
-            | (in[i++] & 0xFF) << 8 | in[i++] & 0xFF;
-    int R = (in[i++] & 0xFF) << 24 | (in[i++] & 0xFF) << 16
-            | (in[i++] & 0xFF) << 8 | in[i] & 0xFF;
-
+    int L = (in[i++] & 0xFF) << 24
+          | (in[i++] & 0xFF) << 16
+          | (in[i++] & 0xFF) << 8
+          |  in[i++] & 0xFF;
+    int R = (in[i++] & 0xFF) << 24
+          | (in[i++] & 0xFF) << 16
+          | (in[i++] & 0xFF) << 8
+          |  in[i  ] & 0xFF;
     L ^= f1(R, K.Km0, K.Kr0);
     R ^= f2(L, K.Km1, K.Kr1); // round 2
     L ^= f3(R, K.Km2, K.Kr2);
@@ -1278,30 +879,29 @@ public class Cast5 extends BaseCipher
         L ^= f3(R, K.Km14, K.Kr14);
         R ^= f1(L, K.Km15, K.Kr15); // round 16
       }
-
-    out[j++] = (byte) (R >>> 24);
-    out[j++] = (byte) (R >>> 16);
-    out[j++] = (byte) (R >>> 8);
+    out[j++] = (byte)(R >>> 24);
+    out[j++] = (byte)(R >>> 16);
+    out[j++] = (byte)(R >>> 8);
     out[j++] = (byte) R;
-    out[j++] = (byte) (L >>> 24);
-    out[j++] = (byte) (L >>> 16);
-    out[j++] = (byte) (L >>> 8);
-    out[j] = (byte) L;
+    out[j++] = (byte)(L >>> 24);
+    out[j++] = (byte)(L >>> 16);
+    out[j++] = (byte)(L >>> 8);
+    out[j  ] = (byte) L;
   }
 
   public void decrypt(byte[] in, int i, byte[] out, int j, Object k, int bs)
   {
     if (bs != DEFAULT_BLOCK_SIZE)
-      {
-        throw new IllegalArgumentException();
-      }
+      throw new IllegalArgumentException();
     Cast5Key K = (Cast5Key) k;
-
-    int L = (in[i++] & 0xFF) << 24 | (in[i++] & 0xFF) << 16
-            | (in[i++] & 0xFF) << 8 | in[i++] & 0xFF;
-    int R = (in[i++] & 0xFF) << 24 | (in[i++] & 0xFF) << 16
-            | (in[i++] & 0xFF) << 8 | in[i] & 0xFF;
-
+    int L = (in[i++] & 0xFF) << 24
+          | (in[i++] & 0xFF) << 16
+          | (in[i++] & 0xFF) << 8
+          |  in[i++] & 0xFF;
+    int R = (in[i++] & 0xFF) << 24
+          | (in[i++] & 0xFF) << 16
+          | (in[i++] & 0xFF) << 8
+          |  in[i  ] & 0xFF;
     if (K.rounds == _16_ROUNDS)
       {
         L ^= f1(R, K.Km15, K.Kr15);
@@ -1321,15 +921,14 @@ public class Cast5 extends BaseCipher
     R ^= f3(L, K.Km2, K.Kr2);
     L ^= f2(R, K.Km1, K.Kr1);
     R ^= f1(L, K.Km0, K.Kr0);
-
-    out[j++] = (byte) (R >>> 24);
-    out[j++] = (byte) (R >>> 16);
-    out[j++] = (byte) (R >>> 8);
+    out[j++] = (byte)(R >>> 24);
+    out[j++] = (byte)(R >>> 16);
+    out[j++] = (byte)(R >>> 8);
     out[j++] = (byte) R;
-    out[j++] = (byte) (L >>> 24);
-    out[j++] = (byte) (L >>> 16);
-    out[j++] = (byte) (L >>> 8);
-    out[j] = (byte) L;
+    out[j++] = (byte)(L >>> 24);
+    out[j++] = (byte)(L >>> 16);
+    out[j++] = (byte)(L >>> 8);
+    out[j  ] = (byte) L;
   }
 
   public boolean selfTest()
@@ -1338,54 +937,51 @@ public class Cast5 extends BaseCipher
       {
         boolean result = super.selfTest(); // do symmetry tests
         if (result)
-          {
-            result = testKat(KAT_KEY, KAT_CT, KAT_PT);
-          }
+          result = testKat(KAT_KEY, KAT_CT, KAT_PT);
         valid = Boolean.valueOf(result);
       }
     return valid.booleanValue();
   }
 
-  // helper methods ----------------------------------------------------------
-
   private final int f1(int I, int m, int r)
   {
     I = m + I;
     I = I << r | I >>> (32 - r);
-    return (((S1[(I >>> 24) & 0xFF]) ^ S2[(I >>> 16) & 0xFF]) - S3[(I >>> 8) & 0xFF])
-           + S4[I & 0xFF];
+    return (((S1[(I >>> 24) & 0xFF])
+            ^ S2[(I >>> 16) & 0xFF])
+            - S3[(I >>>  8) & 0xFF])
+            + S4[ I         & 0xFF];
   }
 
   private final int f2(int I, int m, int r)
   {
     I = m ^ I;
     I = I << r | I >>> (32 - r);
-    return (((S1[(I >>> 24) & 0xFF]) - S2[(I >>> 16) & 0xFF]) + S3[(I >>> 8) & 0xFF])
-           ^ S4[I & 0xFF];
+    return (((S1[(I >>> 24) & 0xFF])
+            - S2[(I >>> 16) & 0xFF])
+            + S3[(I >>>  8) & 0xFF])
+            ^ S4[ I         & 0xFF];
   }
 
   private final int f3(int I, int m, int r)
   {
     I = m - I;
     I = I << r | I >>> (32 - r);
-    return (((S1[(I >>> 24) & 0xFF]) + S2[(I >>> 16) & 0xFF]) ^ S3[(I >>> 8) & 0xFF])
-           - S4[I & 0xFF];
+    return (((S1[(I >>> 24) & 0xFF])
+            + S2[(I >>> 16) & 0xFF])
+            ^ S3[(I >>>  8) & 0xFF])
+            - S4[ I         & 0xFF];
   }
 
-  // Inner class(es)
-  // =========================================================================
-
   /** An opaque CAST5 key object. */
   private class Cast5Key
   {
     int rounds;
-
     /** Masking session keys. */
-    int Km0, Km1, Km2, Km3, Km4, Km5, Km6, Km7, Km8, Km9, Km10, Km11, Km12,
-        Km13, Km14, Km15;
-
+    int Km0, Km1, Km2,  Km3,  Km4,  Km5,  Km6,  Km7,
+        Km8, Km9, Km10, Km11, Km12, Km13, Km14, Km15;
     /** Rotation session keys. */
-    int Kr0, Kr1, Kr2, Kr3, Kr4, Kr5, Kr6, Kr7, Kr8, Kr9, Kr10, Kr11, Kr12,
-        Kr13, Kr14, Kr15;
+    int Kr0, Kr1, Kr2,  Kr3,  Kr4,  Kr5,  Kr6,  Kr7,
+        Kr8, Kr9, Kr10, Kr11, Kr12, Kr13, Kr14, Kr15;
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/cipher/CipherFactory.java b/libjava/classpath/gnu/javax/crypto/cipher/CipherFactory.java
index 082bfb8fa2d..d6bb42253b8 100644
--- a/libjava/classpath/gnu/javax/crypto/cipher/CipherFactory.java
+++ b/libjava/classpath/gnu/javax/crypto/cipher/CipherFactory.java
@@ -45,105 +45,69 @@ import java.util.HashSet;
 import java.util.Set;
 
 /**
- * <p>A <i>Factory</i> to instantiate symmetric block cipher instances.</p>
+ * A <i>Factory</i> to instantiate symmetric block cipher instances.
  */
-public class CipherFactory implements Registry
+public class CipherFactory
+    implements Registry
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial constructor to enforce Singleton pattern. */
   private CipherFactory()
   {
     super();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns an instance of a block cipher given its name.</p>
-   *
+   * Returns an instance of a block cipher given its name.
+   * 
    * @param name the case-insensitive name of the symmetric-key block cipher
-   * algorithm.
+   *          algorithm.
    * @return an instance of the designated cipher algorithm, or
-   * <code>null</code> if none is found.
-   * @exception InternalError if the implementation does not pass its
-   * self-test.
+   *         <code>null</code> if none is found.
+   * @exception InternalError if the implementation does not pass its self-test.
    */
   public static final IBlockCipher getInstance(String name)
   {
     if (name == null)
-      {
-        return null;
-      }
-
+      return null;
     name = name.trim();
     IBlockCipher result = null;
     if (name.equalsIgnoreCase(ANUBIS_CIPHER))
-      {
-        result = new Anubis();
-      }
+      result = new Anubis();
     else if (name.equalsIgnoreCase(BLOWFISH_CIPHER))
-      {
-        result = new Blowfish();
-      }
+      result = new Blowfish();
     else if (name.equalsIgnoreCase(DES_CIPHER))
-      {
-        result = new DES();
-      }
+      result = new DES();
     else if (name.equalsIgnoreCase(KHAZAD_CIPHER))
-      {
-        result = new Khazad();
-      }
+      result = new Khazad();
     else if (name.equalsIgnoreCase(RIJNDAEL_CIPHER)
              || name.equalsIgnoreCase(AES_CIPHER))
-      {
-        result = new Rijndael();
-      }
+      result = new Rijndael();
     else if (name.equalsIgnoreCase(SERPENT_CIPHER))
-      {
-        result = new Serpent();
-      }
+      result = new Serpent();
     else if (name.equalsIgnoreCase(SQUARE_CIPHER))
-      {
-        result = new Square();
-      }
+      result = new Square();
     else if (name.equalsIgnoreCase(TRIPLEDES_CIPHER)
              || name.equalsIgnoreCase(DESEDE_CIPHER))
-      {
-        result = new TripleDES();
-      }
+      result = new TripleDES();
     else if (name.equalsIgnoreCase(TWOFISH_CIPHER))
-      {
-        result = new Twofish();
-      }
+      result = new Twofish();
     else if (name.equalsIgnoreCase(CAST5_CIPHER)
-             || (name.equalsIgnoreCase(CAST128_CIPHER) || (name.equalsIgnoreCase(CAST_128_CIPHER))))
-      {
-        result = new Cast5();
-      }
+             || (name.equalsIgnoreCase(CAST128_CIPHER)
+                 || (name.equalsIgnoreCase(CAST_128_CIPHER))))
+      result = new Cast5();
     else if (name.equalsIgnoreCase(NULL_CIPHER))
-      {
-        result = new NullCipher();
-      }
+      result = new NullCipher();
 
-    if (result != null && !result.selfTest())
-      {
-        throw new InternalError(result.name());
-      }
+    if (result != null && ! result.selfTest())
+      throw new InternalError(result.name());
 
     return result;
   }
 
   /**
-   * <p>Returns a {@link Set} of symmetric key block cipher implementation
-   * names supported by this <i>Factory</i>.</p>
-   *
+   * Returns a {@link Set} of symmetric key block cipher implementation names
+   * supported by this <i>Factory</i>.
+   * 
    * @return a {@link Set} of block cipher names (Strings).
    */
   public static final Set getNames()
@@ -160,10 +124,6 @@ public class CipherFactory implements Registry
     hs.add(TWOFISH_CIPHER);
     hs.add(CAST5_CIPHER);
     hs.add(NULL_CIPHER);
-
     return Collections.unmodifiableSet(hs);
   }
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/cipher/DES.java b/libjava/classpath/gnu/javax/crypto/cipher/DES.java
index 8b7627ceaf8..3ced62c3f40 100644
--- a/libjava/classpath/gnu/javax/crypto/cipher/DES.java
+++ b/libjava/classpath/gnu/javax/crypto/cipher/DES.java
@@ -48,353 +48,169 @@ import java.util.Collections;
 import java.util.Iterator;
 
 /**
- * <p>The Data Encryption Standard. DES is a 64-bit block cipher with a 56-bit
+ * The Data Encryption Standard. DES is a 64-bit block cipher with a 56-bit
  * key, developed by IBM in the 1970's for the standardization process begun by
- * the National Bureau of Standards (now NIST).</p>
- *
- * <p>New applications should not use DES except for compatibility.</p>
- *
- * <p>This version is based upon the description and sample implementation in
- * [1].</p>
- *
- * <p>References:</p>
+ * the National Bureau of Standards (now NIST).
+ * <p>
+ * New applications should not use DES except for compatibility.
+ * <p>
+ * This version is based upon the description and sample implementation in
+ * [1].
+ * <p>
+ * References:
  * <ol>
  *    <li>Bruce Schneier, <i>Applied Cryptography: Protocols, Algorithms, and
  *    Source Code in C, Second Edition</i>. (1996 John Wiley and Sons) ISBN
  *    0-471-11709-9. Pages 265--301, 623--632.</li>
  * </ol>
  */
-public class DES extends BaseCipher
+public class DES
+    extends BaseCipher
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** DES operates on 64 bit blocks. */
   public static final int BLOCK_SIZE = 8;
-
   /** DES uses 56 bits of a 64 bit parity-adjusted key. */
   public static final int KEY_SIZE = 8;
-
   // S-Boxes 1 through 8.
-  private static final int[] SP1 = new int[] { 0x01010400, 0x00000000,
-                                              0x00010000, 0x01010404,
-                                              0x01010004, 0x00010404,
-                                              0x00000004, 0x00010000,
-                                              0x00000400, 0x01010400,
-                                              0x01010404, 0x00000400,
-                                              0x01000404, 0x01010004,
-                                              0x01000000, 0x00000004,
-                                              0x00000404, 0x01000400,
-                                              0x01000400, 0x00010400,
-                                              0x00010400, 0x01010000,
-                                              0x01010000, 0x01000404,
-                                              0x00010004, 0x01000004,
-                                              0x01000004, 0x00010004,
-                                              0x00000000, 0x00000404,
-                                              0x00010404, 0x01000000,
-                                              0x00010000, 0x01010404,
-                                              0x00000004, 0x01010000,
-                                              0x01010400, 0x01000000,
-                                              0x01000000, 0x00000400,
-                                              0x01010004, 0x00010000,
-                                              0x00010400, 0x01000004,
-                                              0x00000400, 0x00000004,
-                                              0x01000404, 0x00010404,
-                                              0x01010404, 0x00010004,
-                                              0x01010000, 0x01000404,
-                                              0x01000004, 0x00000404,
-                                              0x00010404, 0x01010400,
-                                              0x00000404, 0x01000400,
-                                              0x01000400, 0x00000000,
-                                              0x00010004, 0x00010400,
-                                              0x00000000, 0x01010004 };
-
-  private static final int[] SP2 = new int[] { 0x80108020, 0x80008000,
-                                              0x00008000, 0x00108020,
-                                              0x00100000, 0x00000020,
-                                              0x80100020, 0x80008020,
-                                              0x80000020, 0x80108020,
-                                              0x80108000, 0x80000000,
-                                              0x80008000, 0x00100000,
-                                              0x00000020, 0x80100020,
-                                              0x00108000, 0x00100020,
-                                              0x80008020, 0x00000000,
-                                              0x80000000, 0x00008000,
-                                              0x00108020, 0x80100000,
-                                              0x00100020, 0x80000020,
-                                              0x00000000, 0x00108000,
-                                              0x00008020, 0x80108000,
-                                              0x80100000, 0x00008020,
-                                              0x00000000, 0x00108020,
-                                              0x80100020, 0x00100000,
-                                              0x80008020, 0x80100000,
-                                              0x80108000, 0x00008000,
-                                              0x80100000, 0x80008000,
-                                              0x00000020, 0x80108020,
-                                              0x00108020, 0x00000020,
-                                              0x00008000, 0x80000000,
-                                              0x00008020, 0x80108000,
-                                              0x00100000, 0x80000020,
-                                              0x00100020, 0x80008020,
-                                              0x80000020, 0x00100020,
-                                              0x00108000, 0x00000000,
-                                              0x80008000, 0x00008020,
-                                              0x80000000, 0x80100020,
-                                              0x80108020, 0x00108000 };
-
-  private static final int[] SP3 = new int[] { 0x00000208, 0x08020200,
-                                              0x00000000, 0x08020008,
-                                              0x08000200, 0x00000000,
-                                              0x00020208, 0x08000200,
-                                              0x00020008, 0x08000008,
-                                              0x08000008, 0x00020000,
-                                              0x08020208, 0x00020008,
-                                              0x08020000, 0x00000208,
-                                              0x08000000, 0x00000008,
-                                              0x08020200, 0x00000200,
-                                              0x00020200, 0x08020000,
-                                              0x08020008, 0x00020208,
-                                              0x08000208, 0x00020200,
-                                              0x00020000, 0x08000208,
-                                              0x00000008, 0x08020208,
-                                              0x00000200, 0x08000000,
-                                              0x08020200, 0x08000000,
-                                              0x00020008, 0x00000208,
-                                              0x00020000, 0x08020200,
-                                              0x08000200, 0x00000000,
-                                              0x00000200, 0x00020008,
-                                              0x08020208, 0x08000200,
-                                              0x08000008, 0x00000200,
-                                              0x00000000, 0x08020008,
-                                              0x08000208, 0x00020000,
-                                              0x08000000, 0x08020208,
-                                              0x00000008, 0x00020208,
-                                              0x00020200, 0x08000008,
-                                              0x08020000, 0x08000208,
-                                              0x00000208, 0x08020000,
-                                              0x00020208, 0x00000008,
-                                              0x08020008, 0x00020200 };
-
-  private static final int[] SP4 = new int[] { 0x00802001, 0x00002081,
-                                              0x00002081, 0x00000080,
-                                              0x00802080, 0x00800081,
-                                              0x00800001, 0x00002001,
-                                              0x00000000, 0x00802000,
-                                              0x00802000, 0x00802081,
-                                              0x00000081, 0x00000000,
-                                              0x00800080, 0x00800001,
-                                              0x00000001, 0x00002000,
-                                              0x00800000, 0x00802001,
-                                              0x00000080, 0x00800000,
-                                              0x00002001, 0x00002080,
-                                              0x00800081, 0x00000001,
-                                              0x00002080, 0x00800080,
-                                              0x00002000, 0x00802080,
-                                              0x00802081, 0x00000081,
-                                              0x00800080, 0x00800001,
-                                              0x00802000, 0x00802081,
-                                              0x00000081, 0x00000000,
-                                              0x00000000, 0x00802000,
-                                              0x00002080, 0x00800080,
-                                              0x00800081, 0x00000001,
-                                              0x00802001, 0x00002081,
-                                              0x00002081, 0x00000080,
-                                              0x00802081, 0x00000081,
-                                              0x00000001, 0x00002000,
-                                              0x00800001, 0x00002001,
-                                              0x00802080, 0x00800081,
-                                              0x00002001, 0x00002080,
-                                              0x00800000, 0x00802001,
-                                              0x00000080, 0x00800000,
-                                              0x00002000, 0x00802080 };
-
-  private static final int[] SP5 = new int[] { 0x00000100, 0x02080100,
-                                              0x02080000, 0x42000100,
-                                              0x00080000, 0x00000100,
-                                              0x40000000, 0x02080000,
-                                              0x40080100, 0x00080000,
-                                              0x02000100, 0x40080100,
-                                              0x42000100, 0x42080000,
-                                              0x00080100, 0x40000000,
-                                              0x02000000, 0x40080000,
-                                              0x40080000, 0x00000000,
-                                              0x40000100, 0x42080100,
-                                              0x42080100, 0x02000100,
-                                              0x42080000, 0x40000100,
-                                              0x00000000, 0x42000000,
-                                              0x02080100, 0x02000000,
-                                              0x42000000, 0x00080100,
-                                              0x00080000, 0x42000100,
-                                              0x00000100, 0x02000000,
-                                              0x40000000, 0x02080000,
-                                              0x42000100, 0x40080100,
-                                              0x02000100, 0x40000000,
-                                              0x42080000, 0x02080100,
-                                              0x40080100, 0x00000100,
-                                              0x02000000, 0x42080000,
-                                              0x42080100, 0x00080100,
-                                              0x42000000, 0x42080100,
-                                              0x02080000, 0x00000000,
-                                              0x40080000, 0x42000000,
-                                              0x00080100, 0x02000100,
-                                              0x40000100, 0x00080000,
-                                              0x00000000, 0x40080000,
-                                              0x02080100, 0x40000100 };
-
-  private static final int[] SP6 = new int[] { 0x20000010, 0x20400000,
-                                              0x00004000, 0x20404010,
-                                              0x20400000, 0x00000010,
-                                              0x20404010, 0x00400000,
-                                              0x20004000, 0x00404010,
-                                              0x00400000, 0x20000010,
-                                              0x00400010, 0x20004000,
-                                              0x20000000, 0x00004010,
-                                              0x00000000, 0x00400010,
-                                              0x20004010, 0x00004000,
-                                              0x00404000, 0x20004010,
-                                              0x00000010, 0x20400010,
-                                              0x20400010, 0x00000000,
-                                              0x00404010, 0x20404000,
-                                              0x00004010, 0x00404000,
-                                              0x20404000, 0x20000000,
-                                              0x20004000, 0x00000010,
-                                              0x20400010, 0x00404000,
-                                              0x20404010, 0x00400000,
-                                              0x00004010, 0x20000010,
-                                              0x00400000, 0x20004000,
-                                              0x20000000, 0x00004010,
-                                              0x20000010, 0x20404010,
-                                              0x00404000, 0x20400000,
-                                              0x00404010, 0x20404000,
-                                              0x00000000, 0x20400010,
-                                              0x00000010, 0x00004000,
-                                              0x20400000, 0x00404010,
-                                              0x00004000, 0x00400010,
-                                              0x20004010, 0x00000000,
-                                              0x20404000, 0x20000000,
-                                              0x00400010, 0x20004010 };
-
-  private static final int[] SP7 = new int[] { 0x00200000, 0x04200002,
-                                              0x04000802, 0x00000000,
-                                              0x00000800, 0x04000802,
-                                              0x00200802, 0x04200800,
-                                              0x04200802, 0x00200000,
-                                              0x00000000, 0x04000002,
-                                              0x00000002, 0x04000000,
-                                              0x04200002, 0x00000802,
-                                              0x04000800, 0x00200802,
-                                              0x00200002, 0x04000800,
-                                              0x04000002, 0x04200000,
-                                              0x04200800, 0x00200002,
-                                              0x04200000, 0x00000800,
-                                              0x00000802, 0x04200802,
-                                              0x00200800, 0x00000002,
-                                              0x04000000, 0x00200800,
-                                              0x04000000, 0x00200800,
-                                              0x00200000, 0x04000802,
-                                              0x04000802, 0x04200002,
-                                              0x04200002, 0x00000002,
-                                              0x00200002, 0x04000000,
-                                              0x04000800, 0x00200000,
-                                              0x04200800, 0x00000802,
-                                              0x00200802, 0x04200800,
-                                              0x00000802, 0x04000002,
-                                              0x04200802, 0x04200000,
-                                              0x00200800, 0x00000000,
-                                              0x00000002, 0x04200802,
-                                              0x00000000, 0x00200802,
-                                              0x04200000, 0x00000800,
-                                              0x04000002, 0x04000800,
-                                              0x00000800, 0x00200002 };
-
-  private static final int[] SP8 = new int[] { 0x10001040, 0x00001000,
-                                              0x00040000, 0x10041040,
-                                              0x10000000, 0x10001040,
-                                              0x00000040, 0x10000000,
-                                              0x00040040, 0x10040000,
-                                              0x10041040, 0x00041000,
-                                              0x10041000, 0x00041040,
-                                              0x00001000, 0x00000040,
-                                              0x10040000, 0x10000040,
-                                              0x10001000, 0x00001040,
-                                              0x00041000, 0x00040040,
-                                              0x10040040, 0x10041000,
-                                              0x00001040, 0x00000000,
-                                              0x00000000, 0x10040040,
-                                              0x10000040, 0x10001000,
-                                              0x00041040, 0x00040000,
-                                              0x00041040, 0x00040000,
-                                              0x10041000, 0x00001000,
-                                              0x00000040, 0x10040040,
-                                              0x00001000, 0x00041040,
-                                              0x10001000, 0x00000040,
-                                              0x10000040, 0x10040000,
-                                              0x10040040, 0x10000000,
-                                              0x00040000, 0x10001040,
-                                              0x00000000, 0x10041040,
-                                              0x00040040, 0x10000040,
-                                              0x10040000, 0x10001000,
-                                              0x10001040, 0x00000000,
-                                              0x10041040, 0x00041000,
-                                              0x00041000, 0x00001040,
-                                              0x00001040, 0x00040040,
-                                              0x10000000, 0x10041000 };
-
+  private static final int[] SP1 = new int[] {
+      0x01010400, 0x00000000, 0x00010000, 0x01010404, 0x01010004, 0x00010404,
+      0x00000004, 0x00010000, 0x00000400, 0x01010400, 0x01010404, 0x00000400,
+      0x01000404, 0x01010004, 0x01000000, 0x00000004, 0x00000404, 0x01000400,
+      0x01000400, 0x00010400, 0x00010400, 0x01010000, 0x01010000, 0x01000404,
+      0x00010004, 0x01000004, 0x01000004, 0x00010004, 0x00000000, 0x00000404,
+      0x00010404, 0x01000000, 0x00010000, 0x01010404, 0x00000004, 0x01010000,
+      0x01010400, 0x01000000, 0x01000000, 0x00000400, 0x01010004, 0x00010000,
+      0x00010400, 0x01000004, 0x00000400, 0x00000004, 0x01000404, 0x00010404,
+      0x01010404, 0x00010004, 0x01010000, 0x01000404, 0x01000004, 0x00000404,
+      0x00010404, 0x01010400, 0x00000404, 0x01000400, 0x01000400, 0x00000000,
+      0x00010004, 0x00010400, 0x00000000, 0x01010004 };
+  private static final int[] SP2 = new int[] {
+      0x80108020, 0x80008000, 0x00008000, 0x00108020, 0x00100000, 0x00000020,
+      0x80100020, 0x80008020, 0x80000020, 0x80108020, 0x80108000, 0x80000000,
+      0x80008000, 0x00100000, 0x00000020, 0x80100020, 0x00108000, 0x00100020,
+      0x80008020, 0x00000000, 0x80000000, 0x00008000, 0x00108020, 0x80100000,
+      0x00100020, 0x80000020, 0x00000000, 0x00108000, 0x00008020, 0x80108000,
+      0x80100000, 0x00008020, 0x00000000, 0x00108020, 0x80100020, 0x00100000,
+      0x80008020, 0x80100000, 0x80108000, 0x00008000, 0x80100000, 0x80008000,
+      0x00000020, 0x80108020, 0x00108020, 0x00000020, 0x00008000, 0x80000000,
+      0x00008020, 0x80108000, 0x00100000, 0x80000020, 0x00100020, 0x80008020,
+      0x80000020, 0x00100020, 0x00108000, 0x00000000, 0x80008000, 0x00008020,
+      0x80000000, 0x80100020, 0x80108020, 0x00108000 };
+  private static final int[] SP3 = new int[] {
+      0x00000208, 0x08020200, 0x00000000, 0x08020008, 0x08000200, 0x00000000,
+      0x00020208, 0x08000200, 0x00020008, 0x08000008, 0x08000008, 0x00020000,
+      0x08020208, 0x00020008, 0x08020000, 0x00000208, 0x08000000, 0x00000008,
+      0x08020200, 0x00000200, 0x00020200, 0x08020000, 0x08020008, 0x00020208,
+      0x08000208, 0x00020200, 0x00020000, 0x08000208, 0x00000008, 0x08020208,
+      0x00000200, 0x08000000, 0x08020200, 0x08000000, 0x00020008, 0x00000208,
+      0x00020000, 0x08020200, 0x08000200, 0x00000000, 0x00000200, 0x00020008,
+      0x08020208, 0x08000200, 0x08000008, 0x00000200, 0x00000000, 0x08020008,
+      0x08000208, 0x00020000, 0x08000000, 0x08020208, 0x00000008, 0x00020208,
+      0x00020200, 0x08000008, 0x08020000, 0x08000208, 0x00000208, 0x08020000,
+      0x00020208, 0x00000008, 0x08020008, 0x00020200 };
+  private static final int[] SP4 = new int[] {
+      0x00802001, 0x00002081, 0x00002081, 0x00000080, 0x00802080, 0x00800081,
+      0x00800001, 0x00002001, 0x00000000, 0x00802000, 0x00802000, 0x00802081,
+      0x00000081, 0x00000000, 0x00800080, 0x00800001, 0x00000001, 0x00002000,
+      0x00800000, 0x00802001, 0x00000080, 0x00800000, 0x00002001, 0x00002080,
+      0x00800081, 0x00000001, 0x00002080, 0x00800080, 0x00002000, 0x00802080,
+      0x00802081, 0x00000081, 0x00800080, 0x00800001, 0x00802000, 0x00802081,
+      0x00000081, 0x00000000, 0x00000000, 0x00802000, 0x00002080, 0x00800080,
+      0x00800081, 0x00000001, 0x00802001, 0x00002081, 0x00002081, 0x00000080,
+      0x00802081, 0x00000081, 0x00000001, 0x00002000, 0x00800001, 0x00002001,
+      0x00802080, 0x00800081, 0x00002001, 0x00002080, 0x00800000, 0x00802001,
+      0x00000080, 0x00800000, 0x00002000, 0x00802080 };
+  private static final int[] SP5 = new int[] {
+      0x00000100, 0x02080100, 0x02080000, 0x42000100, 0x00080000, 0x00000100,
+      0x40000000, 0x02080000, 0x40080100, 0x00080000, 0x02000100, 0x40080100,
+      0x42000100, 0x42080000, 0x00080100, 0x40000000, 0x02000000, 0x40080000,
+      0x40080000, 0x00000000, 0x40000100, 0x42080100, 0x42080100, 0x02000100,
+      0x42080000, 0x40000100, 0x00000000, 0x42000000, 0x02080100, 0x02000000,
+      0x42000000, 0x00080100, 0x00080000, 0x42000100, 0x00000100, 0x02000000,
+      0x40000000, 0x02080000, 0x42000100, 0x40080100, 0x02000100, 0x40000000,
+      0x42080000, 0x02080100, 0x40080100, 0x00000100, 0x02000000, 0x42080000,
+      0x42080100, 0x00080100, 0x42000000, 0x42080100, 0x02080000, 0x00000000,
+      0x40080000, 0x42000000, 0x00080100, 0x02000100, 0x40000100, 0x00080000,
+      0x00000000, 0x40080000, 0x02080100, 0x40000100 };
+  private static final int[] SP6 = new int[] {
+      0x20000010, 0x20400000, 0x00004000, 0x20404010, 0x20400000, 0x00000010,
+      0x20404010, 0x00400000, 0x20004000, 0x00404010, 0x00400000, 0x20000010,
+      0x00400010, 0x20004000, 0x20000000, 0x00004010, 0x00000000, 0x00400010,
+      0x20004010, 0x00004000, 0x00404000, 0x20004010, 0x00000010, 0x20400010,
+      0x20400010, 0x00000000, 0x00404010, 0x20404000, 0x00004010, 0x00404000,
+      0x20404000, 0x20000000, 0x20004000, 0x00000010, 0x20400010, 0x00404000,
+      0x20404010, 0x00400000, 0x00004010, 0x20000010, 0x00400000, 0x20004000,
+      0x20000000, 0x00004010, 0x20000010, 0x20404010, 0x00404000, 0x20400000,
+      0x00404010, 0x20404000, 0x00000000, 0x20400010, 0x00000010, 0x00004000,
+      0x20400000, 0x00404010, 0x00004000, 0x00400010, 0x20004010, 0x00000000,
+      0x20404000, 0x20000000, 0x00400010, 0x20004010 };
+  private static final int[] SP7 = new int[] {
+      0x00200000, 0x04200002, 0x04000802, 0x00000000, 0x00000800, 0x04000802,
+      0x00200802, 0x04200800, 0x04200802, 0x00200000, 0x00000000, 0x04000002,
+      0x00000002, 0x04000000, 0x04200002, 0x00000802, 0x04000800, 0x00200802,
+      0x00200002, 0x04000800, 0x04000002, 0x04200000, 0x04200800, 0x00200002,
+      0x04200000, 0x00000800, 0x00000802, 0x04200802, 0x00200800, 0x00000002,
+      0x04000000, 0x00200800, 0x04000000, 0x00200800, 0x00200000, 0x04000802,
+      0x04000802, 0x04200002, 0x04200002, 0x00000002, 0x00200002, 0x04000000,
+      0x04000800, 0x00200000, 0x04200800, 0x00000802, 0x00200802, 0x04200800,
+      0x00000802, 0x04000002, 0x04200802, 0x04200000, 0x00200800, 0x00000000,
+      0x00000002, 0x04200802, 0x00000000, 0x00200802, 0x04200000, 0x00000800,
+      0x04000002, 0x04000800, 0x00000800, 0x00200002 };
+  private static final int[] SP8 = new int[] {
+      0x10001040, 0x00001000, 0x00040000, 0x10041040, 0x10000000, 0x10001040,
+      0x00000040, 0x10000000, 0x00040040, 0x10040000, 0x10041040, 0x00041000,
+      0x10041000, 0x00041040, 0x00001000, 0x00000040, 0x10040000, 0x10000040,
+      0x10001000, 0x00001040, 0x00041000, 0x00040040, 0x10040040, 0x10041000,
+      0x00001040, 0x00000000, 0x00000000, 0x10040040, 0x10000040, 0x10001000,
+      0x00041040, 0x00040000, 0x00041040, 0x00040000, 0x10041000, 0x00001000,
+      0x00000040, 0x10040040, 0x00001000, 0x00041040, 0x10001000, 0x00000040,
+      0x10000040, 0x10040000, 0x10040040, 0x10000000, 0x00040000, 0x10001040,
+      0x00000000, 0x10041040, 0x00040040, 0x10000040, 0x10040000, 0x10001000,
+      0x10001040, 0x00000000, 0x10041040, 0x00041000, 0x00041000, 0x00001040,
+      0x00001040, 0x00040040, 0x10000000, 0x10041000 };
   /**
    * Constants that help in determining whether or not a byte array is parity
    * adjusted.
    */
-  private static final byte[] PARITY = { 8, 1, 0, 8, 0, 8, 8, 0, 0, 8, 8, 0, 8,
-                                        0, 2, 8, 0, 8, 8, 0, 8, 0, 0, 8, 8, 0,
-                                        0, 8, 0, 8, 8, 3, 0, 8, 8, 0, 8, 0, 0,
-                                        8, 8, 0, 0, 8, 0, 8, 8, 0, 8, 0, 0, 8,
-                                        0, 8, 8, 0, 0, 8, 8, 0, 8, 0, 0, 8, 0,
-                                        8, 8, 0, 8, 0, 0, 8, 8, 0, 0, 8, 0, 8,
-                                        8, 0, 8, 0, 0, 8, 0, 8, 8, 0, 0, 8, 8,
-                                        0, 8, 0, 0, 8, 8, 0, 0, 8, 0, 8, 8, 0,
-                                        0, 8, 8, 0, 8, 0, 0, 8, 0, 8, 8, 0, 8,
-                                        0, 0, 8, 8, 0, 0, 8, 0, 8, 8, 0, 0, 8,
-                                        8, 0, 8, 0, 0, 8, 8, 0, 0, 8, 0, 8, 8,
-                                        0, 8, 0, 0, 8, 0, 8, 8, 0, 0, 8, 8, 0,
-                                        8, 0, 0, 8, 8, 0, 0, 8, 0, 8, 8, 0, 0,
-                                        8, 8, 0, 8, 0, 0, 8, 0, 8, 8, 0, 8, 0,
-                                        0, 8, 8, 0, 0, 8, 0, 8, 8, 0, 8, 0, 0,
-                                        8, 0, 8, 8, 0, 0, 8, 8, 0, 8, 0, 0, 8,
-                                        0, 8, 8, 0, 8, 0, 0, 8, 8, 0, 0, 8, 0,
-                                        8, 8, 0, 4, 8, 8, 0, 8, 0, 0, 8, 8, 0,
-                                        0, 8, 0, 8, 8, 0, 8, 5, 0, 8, 0, 8, 8,
-                                        0, 0, 8, 8, 0, 8, 0, 6, 8 };
-
+  private static final byte[] PARITY = {
+      8, 1, 0, 8, 0, 8, 8, 0, 0, 8, 8, 0, 8, 0, 2, 8,
+      0, 8, 8, 0, 8, 0, 0, 8, 8, 0, 0, 8, 0, 8, 8, 3,
+      0, 8, 8, 0, 8, 0, 0, 8, 8, 0, 0, 8, 0, 8, 8, 0,
+      8, 0, 0, 8, 0, 8, 8, 0, 0, 8, 8, 0, 8, 0, 0, 8,
+      0, 8, 8, 0, 8, 0, 0, 8, 8, 0, 0, 8, 0, 8, 8, 0,
+      8, 0, 0, 8, 0, 8, 8, 0, 0, 8, 8, 0, 8, 0, 0, 8,
+      8, 0, 0, 8, 0, 8, 8, 0, 0, 8, 8, 0, 8, 0, 0, 8,
+      0, 8, 8, 0, 8, 0, 0, 8, 8, 0, 0, 8, 0, 8, 8, 0,
+      0, 8, 8, 0, 8, 0, 0, 8, 8, 0, 0, 8, 0, 8, 8, 0,
+      8, 0, 0, 8, 0, 8, 8, 0, 0, 8, 8, 0, 8, 0, 0, 8,
+      8, 0, 0, 8, 0, 8, 8, 0, 0, 8, 8, 0, 8, 0, 0, 8,
+      0, 8, 8, 0, 8, 0, 0, 8, 8, 0, 0, 8, 0, 8, 8, 0,
+      8, 0, 0, 8, 0, 8, 8, 0, 0, 8, 8, 0, 8, 0, 0, 8,
+      0, 8, 8, 0, 8, 0, 0, 8, 8, 0, 0, 8, 0, 8, 8, 0,
+      4, 8, 8, 0, 8, 0, 0, 8, 8, 0, 0, 8, 0, 8, 8, 0,
+      8, 5, 0, 8, 0, 8, 8, 0, 0, 8, 8, 0, 8, 0, 6, 8 };
   // Key schedule constants.
-
-  private static final byte[] ROTARS = { 1, 2, 4, 6, 8, 10, 12, 14, 15, 17, 19,
-                                        21, 23, 25, 27, 28 };
-
-  private static final byte[] PC1 = { 56, 48, 40, 32, 24, 16, 8, 0, 57, 49, 41,
-                                     33, 25, 17, 9, 1, 58, 50, 42, 34, 26, 18,
-                                     10, 2, 59, 51, 43, 35, 62, 54, 46, 38, 30,
-                                     22, 14, 6, 61, 53, 45, 37, 29, 21, 13, 5,
-                                     60, 52, 44, 36, 28, 20, 12, 4, 27, 19, 11,
-                                     3 };
-
-  private static final byte[] PC2 = { 13, 16, 10, 23, 0, 4, 2, 27, 14, 5, 20,
-                                     9, 22, 18, 11, 3, 25, 7, 15, 6, 26, 19,
-                                     12, 1, 40, 51, 30, 36, 46, 54, 29, 39, 50,
-                                     44, 32, 47, 43, 48, 38, 55, 33, 52, 45,
-                                     41, 49, 35, 28, 31 };
-
+  private static final byte[] ROTARS = {
+      1, 2, 4, 6, 8, 10, 12, 14, 15, 17, 19, 21, 23, 25, 27, 28 };
+  private static final byte[] PC1 = {
+      56, 48, 40, 32, 24, 16,  8,  0, 57, 49, 41, 33, 25, 17,  9,  1,
+      58, 50, 42, 34, 26, 18, 10,  2, 59, 51, 43, 35, 62, 54, 46, 38,
+      30, 22, 14,  6, 61, 53, 45, 37, 29, 21, 13,  5, 60, 52, 44, 36,
+      28, 20, 12,  4, 27, 19, 11,  3 };
+  private static final byte[] PC2 = {
+      13, 16, 10, 23,  0,  4,  2, 27, 14,  5, 20,  9, 22, 18, 11,  3,
+      25,  7, 15,  6, 26, 19, 12,  1, 40, 51, 30, 36, 46, 54, 29, 39,
+      50, 44, 32, 47, 43, 48, 38, 55, 33, 52, 45, 41, 49, 35, 28, 31 };
   /**
    * Weak keys (parity adjusted): If all the bits in each half are either 0
    * or 1, then the key used for any cycle of the algorithm is the same as
    * all other cycles. 
    */
   public static final byte[][] WEAK_KEYS = {
-                                            Util.toBytesFromString("0101010101010101"),
-                                            Util.toBytesFromString("01010101FEFEFEFE"),
-                                            Util.toBytesFromString("FEFEFEFE01010101"),
-                                            Util.toBytesFromString("FEFEFEFEFEFEFEFE") };
-
+      Util.toBytesFromString("0101010101010101"),
+      Util.toBytesFromString("01010101FEFEFEFE"),
+      Util.toBytesFromString("FEFEFEFE01010101"),
+      Util.toBytesFromString("FEFEFEFEFEFEFEFE") };
   /**
    * Semi-weak keys (parity adjusted):  Some pairs of keys encrypt plain text
    * to identical cipher text. In other words, one key in the pair can decrypt
@@ -403,73 +219,69 @@ public class DES extends BaseCipher
    * generated, these semi-weak keys produce only two different sub-keys.
    */
   public static final byte[][] SEMIWEAK_KEYS = {
-                                                Util.toBytesFromString("01FE01FE01FE01FE"),
-                                                Util.toBytesFromString("FE01FE01FE01FE01"),
-                                                Util.toBytesFromString("1FE01FE00EF10EF1"),
-                                                Util.toBytesFromString("E01FE01FF10EF10E"),
-                                                Util.toBytesFromString("01E001E001F101F1"),
-                                                Util.toBytesFromString("E001E001F101F101"),
-                                                Util.toBytesFromString("1FFE1FFE0EFE0EFE"),
-                                                Util.toBytesFromString("FE1FFE1FFE0EFE0E"),
-                                                Util.toBytesFromString("011F011F010E010E"),
-                                                Util.toBytesFromString("1F011F010E010E01"),
-                                                Util.toBytesFromString("E0FEE0FEF1FEF1FE"),
-                                                Util.toBytesFromString("FEE0FEE0FEF1FEF1") };
-
+      Util.toBytesFromString("01FE01FE01FE01FE"),
+      Util.toBytesFromString("FE01FE01FE01FE01"),
+      Util.toBytesFromString("1FE01FE00EF10EF1"),
+      Util.toBytesFromString("E01FE01FF10EF10E"),
+      Util.toBytesFromString("01E001E001F101F1"),
+      Util.toBytesFromString("E001E001F101F101"),
+      Util.toBytesFromString("1FFE1FFE0EFE0EFE"),
+      Util.toBytesFromString("FE1FFE1FFE0EFE0E"),
+      Util.toBytesFromString("011F011F010E010E"),
+      Util.toBytesFromString("1F011F010E010E01"),
+      Util.toBytesFromString("E0FEE0FEF1FEF1FE"),
+      Util.toBytesFromString("FEE0FEE0FEF1FEF1") };
   /** Possible weak keys (parity adjusted) --produce 4 instead of 16 subkeys. */
   public static final byte[][] POSSIBLE_WEAK_KEYS = {
-                                                     Util.toBytesFromString("1F1F01010E0E0101"),
-                                                     Util.toBytesFromString("011F1F01010E0E01"),
-                                                     Util.toBytesFromString("1F01011F0E01010E"),
-                                                     Util.toBytesFromString("01011F1F01010E0E"),
-                                                     Util.toBytesFromString("E0E00101F1F10101"),
-                                                     Util.toBytesFromString("FEFE0101FEFE0101"),
-                                                     Util.toBytesFromString("FEE01F01FEF10E01"),
-                                                     Util.toBytesFromString("E0FE1F01F1FE0E01"),
-                                                     Util.toBytesFromString("FEE0011FFEF1010E"),
-                                                     Util.toBytesFromString("E0FE011FF1FE010E"),
-                                                     Util.toBytesFromString("E0E01F1FF1F10E0E"),
-                                                     Util.toBytesFromString("FEFE1F1FFEFE0E0E"),
-                                                     Util.toBytesFromString("1F1F01010E0E0101"),
-                                                     Util.toBytesFromString("011F1F01010E0E01"),
-                                                     Util.toBytesFromString("1F01011F0E01010E"),
-                                                     Util.toBytesFromString("01011F1F01010E0E"),
-                                                     Util.toBytesFromString("01E0E00101F1F101"),
-                                                     Util.toBytesFromString("1FFEE0010EFEF001"),
-                                                     Util.toBytesFromString("1FE0FE010EF1FE01"),
-                                                     Util.toBytesFromString("01FEFE0101FEFE01"),
-                                                     Util.toBytesFromString("1FE0E01F0EF1F10E"),
-                                                     Util.toBytesFromString("01FEE01F01FEF10E"),
-                                                     Util.toBytesFromString("01E0FE1F01F1FE0E"),
-                                                     Util.toBytesFromString("1FFEFE1F0EFEFE0E"),
-
-                                                     Util.toBytesFromString("E00101E0F10101F1"),
-                                                     Util.toBytesFromString("FE1F01E0FE0E0EF1"),
-                                                     Util.toBytesFromString("FE011FE0FE010EF1"),
-                                                     Util.toBytesFromString("E01F1FE0F10E0EF1"),
-                                                     Util.toBytesFromString("FE0101FEFE0101FE"),
-                                                     Util.toBytesFromString("E01F01FEF10E01FE"),
-                                                     Util.toBytesFromString("E0011FFEF1010EFE"),
-                                                     Util.toBytesFromString("FE1F1FFEFE0E0EFE"),
-                                                     Util.toBytesFromString("1FFE01E00EFE01F1"),
-                                                     Util.toBytesFromString("01FE1FE001FE0EF1"),
-                                                     Util.toBytesFromString("1FE001FE0EF101FE"),
-                                                     Util.toBytesFromString("01E01FFE01F10EFE"),
-                                                     Util.toBytesFromString("0101E0E00101F1F1"),
-                                                     Util.toBytesFromString("1F1FE0E00E0EF1F1"),
-                                                     Util.toBytesFromString("1F01FEE00E01FEF1"),
-                                                     Util.toBytesFromString("011FFEE0010EFEF1"),
-                                                     Util.toBytesFromString("1F01E0FE0E01F1FE"),
-                                                     Util.toBytesFromString("011FE0FE010EF1FE"),
-                                                     Util.toBytesFromString("0101FEFE0001FEFE"),
-                                                     Util.toBytesFromString("1F1FFEFE0E0EFEFE"),
-                                                     Util.toBytesFromString("FEFEE0E0FEFEF1F1"),
-                                                     Util.toBytesFromString("E0FEFEE0F1FEFEF1"),
-                                                     Util.toBytesFromString("FEE0E0FEFEF1F1FE"),
-                                                     Util.toBytesFromString("E0E0FEFEF1F1FEFE") };
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
+      Util.toBytesFromString("1F1F01010E0E0101"),
+      Util.toBytesFromString("011F1F01010E0E01"),
+      Util.toBytesFromString("1F01011F0E01010E"),
+      Util.toBytesFromString("01011F1F01010E0E"),
+      Util.toBytesFromString("E0E00101F1F10101"),
+      Util.toBytesFromString("FEFE0101FEFE0101"),
+      Util.toBytesFromString("FEE01F01FEF10E01"),
+      Util.toBytesFromString("E0FE1F01F1FE0E01"),
+      Util.toBytesFromString("FEE0011FFEF1010E"),
+      Util.toBytesFromString("E0FE011FF1FE010E"),
+      Util.toBytesFromString("E0E01F1FF1F10E0E"),
+      Util.toBytesFromString("FEFE1F1FFEFE0E0E"),
+      Util.toBytesFromString("1F1F01010E0E0101"),
+      Util.toBytesFromString("011F1F01010E0E01"),
+      Util.toBytesFromString("1F01011F0E01010E"),
+      Util.toBytesFromString("01011F1F01010E0E"),
+      Util.toBytesFromString("01E0E00101F1F101"),
+      Util.toBytesFromString("1FFEE0010EFEF001"),
+      Util.toBytesFromString("1FE0FE010EF1FE01"),
+      Util.toBytesFromString("01FEFE0101FEFE01"),
+      Util.toBytesFromString("1FE0E01F0EF1F10E"),
+      Util.toBytesFromString("01FEE01F01FEF10E"),
+      Util.toBytesFromString("01E0FE1F01F1FE0E"),
+      Util.toBytesFromString("1FFEFE1F0EFEFE0E"),
+
+      Util.toBytesFromString("E00101E0F10101F1"),
+      Util.toBytesFromString("FE1F01E0FE0E0EF1"),
+      Util.toBytesFromString("FE011FE0FE010EF1"),
+      Util.toBytesFromString("E01F1FE0F10E0EF1"),
+      Util.toBytesFromString("FE0101FEFE0101FE"),
+      Util.toBytesFromString("E01F01FEF10E01FE"),
+      Util.toBytesFromString("E0011FFEF1010EFE"),
+      Util.toBytesFromString("FE1F1FFEFE0E0EFE"),
+      Util.toBytesFromString("1FFE01E00EFE01F1"),
+      Util.toBytesFromString("01FE1FE001FE0EF1"),
+      Util.toBytesFromString("1FE001FE0EF101FE"),
+      Util.toBytesFromString("01E01FFE01F10EFE"),
+      Util.toBytesFromString("0101E0E00101F1F1"),
+      Util.toBytesFromString("1F1FE0E00E0EF1F1"),
+      Util.toBytesFromString("1F01FEE00E01FEF1"),
+      Util.toBytesFromString("011FFEE0010EFEF1"),
+      Util.toBytesFromString("1F01E0FE0E01F1FE"),
+      Util.toBytesFromString("011FE0FE010EF1FE"),
+      Util.toBytesFromString("0101FEFE0001FEFE"),
+      Util.toBytesFromString("1F1FFEFE0E0EFEFE"),
+      Util.toBytesFromString("FEFEE0E0FEFEF1F1"),
+      Util.toBytesFromString("E0FEFEE0F1FEFEF1"),
+      Util.toBytesFromString("FEE0E0FEFEF1F1FE"),
+      Util.toBytesFromString("E0E0FEFEF1F1FEFE") };
 
   /** Default 0-argument constructor. */
   public DES()
@@ -477,28 +289,23 @@ public class DES extends BaseCipher
     super(Registry.DES_CIPHER, BLOCK_SIZE, KEY_SIZE);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Adjust the parity for a raw key array. This essentially means that each
+   * Adjust the parity for a raw key array. This essentially means that each
    * byte in the array will have an odd number of '1' bits (the last bit in
-   * each byte is unused.</p>
+   * each byte is unused.
    *
    * @param kb The key array, to be parity-adjusted.
    * @param offset The starting index into the key bytes.
    */
   public static void adjustParity(byte[] kb, int offset)
   {
-    for (int i = offset; i < KEY_SIZE; i++)
-      {
-        kb[i] ^= (PARITY[kb[i] & 0xff] == 8) ? 1 : 0;
-      }
+    for (int i = offset; i < offset + KEY_SIZE; i++)
+      kb[i] ^= (PARITY[kb[i] & 0xff] == 8) ? 1 : 0;
   }
 
   /**
-   * <p>Test if a byte array, which must be at least 8 bytes long, is parity
-   * adjusted.</p>
+   * Test if a byte array, which must be at least 8 bytes long, is parity
+   * adjusted.
    *
    * @param kb The key bytes.
    * @param offset The starting index into the key bytes.
@@ -527,59 +334,35 @@ public class DES extends BaseCipher
   }
 
   /**
-   * <p>Test if a key is a weak key.</p>
+   * Test if a key is a weak key.
    *
    * @param kb The key to test.
    * @return <code>true</code> if the key is weak.
    */
   public static boolean isWeak(byte[] kb)
   {
-    //      return Arrays.equals(kb, WEAK_KEYS[0]) || Arrays.equals(kb, WEAK_KEYS[1])
-    //          || Arrays.equals(kb, WEAK_KEYS[2]) || Arrays.equals(kb, WEAK_KEYS[3])
-    //          || Arrays.equals(kb, WEAK_KEYS[4]) || Arrays.equals(kb, WEAK_KEYS[5])
-    //          || Arrays.equals(kb, WEAK_KEYS[6]) || Arrays.equals(kb, WEAK_KEYS[7]);
     for (int i = 0; i < WEAK_KEYS.length; i++)
-      {
-        if (Arrays.equals(WEAK_KEYS[i], kb))
-          {
-            return true;
-          }
-      }
+      if (Arrays.equals(WEAK_KEYS[i], kb))
+        return true;
     return false;
   }
 
   /**
-   * <p>Test if a key is a semi-weak key.</p>
+   * Test if a key is a semi-weak key.
    *
    * @param kb The key to test.
    * @return <code>true</code> if this key is semi-weak.
    */
   public static boolean isSemiWeak(byte[] kb)
   {
-    //      return Arrays.equals(kb, SEMIWEAK_KEYS[0])
-    //          || Arrays.equals(kb, SEMIWEAK_KEYS[1])
-    //          || Arrays.equals(kb, SEMIWEAK_KEYS[2])
-    //          || Arrays.equals(kb, SEMIWEAK_KEYS[3])
-    //          || Arrays.equals(kb, SEMIWEAK_KEYS[4])
-    //          || Arrays.equals(kb, SEMIWEAK_KEYS[5])
-    //          || Arrays.equals(kb, SEMIWEAK_KEYS[6])
-    //          || Arrays.equals(kb, SEMIWEAK_KEYS[7])
-    //          || Arrays.equals(kb, SEMIWEAK_KEYS[8])
-    //          || Arrays.equals(kb, SEMIWEAK_KEYS[9])
-    //          || Arrays.equals(kb, SEMIWEAK_KEYS[10])
-    //          || Arrays.equals(kb, SEMIWEAK_KEYS[11]);
     for (int i = 0; i < SEMIWEAK_KEYS.length; i++)
-      {
-        if (Arrays.equals(SEMIWEAK_KEYS[i], kb))
-          {
-            return true;
-          }
-      }
+      if (Arrays.equals(SEMIWEAK_KEYS[i], kb))
+        return true;
     return false;
   }
 
   /**
-   * <p>Test if the designated byte array represents a possibly weak key.</p>
+   * Test if the designated byte array represents a possibly weak key.
    *
    * @param kb the byte array to test.
    * @return <code>true</code> if <code>kb</code>represents a possibly weak key.
@@ -588,18 +371,14 @@ public class DES extends BaseCipher
   public static boolean isPossibleWeak(byte[] kb)
   {
     for (int i = 0; i < POSSIBLE_WEAK_KEYS.length; i++)
-      {
-        if (Arrays.equals(POSSIBLE_WEAK_KEYS[i], kb))
-          {
-            return true;
-          }
-      }
+      if (Arrays.equals(POSSIBLE_WEAK_KEYS[i], kb))
+        return true;
     return false;
   }
 
   /**
-   * <p>The core DES function. This is used for both encryption and decryption,
-   * the only difference being the key.</p>
+   * The core DES function. This is used for both encryption and decryption,
+   * the only difference being the key.
    *
    * @param in The input bytes.
    * @param i The starting offset into the input bytes.
@@ -610,13 +389,15 @@ public class DES extends BaseCipher
   private static void desFunc(byte[] in, int i, byte[] out, int o, int[] key)
   {
     int right, left, work;
-
     // Load.
-    left = (in[i++] & 0xff) << 24 | (in[i++] & 0xff) << 16
-           | (in[i++] & 0xff) << 8 | in[i++] & 0xff;
-    right = (in[i++] & 0xff) << 24 | (in[i++] & 0xff) << 16
-            | (in[i++] & 0xff) << 8 | in[i] & 0xff;
-
+    left =  (in[i++] & 0xff) << 24
+          | (in[i++] & 0xff) << 16
+          | (in[i++] & 0xff) << 8
+          |  in[i++] & 0xff;
+    right = (in[i++] & 0xff) << 24
+          | (in[i++] & 0xff) << 16
+          | (in[i++] & 0xff) << 8
+          |  in[i  ] & 0xff;
     // Initial permutation.
     work = ((left >>> 4) ^ right) & 0x0F0F0F0F;
     left ^= work << 4;
@@ -681,7 +462,6 @@ public class DES extends BaseCipher
         t |= SP2[work & 0x3F];
         right ^= t;
       }
-
     // The final permutation.
     right = (right << 31) | (right >>> 1);
     work = (left ^ right) & 0xAAAAAAAA;
@@ -705,19 +485,16 @@ public class DES extends BaseCipher
     right ^= work << 4;
     left ^= work;
 
-    out[o++] = (byte) (right >>> 24);
-    out[o++] = (byte) (right >>> 16);
-    out[o++] = (byte) (right >>> 8);
+    out[o++] = (byte)(right >>> 24);
+    out[o++] = (byte)(right >>> 16);
+    out[o++] = (byte)(right >>> 8);
     out[o++] = (byte) right;
-    out[o++] = (byte) (left >>> 24);
-    out[o++] = (byte) (left >>> 16);
-    out[o++] = (byte) (left >>> 8);
-    out[o] = (byte) left;
+    out[o++] = (byte)(left >>> 24);
+    out[o++] = (byte)(left >>> 16);
+    out[o++] = (byte)(left >>> 8);
+    out[o  ] = (byte) left;
   }
 
-  // Instance methods implementing BaseCipher
-  // -------------------------------------------------------------------------
-
   public Object clone()
   {
     return new DES();
@@ -725,12 +502,12 @@ public class DES extends BaseCipher
 
   public Iterator blockSizes()
   {
-    return Collections.singleton(new Integer(BLOCK_SIZE)).iterator();
+    return Collections.singleton(Integer.valueOf(BLOCK_SIZE)).iterator();
   }
 
   public Iterator keySizes()
   {
-    return Collections.singleton(new Integer(KEY_SIZE)).iterator();
+    return Collections.singleton(Integer.valueOf(KEY_SIZE)).iterator();
   }
 
   public Object makeKey(byte[] kb, int bs) throws InvalidKeyException
@@ -740,9 +517,7 @@ public class DES extends BaseCipher
 
     if (Properties.checkForWeakKeys()
         && (isWeak(kb) || isSemiWeak(kb) || isPossibleWeak(kb)))
-      {
-        throw new WeakKeyException();
-      }
+      throw new WeakKeyException();
 
     int i, j, l, m, n;
     long pc1m = 0, pcr = 0;
@@ -751,11 +526,9 @@ public class DES extends BaseCipher
       {
         l = PC1[i];
         pc1m |= ((kb[l >>> 3] & (0x80 >>> (l & 7))) != 0) ? (1L << (55 - i))
-                                                         : 0;
+                                                          : 0;
       }
-
     Context ctx = new Context();
-
     // Encryption key first.
     for (i = 0; i < 16; i++)
       {
@@ -769,7 +542,7 @@ public class DES extends BaseCipher
               pcr |= ((pc1m & 1L << (55 - l)) != 0) ? (1L << (55 - j)) : 0;
             else
               pcr |= ((pc1m & 1L << (55 - (l - 28))) != 0) ? (1L << (55 - j))
-                                                          : 0;
+                                                           : 0;
           }
         for (j = 28; j < 56; j++)
           {
@@ -778,7 +551,7 @@ public class DES extends BaseCipher
               pcr |= ((pc1m & 1L << (55 - l)) != 0) ? (1L << (55 - j)) : 0;
             else
               pcr |= ((pc1m & 1L << (55 - (l - 28))) != 0) ? (1L << (55 - j))
-                                                          : 0;
+                                                           : 0;
           }
         for (j = 0; j < 24; j++)
           {
@@ -788,36 +561,37 @@ public class DES extends BaseCipher
               ctx.ek[n] |= 1 << (23 - j);
           }
       }
-
     // The decryption key is the same, but in reversed order.
     for (i = 0; i < Context.EXPANDED_KEY_SIZE; i += 2)
       {
         ctx.dk[30 - i] = ctx.ek[i];
         ctx.dk[31 - i] = ctx.ek[i + 1];
       }
-
     // "Cook" the keys.
     for (i = 0; i < 32; i += 2)
       {
         int x, y;
-
         x = ctx.ek[i];
         y = ctx.ek[i + 1];
-
-        ctx.ek[i] = ((x & 0x00FC0000) << 6) | ((x & 0x00000FC0) << 10)
-                    | ((y & 0x00FC0000) >>> 10) | ((y & 0x00000FC0) >>> 6);
-        ctx.ek[i + 1] = ((x & 0x0003F000) << 12) | ((x & 0x0000003F) << 16)
-                        | ((y & 0x0003F000) >>> 4) | (y & 0x0000003F);
-
+        ctx.ek[i    ] = ((x & 0x00FC0000)  <<  6)
+                      | ((x & 0x00000FC0)  << 10)
+                      | ((y & 0x00FC0000) >>> 10)
+                      | ((y & 0x00000FC0) >>>  6);
+        ctx.ek[i + 1] = ((x & 0x0003F000)  << 12)
+                      | ((x & 0x0000003F)  << 16)
+                      | ((y & 0x0003F000) >>>  4)
+                      |  (y & 0x0000003F);
         x = ctx.dk[i];
         y = ctx.dk[i + 1];
-
-        ctx.dk[i] = ((x & 0x00FC0000) << 6) | ((x & 0x00000FC0) << 10)
-                    | ((y & 0x00FC0000) >>> 10) | ((y & 0x00000FC0) >>> 6);
-        ctx.dk[i + 1] = ((x & 0x0003F000) << 12) | ((x & 0x0000003F) << 16)
-                        | ((y & 0x0003F000) >>> 4) | (y & 0x0000003F);
+        ctx.dk[i    ] = ((x & 0x00FC0000)  <<  6)
+                      | ((x & 0x00000FC0)  << 10)
+                      | ((y & 0x00FC0000) >>> 10)
+                      | ((y & 0x00000FC0) >>>  6);
+        ctx.dk[i + 1] = ((x & 0x0003F000)  << 12)
+                      | ((x & 0x0000003F)  << 16)
+                      | ((y & 0x0003F000) >>>  4)
+                      |  (y & 0x0000003F);
       }
-
     return ctx;
   }
 
@@ -831,19 +605,12 @@ public class DES extends BaseCipher
     desFunc(in, i, out, o, ((Context) K).dk);
   }
 
-  // Inner classe(s)
-  // =========================================================================
-
   /**
    * Simple wrapper class around the session keys. Package-private so TripleDES
    * can see it.
    */
   final class Context
   {
-
-    // Constants and variables
-    // ----------------------------------------------------------------------
-
     private static final int EXPANDED_KEY_SIZE = 32;
 
     /** The encryption key. */
@@ -852,9 +619,6 @@ public class DES extends BaseCipher
     /** The decryption key. */
     int[] dk;
 
-    // Constructor(s)
-    // ----------------------------------------------------------------------
-
     /** Default 0-arguments constructor. */
     Context()
     {
@@ -862,12 +626,6 @@ public class DES extends BaseCipher
       dk = new int[EXPANDED_KEY_SIZE];
     }
 
-    // Class methods
-    // ----------------------------------------------------------------------
-
-    // Instance methods
-    // ----------------------------------------------------------------------
-
     byte[] getEncryptionKeyBytes()
     {
       return toByteArray(ek);
@@ -883,12 +641,12 @@ public class DES extends BaseCipher
       byte[] result = new byte[4 * k.length];
       for (int i = 0, j = 0; i < k.length; i++)
         {
-          result[j++] = (byte) (k[i] >>> 24);
-          result[j++] = (byte) (k[i] >>> 16);
-          result[j++] = (byte) (k[i] >>> 8);
+          result[j++] = (byte)(k[i] >>> 24);
+          result[j++] = (byte)(k[i] >>> 16);
+          result[j++] = (byte)(k[i] >>> 8);
           result[j++] = (byte) k[i];
         }
       return result;
     }
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/cipher/IBlockCipher.java b/libjava/classpath/gnu/javax/crypto/cipher/IBlockCipher.java
index 238ee280f83..d1e32ef6599 100644
--- a/libjava/classpath/gnu/javax/crypto/cipher/IBlockCipher.java
+++ b/libjava/classpath/gnu/javax/crypto/cipher/IBlockCipher.java
@@ -43,109 +43,99 @@ import java.util.Iterator;
 import java.util.Map;
 
 /**
- * <p>The basic visible methods of any symmetric key block cipher.</p>
- *
- * <p>A symmetric key block cipher is a function that maps n-bit plaintext
- * blocks to n-bit ciphertext blocks; n being the cipher's <i>block size</i>.
- * This encryption function is parameterised by a k-bit key, and is invertible.
- * Its inverse is the decryption function.</p>
- *
- * <p>Possible initialisation values for an instance of this type are:</p>
- *
+ * The basic visible methods of any symmetric key block cipher.
+ * <p>
+ * A symmetric key block cipher is a function that maps n-bit plaintext blocks
+ * to n-bit ciphertext blocks; n being the cipher's <i>block size</i>. This
+ * encryption function is parameterised by a k-bit key, and is invertible. Its
+ * inverse is the decryption function.
+ * <p>
+ * Possible initialisation values for an instance of this type are:
  * <ul>
- *    <li>The block size in which to operate this block cipher instance. This
- *    value is <b>optional</b>, if unspecified, the block cipher's default
- *    block size shall be used.</li>
- *
- *    <li>The byte array containing the user supplied key material to use for
- *    generating the cipher's session key(s). This value is <b>mandatory</b>
- *    and should be included in the initialisation parameters. If it isn't,
- *    an {@link IllegalStateException} will be thrown if any method, other than
- *    <code>reset()</code> is invoked on the instance. Furthermore, the size of
- *    this key material shall be taken as an indication on the key size in which
- *    to operate this instance.</li>
+ * <li>The block size in which to operate this block cipher instance. This
+ * value is <b>optional</b>, if unspecified, the block cipher's default block
+ * size shall be used.</li>
+ * <li>The byte array containing the user supplied key material to use for
+ * generating the cipher's session key(s). This value is <b>mandatory</b> and
+ * should be included in the initialisation parameters. If it isn't, an
+ * {@link IllegalStateException} will be thrown if any method, other than
+ * <code>reset()</code> is invoked on the instance. Furthermore, the size of
+ * this key material shall be taken as an indication on the key size in which to
+ * operate this instance.</li>
  * </ul>
- *
- * <p><b>IMPLEMENTATION NOTE</b>: Although all the concrete classes in this
+ * <p>
+ * <b>IMPLEMENTATION NOTE</b>: Although all the concrete classes in this
  * package implement the {@link Cloneable} interface, it is important to note
  * here that such an operation <b>DOES NOT</b> clone any session key material
  * that may have been used in initialising the source cipher (the instance to be
  * cloned). Instead a clone of an already initialised cipher is another instance
  * that operates with the <b>same block size</b> but without any knowledge of
- * neither key material nor key size.</p>
+ * neither key material nor key size.
  */
-public interface IBlockCipher extends Cloneable
+public interface IBlockCipher
+    extends Cloneable
 {
-
-  // Constants
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Property name of the block size in which to operate a block cipher.
-   * The value associated with this property name is taken to be an
-   * {@link Integer}.</p>
+   * Property name of the block size in which to operate a block cipher. The
+   * value associated with this property name is taken to be an {@link Integer}.
    */
   String CIPHER_BLOCK_SIZE = "gnu.crypto.cipher.block.size";
-
   /**
-   * <p>Property name of the user-supplied key material. The value associated
-   * to this property name is taken to be a byte array.</p>
+   * Property name of the user-supplied key material. The value associated to
+   * this property name is taken to be a byte array.
    */
   String KEY_MATERIAL = "gnu.crypto.cipher.key.material";
 
-  // Methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns the canonical name of this instance.</p>
-   *
+   * Returns the canonical name of this instance.
+   * 
    * @return the canonical name of this instance.
    */
   String name();
 
   /**
-   * <p>Returns the default value, in bytes, of the algorithm's block size.</p>
-   *
+   * Returns the default value, in bytes, of the algorithm's block size.
+   * 
    * @return the default value, in bytes, of the algorithm's block size.
    */
   int defaultBlockSize();
 
   /**
-   * <p>Returns the default value, in bytes, of the algorithm's key size.</p>
-   *
+   * Returns the default value, in bytes, of the algorithm's key size.
+   * 
    * @return the default value, in bytes, of the algorithm's key size.
    */
   int defaultKeySize();
 
   /**
-   * <p>Returns an {@link Iterator} over the supported block sizes. Each
-   * element returned by this object is an {@link Integer}.</p>
-   *
+   * Returns an {@link Iterator} over the supported block sizes. Each element
+   * returned by this object is an {@link Integer}.
+   * 
    * @return an {@link Iterator} over the supported block sizes.
    */
   Iterator blockSizes();
 
   /**
-   * <p>Returns an {@link Iterator} over the supported key sizes. Each element
-   * returned by this object is an {@link Integer}.</p>
-   *
+   * Returns an {@link Iterator} over the supported key sizes. Each element
+   * returned by this object is an {@link Integer}.
+   * 
    * @return an {@link Iterator} over the supported key sizes.
    */
   Iterator keySizes();
 
   /**
-   * <p>Returns a clone of this instance.</p>
-   *
+   * Returns a clone of this instance.
+   * 
    * @return a clone copy of this instance.
    */
   Object clone();
 
   /**
-   * <p>Initialises the algorithm with designated attributes. Permissible names
-   * and values are described in the class documentation above.</p>
-   *
+   * Initialises the algorithm with designated attributes. Permissible names and
+   * values are described in the class documentation above.
+   * 
    * @param attributes a set of name-value pairs that describes the desired
-   * future behaviour of this instance.
+   *          future behaviour of this instance.
    * @exception InvalidKeyException if the key data is invalid.
    * @exception IllegalStateException if the instance is already initialised.
    * @see #KEY_MATERIAL
@@ -154,25 +144,25 @@ public interface IBlockCipher extends Cloneable
   void init(Map attributes) throws InvalidKeyException, IllegalStateException;
 
   /**
-   * <p>Returns the currently set block size for this instance.</p>
-   *
+   * Returns the currently set block size for this instance.
+   * 
    * @return the current block size for this instance.
    * @exception IllegalStateException if the instance is not initialised.
    */
   int currentBlockSize() throws IllegalStateException;
 
   /**
-   * <p>Resets the algorithm instance for re-initialisation and use with other
-   * characteristics. This method always succeeds.</p>
+   * Resets the algorithm instance for re-initialisation and use with other
+   * characteristics. This method always succeeds.
    */
   void reset();
 
   /**
-   * <p>Encrypts exactly one block of plaintext.</p>
-   *
+   * Encrypts exactly one block of plaintext.
+   * 
    * @param in the plaintext.
    * @param inOffset index of <code>in</code> from which to start considering
-   * data.
+   *          data.
    * @param out the ciphertext.
    * @param outOffset index of <code>out</code> from which to store result.
    * @exception IllegalStateException if the instance is not initialised.
@@ -181,11 +171,11 @@ public interface IBlockCipher extends Cloneable
       throws IllegalStateException;
 
   /**
-   * <p>Decrypts exactly one block of ciphertext.</p>
-   *
+   * Decrypts exactly one block of ciphertext.
+   * 
    * @param in the plaintext.
    * @param inOffset index of <code>in</code> from which to start considering
-   * data.
+   *          data.
    * @param out the ciphertext.
    * @param outOffset index of <code>out</code> from which to store result.
    * @exception IllegalStateException if the instance is not initialised.
@@ -194,12 +184,12 @@ public interface IBlockCipher extends Cloneable
       throws IllegalStateException;
 
   /**
-   * <p>A <i>correctness</i> test that consists of basic symmetric encryption /
+   * A <i>correctness</i> test that consists of basic symmetric encryption /
    * decryption test(s) for all supported block and key sizes, as well as one
-   * (1) variable key Known Answer Test (KAT).</p>
-   *
+   * (1) variable key Known Answer Test (KAT).
+   * 
    * @return <code>true</code> if the implementation passes simple
-   * <i>correctness</i> tests. Returns <code>false</code> otherwise.
+   *         <i>correctness</i> tests. Returns <code>false</code> otherwise.
    */
   boolean selfTest();
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/cipher/IBlockCipherSpi.java b/libjava/classpath/gnu/javax/crypto/cipher/IBlockCipherSpi.java
index 6fe07ca7f50..1023b12d812 100644
--- a/libjava/classpath/gnu/javax/crypto/cipher/IBlockCipherSpi.java
+++ b/libjava/classpath/gnu/javax/crypto/cipher/IBlockCipherSpi.java
@@ -42,38 +42,32 @@ import java.security.InvalidKeyException;
 import java.util.Iterator;
 
 /**
- * <p>Package-private interface exposing mandatory methods to be implemented by
- * concrete {@link gnu.crypto.cipher.BaseCipher} sub-classes.</p>
+ * Package-private interface exposing mandatory methods to be implemented by
+ * concrete {@link BaseCipher} sub-classes.
  */
-interface IBlockCipherSpi extends Cloneable
+interface IBlockCipherSpi
+    extends Cloneable
 {
-
-  // Constants
-  // -------------------------------------------------------------------------
-
-  // Methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns an {@link java.util.Iterator} over the supported block sizes.
-   * Each element returned by this object is a {@link java.lang.Integer}.</p>
-   *
+   * Returns an {@link Iterator} over the supported block sizes. Each element
+   * returned by this object is a {@link java.lang.Integer}.
+   * 
    * @return an <code>Iterator</code> over the supported block sizes.
    */
   Iterator blockSizes();
 
   /**
-   * <p>Returns an {@link java.util.Iterator} over the supported key sizes.
-   * Each element returned by this object is a {@link java.lang.Integer}.</p>
-   *
+   * Returns an {@link Iterator} over the supported key sizes. Each element
+   * returned by this object is a {@link java.lang.Integer}.
+   * 
    * @return an <code>Iterator</code> over the supported key sizes.
    */
   Iterator keySizes();
 
   /**
-   * <p>Expands a user-supplied key material into a session key for a
-   * designated <i>block size</i>.</p>
-   *
+   * Expands a user-supplied key material into a session key for a designated
+   * <i>block size</i>.
+   * 
    * @param k the user-supplied key material.
    * @param bs the desired block size in bytes.
    * @return an Object encapsulating the session key.
@@ -83,46 +77,48 @@ interface IBlockCipherSpi extends Cloneable
   Object makeKey(byte[] k, int bs) throws InvalidKeyException;
 
   /**
-   * <p>Encrypts exactly one block of plaintext.</p>
-   *
+   * Encrypts exactly one block of plaintext.
+   * 
    * @param in the plaintext.
    * @param inOffset index of <code>in</code> from which to start considering
-   * data.
+   *          data.
    * @param out the ciphertext.
-   * @param outOffset index of <code>out</code> from which to store the result.
+   * @param outOffset index of <code>out</code> from which to store the
+   *          result.
    * @param k the session key to use.
    * @param bs the block size to use.
    * @exception IllegalArgumentException if the block size is invalid.
    * @exception ArrayIndexOutOfBoundsException if there is not enough room in
-   * either the plaintext or ciphertext buffers.
+   *              either the plaintext or ciphertext buffers.
    */
   void encrypt(byte[] in, int inOffset, byte[] out, int outOffset, Object k,
                int bs);
 
   /**
-   * <p>Decrypts exactly one block of ciphertext.</p>
-   *
+   * Decrypts exactly one block of ciphertext.
+   * 
    * @param in the ciphertext.
    * @param inOffset index of <code>in</code> from which to start considering
-   * data.
+   *          data.
    * @param out the plaintext.
-   * @param outOffset index of <code>out</code> from which to store the result.
+   * @param outOffset index of <code>out</code> from which to store the
+   *          result.
    * @param k the session key to use.
    * @param bs the block size to use.
    * @exception IllegalArgumentException if the block size is invalid.
    * @exception ArrayIndexOutOfBoundsException if there is not enough room in
-   * either the plaintext or ciphertext buffers.
+   *              either the plaintext or ciphertext buffers.
    */
   void decrypt(byte[] in, int inOffset, byte[] out, int outOffset, Object k,
                int bs);
 
   /**
-   * <p>A <i>correctness</i> test that consists of basic symmetric encryption /
+   * A <i>correctness</i> test that consists of basic symmetric encryption /
    * decryption test(s) for all supported block and key sizes, as well as one
-   * (1) variable key Known Answer Test (KAT).</p>
-   *
+   * (1) variable key Known Answer Test (KAT).
+   * 
    * @return <code>true</code> if the implementation passes simple
-   * <i>correctness</i> tests. Returns <code>false</code> otherwise.
+   *         <i>correctness</i> tests. Returns <code>false</code> otherwise.
    */
   boolean selfTest();
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/cipher/Khazad.java b/libjava/classpath/gnu/javax/crypto/cipher/Khazad.java
index 3a95874da98..491301f5aad 100644
--- a/libjava/classpath/gnu/javax/crypto/cipher/Khazad.java
+++ b/libjava/classpath/gnu/javax/crypto/cipher/Khazad.java
@@ -38,113 +38,79 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.cipher;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.Registry;
 import gnu.java.security.util.Util;
 
-//import java.io.PrintWriter;
 import java.security.InvalidKeyException;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.Iterator;
+import java.util.logging.Logger;
 
 /**
- * <p>Khazad is a 64-bit (legacy-level) block cipher that accepts a 128-bit key.
+ * Khazad is a 64-bit (legacy-level) block cipher that accepts a 128-bit key.
  * The cipher is a uniform substitution-permutation network whose inverse only
  * differs from the forward operation in the key schedule. The overall cipher
  * design follows the Wide Trail strategy, favours component reuse, and permits
- * a wide variety of implementation trade-offs.</p>
- *
- * <p>References:</p>
- *
+ * a wide variety of implementation trade-offs.
+ * <p>
+ * References:
  * <ol>
- *    <li><a href="http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html">The
- *    Khazad Block Cipher</a>.<br>
- *    <a href="mailto:paulo.barreto@terra.com.br">Paulo S.L.M. Barreto</a> and
- *    <a href="mailto:vincent.rijmen@esat.kuleuven.ac.be">Vincent Rijmen</a>.</li>
+ * <li><a
+ * href="http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html">The
+ * Khazad Block Cipher</a>.<br>
+ * <a href="mailto:paulo.barreto@terra.com.br">Paulo S.L.M. Barreto</a> and <a
+ * href="mailto:vincent.rijmen@esat.kuleuven.ac.be">Vincent Rijmen</a>.</li>
  * </ol>
  */
-public final class Khazad extends BaseCipher
+public final class Khazad
+    extends BaseCipher
 {
-
-  // Debugging methods and variables
-  // -------------------------------------------------------------------------
-
-  //   private static final String NAME = "khazad";
-  private static final boolean DEBUG = false;
-
-  private static final int debuglevel = 9;
-
-  //   private static final PrintWriter err = new PrintWriter(System.out, true);
-  //   private static void debug(String s) {
-  //      err.println(">>> "+NAME+": "+s);
-  //   }
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
+  private static final Logger log = Logger.getLogger(Khazad.class.getName());
   private static final int DEFAULT_BLOCK_SIZE = 8; // in bytes
-
   private static final int DEFAULT_KEY_SIZE = 16; // in bytes
-
   private static final int R = 8; // standard number of rounds; para. 3.7
-
   private static final String Sd = // p. 20 [KHAZAD]
-  "\uBA54\u2F74\u53D3\uD24D\u50AC\u8DBF\u7052\u9A4C"
-      + "\uEAD5\u97D1\u3351\u5BA6\uDE48\uA899\uDB32\uB7FC"
-      + "\uE39E\u919B\uE2BB\u416E\uA5CB\u6B95\uA1F3\uB102"
-      + "\uCCC4\u1D14\uC363\uDA5D\u5FDC\u7DCD\u7F5A\u6C5C"
-      + "\uF726\uFFED\uE89D\u6F8E\u19A0\uF089\u0F07\uAFFB"
-      + "\u0815\u0D04\u0164\uDF76\u79DD\u3D16\u3F37\u6D38"
-      + "\uB973\uE935\u5571\u7B8C\u7288\uF62A\u3E5E\u2746"
-      + "\u0C65\u6861\u03C1\u57D6\uD958\uD866\uD73A\uC83C"
-      + "\uFA96\uA798\uECB8\uC7AE\u694B\uABA9\u670A\u47F2"
-      + "\uB522\uE5EE\uBE2B\u8112\u831B\u0E23\uF545\u21CE"
-      + "\u492C\uF9E6\uB628\u1782\u1A8B\uFE8A\u09C9\u874E"
-      + "\uE12E\uE4E0\uEB90\uA41E\u8560\u0025\uF4F1\u940B"
-      + "\uE775\uEF34\u31D4\uD086\u7EAD\uFD29\u303B\u9FF8"
-      + "\uC613\u0605\uC511\u777C\u7A78\u361C\u3959\u1856"
-      + "\uB3B0\u2420\uB292\uA3C0\u4462\u10B4\u8443\u93C2"
-      + "\u4ABD\u8F2D\uBC9C\u6A40\uCFA2\u804F\u1FCA\uAA42";
-
+      "\uBA54\u2F74\u53D3\uD24D\u50AC\u8DBF\u7052\u9A4C"
+    + "\uEAD5\u97D1\u3351\u5BA6\uDE48\uA899\uDB32\uB7FC"
+    + "\uE39E\u919B\uE2BB\u416E\uA5CB\u6B95\uA1F3\uB102"
+    + "\uCCC4\u1D14\uC363\uDA5D\u5FDC\u7DCD\u7F5A\u6C5C"
+    + "\uF726\uFFED\uE89D\u6F8E\u19A0\uF089\u0F07\uAFFB"
+    + "\u0815\u0D04\u0164\uDF76\u79DD\u3D16\u3F37\u6D38"
+    + "\uB973\uE935\u5571\u7B8C\u7288\uF62A\u3E5E\u2746"
+    + "\u0C65\u6861\u03C1\u57D6\uD958\uD866\uD73A\uC83C"
+    + "\uFA96\uA798\uECB8\uC7AE\u694B\uABA9\u670A\u47F2"
+    + "\uB522\uE5EE\uBE2B\u8112\u831B\u0E23\uF545\u21CE"
+    + "\u492C\uF9E6\uB628\u1782\u1A8B\uFE8A\u09C9\u874E"
+    + "\uE12E\uE4E0\uEB90\uA41E\u8560\u0025\uF4F1\u940B"
+    + "\uE775\uEF34\u31D4\uD086\u7EAD\uFD29\u303B\u9FF8"
+    + "\uC613\u0605\uC511\u777C\u7A78\u361C\u3959\u1856"
+    + "\uB3B0\u2420\uB292\uA3C0\u4462\u10B4\u8443\u93C2"
+    + "\u4ABD\u8F2D\uBC9C\u6A40\uCFA2\u804F\u1FCA\uAA42";
   private static final byte[] S = new byte[256];
-
   private static final int[] T0 = new int[256];
-
   private static final int[] T1 = new int[256];
-
   private static final int[] T2 = new int[256];
-
   private static final int[] T3 = new int[256];
-
   private static final int[] T4 = new int[256];
-
   private static final int[] T5 = new int[256];
-
   private static final int[] T6 = new int[256];
-
   private static final int[] T7 = new int[256];
-
   private static final int[][] rc = new int[R + 1][2]; // round constants
-
   /**
-   * KAT vector (from ecb_vk):
-   * I=120
-   * KEY=00000000000000000000000000000100
+   * KAT vector (from ecb_vk): I=120 KEY=00000000000000000000000000000100
    * CT=A0C86A1BBE2CBF4C
    */
-  private static final byte[] KAT_KEY = Util.toBytesFromString("00000000000000000000000000000100");
-
+  private static final byte[] KAT_KEY =
+      Util.toBytesFromString("00000000000000000000000000000100");
   private static final byte[] KAT_CT = Util.toBytesFromString("A0C86A1BBE2CBF4C");
-
   /** caches the result of the correctness test, once executed. */
   private static Boolean valid;
 
-  // Static code - to intialise lookup tables --------------------------------
-
   static
     {
       long time = System.currentTimeMillis();
-
       long ROOT = 0x11d; // para. 2.1 [KHAZAD]
       int i, j;
       int s, s2, s3, s4, s5, s6, s7, s8, sb;
@@ -154,198 +120,177 @@ public final class Khazad extends BaseCipher
           c = Sd.charAt(i >>> 1);
           s = ((i & 1) == 0 ? c >>> 8 : c) & 0xFF;
           S[i] = (byte) s;
-
           s2 = s << 1;
           if (s2 > 0xFF)
             s2 ^= ROOT;
-
           s3 = s2 ^ s;
           s4 = s2 << 1;
           if (s4 > 0xFF)
             s4 ^= ROOT;
-
           s5 = s4 ^ s;
           s6 = s4 ^ s2;
           s7 = s6 ^ s;
           s8 = s4 << 1;
           if (s8 > 0xFF)
             s8 ^= ROOT;
-
           sb = s8 ^ s2 ^ s;
-
-          T0[i] = s << 24 | s3 << 16 | s4 << 8 | s5;
-          T1[i] = s3 << 24 | s << 16 | s5 << 8 | s4;
-          T2[i] = s4 << 24 | s5 << 16 | s << 8 | s3;
+          T0[i] = s  << 24 | s3 << 16 | s4 << 8 | s5;
+          T1[i] = s3 << 24 | s  << 16 | s5 << 8 | s4;
+          T2[i] = s4 << 24 | s5 << 16 | s  << 8 | s3;
           T3[i] = s5 << 24 | s4 << 16 | s3 << 8 | s;
           T4[i] = s6 << 24 | s8 << 16 | sb << 8 | s7;
           T5[i] = s8 << 24 | s6 << 16 | s7 << 8 | sb;
           T6[i] = sb << 24 | s7 << 16 | s6 << 8 | s8;
           T7[i] = s7 << 24 | sb << 16 | s8 << 8 | s6;
         }
-
-      for (i = 0, j = 0; i < R + 1; i++)
+      for (i = 0, j = 0; i < R + 1; i++) // compute round constant
         {
-          // compute round constant
-          rc[i][0] = S[j++] << 24 | (S[j++] & 0xFF) << 16
-                     | (S[j++] & 0xFF) << 8 | (S[j++] & 0xFF);
-          rc[i][1] = S[j++] << 24 | (S[j++] & 0xFF) << 16
-                     | (S[j++] & 0xFF) << 8 | (S[j++] & 0xFF);
+          rc[i][0] =  S[j++]         << 24
+                   | (S[j++] & 0xFF) << 16
+                   | (S[j++] & 0xFF) << 8
+                   | (S[j++] & 0xFF);
+          rc[i][1] =  S[j++]         << 24
+                   | (S[j++] & 0xFF) << 16
+                   | (S[j++] & 0xFF) << 8
+                   | (S[j++] & 0xFF);
         }
-
       time = System.currentTimeMillis() - time;
-
-      if (DEBUG && debuglevel > 8)
+      if (Configuration.DEBUG)
         {
-          System.out.println("==========");
-          System.out.println();
-          System.out.println("Static data");
-          System.out.println();
-
-          System.out.println();
-          System.out.println("T0[]:");
+          log.fine("Static data");
+          log.fine("T0[]:");
+          StringBuilder b;
           for (i = 0; i < 64; i++)
             {
+              b = new StringBuilder();
               for (j = 0; j < 4; j++)
-                System.out.print("0x" + Util.toString(T0[i * 4 + j]) + ", ");
-              System.out.println();
+                b.append("0x").append(Util.toString(T0[i * 4 + j])).append(", ");
+              log.fine(b.toString());
             }
-          System.out.println();
-          System.out.println("T1[]:");
+          log.fine("T1[]:");
           for (i = 0; i < 64; i++)
             {
+              b = new StringBuilder();
               for (j = 0; j < 4; j++)
-                System.out.print("0x" + Util.toString(T1[i * 4 + j]) + ", ");
-              System.out.println();
+                b.append("0x").append(Util.toString(T1[i * 4 + j])).append(", ");
+              log.fine(b.toString());
             }
-          System.out.println();
-          System.out.println("T2[]:");
+          log.fine("T2[]:");
           for (i = 0; i < 64; i++)
             {
+              b = new StringBuilder();
               for (j = 0; j < 4; j++)
-                System.out.print("0x" + Util.toString(T2[i * 4 + j]) + ", ");
-              System.out.println();
+                b.append("0x").append(Util.toString(T2[i * 4 + j])).append(", ");
+              log.fine(b.toString());
             }
-          System.out.println();
-          System.out.println("T3[]:");
+          log.fine("T3[]:");
           for (i = 0; i < 64; i++)
             {
+              b = new StringBuilder();
               for (j = 0; j < 4; j++)
-                System.out.print("0x" + Util.toString(T3[i * 4 + j]) + ", ");
-              System.out.println();
+                b.append("0x").append(Util.toString(T3[i * 4 + j])).append(", ");
+              log.fine(b.toString());
             }
-          System.out.println();
-          System.out.println("T4[]:");
+          log.fine("T4[]:");
           for (i = 0; i < 64; i++)
             {
+              b = new StringBuilder();
               for (j = 0; j < 4; j++)
-                System.out.print("0x" + Util.toString(T4[i * 4 + j]) + ", ");
-              System.out.println();
+                b.append("0x").append(Util.toString(T4[i * 4 + j])).append(", ");
+              log.fine(b.toString());
             }
-          System.out.println();
-          System.out.println("T5[]:");
+          log.fine("T5[]:");
           for (i = 0; i < 64; i++)
             {
+              b = new StringBuilder();
               for (j = 0; j < 4; j++)
-                System.out.print("0x" + Util.toString(T5[i * 4 + j]) + ", ");
-              System.out.println();
+                b.append("0x").append(Util.toString(T5[i * 4 + j])).append(", ");
+              log.fine(b.toString());
             }
-          System.out.println();
-          System.out.println("T6[]:");
+          log.fine("T6[]:");
           for (i = 0; i < 64; i++)
             {
+              b = new StringBuilder();
               for (j = 0; j < 4; j++)
-                System.out.print("0x" + Util.toString(T6[i * 4 + j]) + ", ");
-              System.out.println();
+                b.append("0x").append(Util.toString(T6[i * 4 + j])).append(", ");
+              log.fine(b.toString());
             }
-          System.out.println();
-          System.out.println("T7[]:");
+          log.fine("T7[]:");
           for (i = 0; i < 64; i++)
             {
+              b = new StringBuilder();
               for (j = 0; j < 4; j++)
-                System.out.print("0x" + Util.toString(T7[i * 4 + j]) + ", ");
-              System.out.println();
+                b.append("0x").append(Util.toString(T7[i * 4 + j])).append(", ");
+              log.fine(b.toString());
             }
-          System.out.println();
-          System.out.println("rc[]:");
+          log.fine("rc[]:");
           for (i = 0; i < R + 1; i++)
-            System.out.print("0x" + Util.toString(rc[i][0])
-                             + Util.toString(rc[i][1]));
-          System.out.println();
-
-          System.out.println("Total initialization time: " + time + " ms.");
-          System.out.println();
+            log.fine("0x" + Util.toString(rc[i][0]) + Util.toString(rc[i][1]));
+          log.fine("Total initialization time: " + time + " ms.");
         }
     }
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial 0-arguments constructor. */
   public Khazad()
   {
     super(Registry.KHAZAD_CIPHER, DEFAULT_BLOCK_SIZE, DEFAULT_KEY_SIZE);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   private static void khazad(byte[] in, int i, byte[] out, int j, int[][] K)
   {
     // sigma(K[0])
     int k0 = K[0][0];
     int k1 = K[0][1];
-    int a0 = (in[i++] << 24 | (in[i++] & 0xFF) << 16 | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF))
-             ^ k0;
-    int a1 = (in[i++] << 24 | (in[i++] & 0xFF) << 16 | (in[i++] & 0xFF) << 8 | (in[i] & 0xFF))
-             ^ k1;
-
+    int a0 = (in[i++]         << 24
+           | (in[i++] & 0xFF) << 16
+           | (in[i++] & 0xFF) <<  8
+           | (in[i++] & 0xFF)      ) ^ k0;
+    int a1 = (in[i++]         << 24
+           | (in[i++] & 0xFF) << 16
+           | (in[i++] & 0xFF) <<  8
+           | (in[i  ] & 0xFF)      ) ^ k1;
     int b0, b1;
     // round function
     for (int r = 1; r < R; r++)
       {
         k0 = K[r][0];
         k1 = K[r][1];
-        b0 = T0[a0 >>> 24] ^ T1[(a0 >>> 16) & 0xFF] ^ T2[(a0 >>> 8) & 0xFF]
-             ^ T3[a0 & 0xFF] ^ T4[a1 >>> 24] ^ T5[(a1 >>> 16) & 0xFF]
-             ^ T6[(a1 >>> 8) & 0xFF] ^ T7[a1 & 0xFF] ^ k0;
-        b1 = T0[a1 >>> 24] ^ T1[(a1 >>> 16) & 0xFF] ^ T2[(a1 >>> 8) & 0xFF]
-             ^ T3[a1 & 0xFF] ^ T4[a0 >>> 24] ^ T5[(a0 >>> 16) & 0xFF]
-             ^ T6[(a0 >>> 8) & 0xFF] ^ T7[a0 & 0xFF] ^ k1;
+        b0 = T0[ a0 >>> 24        ]
+           ^ T1[(a0 >>> 16) & 0xFF]
+           ^ T2[(a0 >>>  8) & 0xFF]
+           ^ T3[ a0         & 0xFF]
+           ^ T4[ a1 >>> 24        ]
+           ^ T5[(a1 >>> 16) & 0xFF]
+           ^ T6[(a1 >>>  8) & 0xFF]
+           ^ T7[ a1         & 0xFF] ^ k0;
+        b1 = T0[ a1 >>> 24        ]
+           ^ T1[(a1 >>> 16) & 0xFF]
+           ^ T2[(a1 >>>  8) & 0xFF]
+           ^ T3[ a1         & 0xFF]
+           ^ T4[ a0 >>> 24        ]
+           ^ T5[(a0 >>> 16) & 0xFF]
+           ^ T6[(a0 >>>  8) & 0xFF]
+           ^ T7[ a0         & 0xFF] ^ k1;
         a0 = b0;
         a1 = b1;
-
-        if (DEBUG && debuglevel > 6)
-          {
-            System.out.println("T" + r + "=" + Util.toString(a0)
-                               + Util.toString(a1));
-          }
+        if (Configuration.DEBUG)
+          log.fine("T" + r + "=" + Util.toString(a0) + Util.toString(a1));
       }
-
     // sigma(K[R]) o gamma applied to previous output
     k0 = K[R][0];
     k1 = K[R][1];
-
-    out[j++] = (byte) (S[a0 >>> 24] ^ (k0 >>> 24));
-    out[j++] = (byte) (S[(a0 >>> 16) & 0xFF] ^ (k0 >>> 16));
-    out[j++] = (byte) (S[(a0 >>> 8) & 0xFF] ^ (k0 >>> 8));
-    out[j++] = (byte) (S[a0 & 0xFF] ^ k0);
-    out[j++] = (byte) (S[a1 >>> 24] ^ (k1 >>> 24));
-    out[j++] = (byte) (S[(a1 >>> 16) & 0xFF] ^ (k1 >>> 16));
-    out[j++] = (byte) (S[(a1 >>> 8) & 0xFF] ^ (k1 >>> 8));
-    out[j] = (byte) (S[a1 & 0xFF] ^ k1);
-
-    if (DEBUG && debuglevel > 6)
-      {
-        System.out.println("T=" + Util.toString(out, j - 7, 8));
-        System.out.println();
-      }
+    out[j++] = (byte)(S[ a0 >>> 24        ] ^ (k0 >>> 24));
+    out[j++] = (byte)(S[(a0 >>> 16) & 0xFF] ^ (k0 >>> 16));
+    out[j++] = (byte)(S[(a0 >>>  8) & 0xFF] ^ (k0 >>>  8));
+    out[j++] = (byte)(S[ a0         & 0xFF] ^  k0        );
+    out[j++] = (byte)(S[ a1 >>> 24        ] ^ (k1 >>> 24));
+    out[j++] = (byte)(S[(a1 >>> 16) & 0xFF] ^ (k1 >>> 16));
+    out[j++] = (byte)(S[(a1 >>>  8) & 0xFF] ^ (k1 >>>  8));
+    out[j  ] = (byte)(S[ a1         & 0xFF] ^  k1        );
+    if (Configuration.DEBUG)
+      log.fine("T=" + Util.toString(out, j - 7, 8) + "\n");
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.lang.Cloneable interface implementation ----------------------------
-
   public Object clone()
   {
     Khazad result = new Khazad();
@@ -354,12 +299,10 @@ public final class Khazad extends BaseCipher
     return result;
   }
 
-  // IBlockCipherSpi interface implementation --------------------------------
-
   public Iterator blockSizes()
   {
     ArrayList al = new ArrayList();
-    al.add(new Integer(DEFAULT_BLOCK_SIZE));
+    al.add(Integer.valueOf(DEFAULT_BLOCK_SIZE));
 
     return Collections.unmodifiableList(al).iterator();
   }
@@ -367,15 +310,14 @@ public final class Khazad extends BaseCipher
   public Iterator keySizes()
   {
     ArrayList al = new ArrayList();
-    al.add(new Integer(DEFAULT_KEY_SIZE));
-
+    al.add(Integer.valueOf(DEFAULT_KEY_SIZE));
     return Collections.unmodifiableList(al).iterator();
   }
 
   /**
-   * <p>Expands a user-supplied key material into a session key for a
-   * designated <i>block size</i>.</p>
-   *
+   * Expands a user-supplied key material into a session key for a designated
+   * <i>block size</i>.
+   * 
    * @param uk the 128-bit user-supplied key material.
    * @param bs the desired block size in bytes.
    * @return an Object encapsulating the session key.
@@ -385,54 +327,58 @@ public final class Khazad extends BaseCipher
   public Object makeKey(byte[] uk, int bs) throws InvalidKeyException
   {
     if (bs != DEFAULT_BLOCK_SIZE)
-      {
-        throw new IllegalArgumentException();
-      }
+      throw new IllegalArgumentException();
     if (uk == null)
-      {
-        throw new InvalidKeyException("Empty key");
-      }
+      throw new InvalidKeyException("Empty key");
     if (uk.length != 16)
-      {
-        throw new InvalidKeyException("Key is not 128-bit.");
-      }
+      throw new InvalidKeyException("Key is not 128-bit.");
     int[][] Ke = new int[R + 1][2]; // encryption round keys
     int[][] Kd = new int[R + 1][2]; // decryption round keys
-
     int r, i;
     int k20, k21, k10, k11, rc0, rc1, kr0, kr1;
-
     i = 0;
-    k20 = uk[i++] << 24 | (uk[i++] & 0xFF) << 16 | (uk[i++] & 0xFF) << 8
-          | (uk[i++] & 0xFF);
-    k21 = uk[i++] << 24 | (uk[i++] & 0xFF) << 16 | (uk[i++] & 0xFF) << 8
-          | (uk[i++] & 0xFF);
-    k10 = uk[i++] << 24 | (uk[i++] & 0xFF) << 16 | (uk[i++] & 0xFF) << 8
-          | (uk[i++] & 0xFF);
-    k11 = uk[i++] << 24 | (uk[i++] & 0xFF) << 16 | (uk[i++] & 0xFF) << 8
-          | (uk[i++] & 0xFF);
-
+    k20 =  uk[i++]         << 24
+        | (uk[i++] & 0xFF) << 16
+        | (uk[i++] & 0xFF) << 8
+        | (uk[i++] & 0xFF);
+    k21 =  uk[i++]         << 24
+        | (uk[i++] & 0xFF) << 16
+        | (uk[i++] & 0xFF) << 8
+        | (uk[i++] & 0xFF);
+    k10 =  uk[i++]         << 24
+        | (uk[i++] & 0xFF) << 16
+        | (uk[i++] & 0xFF) << 8
+        | (uk[i++] & 0xFF);
+    k11 =  uk[i++]         << 24
+        | (uk[i++] & 0xFF) << 16
+        | (uk[i++] & 0xFF) << 8
+        | (uk[i++] & 0xFF);
     for (r = 0, i = 0; r <= R; r++)
       {
         rc0 = rc[r][0];
         rc1 = rc[r][1];
-
-        kr0 = T0[k10 >>> 24] ^ T1[(k10 >>> 16) & 0xFF] ^ T2[(k10 >>> 8) & 0xFF]
-              ^ T3[k10 & 0xFF] ^ T4[(k11 >>> 24) & 0xFF]
-              ^ T5[(k11 >>> 16) & 0xFF] ^ T6[(k11 >>> 8) & 0xFF]
-              ^ T7[k11 & 0xFF] ^ rc0 ^ k20;
-        kr1 = T0[k11 >>> 24] ^ T1[(k11 >>> 16) & 0xFF] ^ T2[(k11 >>> 8) & 0xFF]
-              ^ T3[k11 & 0xFF] ^ T4[(k10 >>> 24) & 0xFF]
-              ^ T5[(k10 >>> 16) & 0xFF] ^ T6[(k10 >>> 8) & 0xFF]
-              ^ T7[k10 & 0xFF] ^ rc1 ^ k21;
-
+        kr0 = T0[ k10 >>> 24        ]
+            ^ T1[(k10 >>> 16) & 0xFF]
+            ^ T2[(k10 >>>  8) & 0xFF]
+            ^ T3[ k10         & 0xFF]
+            ^ T4[(k11 >>> 24) & 0xFF]
+            ^ T5[(k11 >>> 16) & 0xFF]
+            ^ T6[(k11 >>>  8) & 0xFF]
+            ^ T7[ k11         & 0xFF] ^ rc0 ^ k20;
+        kr1 = T0[ k11 >>> 24        ]
+            ^ T1[(k11 >>> 16) & 0xFF]
+            ^ T2[(k11 >>>  8) & 0xFF]
+            ^ T3[ k11         & 0xFF]
+            ^ T4[(k10 >>> 24) & 0xFF]
+            ^ T5[(k10 >>> 16) & 0xFF]
+            ^ T6[(k10 >>>  8) & 0xFF]
+            ^ T7[ k10         & 0xFF] ^ rc1 ^ k21;
         Ke[r][0] = kr0;
         Ke[r][1] = kr1;
         k20 = k10;
         k21 = k11;
         k10 = kr0;
         k11 = kr1;
-
         if (r == 0 || r == R)
           {
             Kd[R - r][0] = kr0;
@@ -440,68 +386,52 @@ public final class Khazad extends BaseCipher
           }
         else
           {
-            Kd[R - r][0] = T0[S[kr0 >>> 24] & 0xFF]
-                           ^ T1[S[(kr0 >>> 16) & 0xFF] & 0xFF]
-                           ^ T2[S[(kr0 >>> 8) & 0xFF] & 0xFF]
-                           ^ T3[S[kr0 & 0xFF] & 0xFF]
-                           ^ T4[S[kr1 >>> 24] & 0xFF]
-                           ^ T5[S[(kr1 >>> 16) & 0xFF] & 0xFF]
-                           ^ T6[S[(kr1 >>> 8) & 0xFF] & 0xFF]
-                           ^ T7[S[kr1 & 0xFF] & 0xFF];
-            Kd[R - r][1] = T0[S[kr1 >>> 24] & 0xFF]
-                           ^ T1[S[(kr1 >>> 16) & 0xFF] & 0xFF]
-                           ^ T2[S[(kr1 >>> 8) & 0xFF] & 0xFF]
-                           ^ T3[S[kr1 & 0xFF] & 0xFF]
-                           ^ T4[S[kr0 >>> 24] & 0xFF]
-                           ^ T5[S[(kr0 >>> 16) & 0xFF] & 0xFF]
-                           ^ T6[S[(kr0 >>> 8) & 0xFF] & 0xFF]
-                           ^ T7[S[kr0 & 0xFF] & 0xFF];
+            Kd[R - r][0] = T0[S[ kr0 >>> 24        ] & 0xFF]
+                         ^ T1[S[(kr0 >>> 16) & 0xFF] & 0xFF]
+                         ^ T2[S[(kr0 >>>  8) & 0xFF] & 0xFF]
+                         ^ T3[S[ kr0         & 0xFF] & 0xFF]
+                         ^ T4[S[ kr1 >>> 24        ] & 0xFF]
+                         ^ T5[S[(kr1 >>> 16) & 0xFF] & 0xFF]
+                         ^ T6[S[(kr1 >>>  8) & 0xFF] & 0xFF]
+                         ^ T7[S[ kr1         & 0xFF] & 0xFF];
+            Kd[R - r][1] = T0[S[ kr1 >>> 24        ] & 0xFF]
+                         ^ T1[S[(kr1 >>> 16) & 0xFF] & 0xFF]
+                         ^ T2[S[(kr1 >>>  8) & 0xFF] & 0xFF]
+                         ^ T3[S[ kr1         & 0xFF] & 0xFF]
+                         ^ T4[S[ kr0 >>> 24        ] & 0xFF]
+                         ^ T5[S[(kr0 >>> 16) & 0xFF] & 0xFF]
+                         ^ T6[S[(kr0 >>>  8) & 0xFF] & 0xFF]
+                         ^ T7[S[ kr0         & 0xFF] & 0xFF];
           }
       }
-
-    if (DEBUG && debuglevel > 8)
+    if (Configuration.DEBUG)
       {
-        System.out.println();
-        System.out.println("Key schedule");
-        System.out.println();
-        System.out.println("Ke[]:");
+        log.fine("Key schedule");
+        log.fine("Ke[]:");
         for (r = 0; r < R + 1; r++)
-          {
-            System.out.println("#" + r + ": 0x" + Util.toString(Ke[r][0])
-                               + Util.toString(Ke[r][1]));
-          }
-        System.out.println();
-        System.out.println("Kd[]:");
+          log.fine("#" + r + ": 0x" + Util.toString(Ke[r][0])
+                   + Util.toString(Ke[r][1]));
+        log.fine("Kd[]:");
         for (r = 0; r < R + 1; r++)
-          {
-            System.out.println("#" + r + ": 0x" + Util.toString(Kd[r][0])
-                               + Util.toString(Kd[r][1]));
-          }
-        System.out.println();
+          log.fine("#" + r + ": 0x" + Util.toString(Kd[r][0])
+                   + Util.toString(Kd[r][1]));
       }
-
     return new Object[] { Ke, Kd };
   }
 
   public void encrypt(byte[] in, int i, byte[] out, int j, Object k, int bs)
   {
     if (bs != DEFAULT_BLOCK_SIZE)
-      {
-        throw new IllegalArgumentException();
-      }
-
-    int[][] K = (int[][]) ((Object[]) k)[0];
+      throw new IllegalArgumentException();
+    int[][] K = (int[][])((Object[]) k)[0];
     khazad(in, i, out, j, K);
   }
 
   public void decrypt(byte[] in, int i, byte[] out, int j, Object k, int bs)
   {
     if (bs != DEFAULT_BLOCK_SIZE)
-      {
-        throw new IllegalArgumentException();
-      }
-
-    int[][] K = (int[][]) ((Object[]) k)[1];
+      throw new IllegalArgumentException();
+    int[][] K = (int[][])((Object[]) k)[1];
     khazad(in, i, out, j, K);
   }
 
@@ -511,11 +441,9 @@ public final class Khazad extends BaseCipher
       {
         boolean result = super.selfTest(); // do symmetry tests
         if (result)
-          {
-            result = testKat(KAT_KEY, KAT_CT);
-          }
+          result = testKat(KAT_KEY, KAT_CT);
         valid = Boolean.valueOf(result);
       }
     return valid.booleanValue();
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/cipher/NullCipher.java b/libjava/classpath/gnu/javax/crypto/cipher/NullCipher.java
index 09252db9063..4515559549b 100644
--- a/libjava/classpath/gnu/javax/crypto/cipher/NullCipher.java
+++ b/libjava/classpath/gnu/javax/crypto/cipher/NullCipher.java
@@ -46,53 +46,35 @@ import java.util.Collections;
 import java.util.Iterator;
 
 /**
- * <p>The implementation of a Null block cipher.</p>
- *
- * <p>This cipher does not alter its input at all, claims to process block sizes
+ * The implementation of a Null block cipher.
+ * <p>
+ * This cipher does not alter its input at all, claims to process block sizes
  * 128-, 192- and 256-bit long, and key sizes from 64- to 512-bit in 8-bit
- * increments.</p>
+ * increments.
  */
-public final class NullCipher extends BaseCipher
+public final class NullCipher
+    extends BaseCipher
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial 0-arguments constructor. */
   public NullCipher()
   {
     super(Registry.NULL_CIPHER, 16, 16);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.lang.Cloneable interface implementation ----------------------------
-
   public Object clone()
   {
     NullCipher result = new NullCipher();
     result.currentBlockSize = this.currentBlockSize;
-
     return result;
   }
 
-  // IBlockCipherSpi interface implementation --------------------------------
-
   public Iterator blockSizes()
   {
     ArrayList al = new ArrayList();
-    al.add(new Integer(64 / 8));
-    al.add(new Integer(128 / 8));
-    al.add(new Integer(192 / 8));
-    al.add(new Integer(256 / 8));
-
+    al.add(Integer.valueOf(64 / 8));
+    al.add(Integer.valueOf(128 / 8));
+    al.add(Integer.valueOf(192 / 8));
+    al.add(Integer.valueOf(256 / 8));
     return Collections.unmodifiableList(al).iterator();
   }
 
@@ -100,10 +82,7 @@ public final class NullCipher extends BaseCipher
   {
     ArrayList al = new ArrayList();
     for (int n = 8; n < 64; n++)
-      {
-        al.add(new Integer(n));
-      }
-
+      al.add(Integer.valueOf(n));
     return Collections.unmodifiableList(al).iterator();
   }
 
@@ -126,4 +105,4 @@ public final class NullCipher extends BaseCipher
   {
     return true;
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/cipher/Rijndael.java b/libjava/classpath/gnu/javax/crypto/cipher/Rijndael.java
index bcd1872fc1b..d1bc958c323 100644
--- a/libjava/classpath/gnu/javax/crypto/cipher/Rijndael.java
+++ b/libjava/classpath/gnu/javax/crypto/cipher/Rijndael.java
@@ -38,372 +38,274 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.cipher;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.Registry;
 import gnu.java.security.util.Util;
 
-//import java.io.PrintWriter;
 import java.security.InvalidKeyException;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.Iterator;
+import java.util.logging.Logger;
 
 /**
- * <p>Rijndael --pronounced Reindaal-- is the AES. It is a variable block-size
+ * Rijndael --pronounced Reindaal-- is the AES. It is a variable block-size
  * (128-, 192- and 256-bit), variable key-size (128-, 192- and 256-bit)
- * symmetric key block cipher.</p>
- *
- * <p>References:</p>
- *
+ * symmetric key block cipher.
+ * <p>
+ * References:
  * <ol>
- *    <li><a href="http://www.esat.kuleuven.ac.be/~rijmen/rijndael/">The
- *    Rijndael Block Cipher - AES Proposal</a>.<br>
- *    <a href="mailto:vincent.rijmen@esat.kuleuven.ac.be">Vincent Rijmen</a> and
- *    <a href="mailto:daemen.j@protonworld.com">Joan Daemen</a>.</li>
+ * <li><a href="http://www.esat.kuleuven.ac.be/~rijmen/rijndael/">The Rijndael
+ * Block Cipher - AES Proposal</a>.<br>
+ * <a href="mailto:vincent.rijmen@esat.kuleuven.ac.be">Vincent Rijmen</a> and
+ * <a href="mailto:daemen.j@protonworld.com">Joan Daemen</a>.</li>
  * </ol>
  */
-public final class Rijndael extends BaseCipher
+public final class Rijndael
+    extends BaseCipher
 {
-
-  // Debugging methods and variables
-  // -------------------------------------------------------------------------
-
-  //   private static final String NAME = "rijndael";
-  private static final boolean DEBUG = false;
-
-  private static final int debuglevel = 9;
-
-  //   private static final PrintWriter err = new PrintWriter(System.out, true);
-  //   private static void debug(String s) {
-  //      err.println(">>> "+NAME+": "+s);
-  //   }
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
+  private static final Logger log = Logger.getLogger(Rijndael.class.getName());
   private static final int DEFAULT_BLOCK_SIZE = 16; // in bytes
-
   private static final int DEFAULT_KEY_SIZE = 16; // in bytes
-
-  private static final String SS = "\u637C\u777B\uF26B\u6FC5\u3001\u672B\uFED7\uAB76"
-                                   + "\uCA82\uC97D\uFA59\u47F0\uADD4\uA2AF\u9CA4\u72C0"
-                                   + "\uB7FD\u9326\u363F\uF7CC\u34A5\uE5F1\u71D8\u3115"
-                                   + "\u04C7\u23C3\u1896\u059A\u0712\u80E2\uEB27\uB275"
-                                   + "\u0983\u2C1A\u1B6E\u5AA0\u523B\uD6B3\u29E3\u2F84"
-                                   + "\u53D1\u00ED\u20FC\uB15B\u6ACB\uBE39\u4A4C\u58CF"
-                                   + "\uD0EF\uAAFB\u434D\u3385\u45F9\u027F\u503C\u9FA8"
-                                   + "\u51A3\u408F\u929D\u38F5\uBCB6\uDA21\u10FF\uF3D2"
-                                   + "\uCD0C\u13EC\u5F97\u4417\uC4A7\u7E3D\u645D\u1973"
-                                   + "\u6081\u4FDC\u222A\u9088\u46EE\uB814\uDE5E\u0BDB"
-                                   + "\uE032\u3A0A\u4906\u245C\uC2D3\uAC62\u9195\uE479"
-                                   + "\uE7C8\u376D\u8DD5\u4EA9\u6C56\uF4EA\u657A\uAE08"
-                                   + "\uBA78\u252E\u1CA6\uB4C6\uE8DD\u741F\u4BBD\u8B8A"
-                                   + "\u703E\uB566\u4803\uF60E\u6135\u57B9\u86C1\u1D9E"
-                                   + "\uE1F8\u9811\u69D9\u8E94\u9B1E\u87E9\uCE55\u28DF"
-                                   + "\u8CA1\u890D\uBFE6\u4268\u4199\u2D0F\uB054\uBB16";
-
+  private static final String SS =
+      "\u637C\u777B\uF26B\u6FC5\u3001\u672B\uFED7\uAB76"
+    + "\uCA82\uC97D\uFA59\u47F0\uADD4\uA2AF\u9CA4\u72C0"
+    + "\uB7FD\u9326\u363F\uF7CC\u34A5\uE5F1\u71D8\u3115"
+    + "\u04C7\u23C3\u1896\u059A\u0712\u80E2\uEB27\uB275"
+    + "\u0983\u2C1A\u1B6E\u5AA0\u523B\uD6B3\u29E3\u2F84"
+    + "\u53D1\u00ED\u20FC\uB15B\u6ACB\uBE39\u4A4C\u58CF"
+    + "\uD0EF\uAAFB\u434D\u3385\u45F9\u027F\u503C\u9FA8"
+    + "\u51A3\u408F\u929D\u38F5\uBCB6\uDA21\u10FF\uF3D2"
+    + "\uCD0C\u13EC\u5F97\u4417\uC4A7\u7E3D\u645D\u1973"
+    + "\u6081\u4FDC\u222A\u9088\u46EE\uB814\uDE5E\u0BDB"
+    + "\uE032\u3A0A\u4906\u245C\uC2D3\uAC62\u9195\uE479"
+    + "\uE7C8\u376D\u8DD5\u4EA9\u6C56\uF4EA\u657A\uAE08"
+    + "\uBA78\u252E\u1CA6\uB4C6\uE8DD\u741F\u4BBD\u8B8A"
+    + "\u703E\uB566\u4803\uF60E\u6135\u57B9\u86C1\u1D9E"
+    + "\uE1F8\u9811\u69D9\u8E94\u9B1E\u87E9\uCE55\u28DF"
+    + "\u8CA1\u890D\uBFE6\u4268\u4199\u2D0F\uB054\uBB16";
   private static final byte[] S = new byte[256];
-
   private static final byte[] Si = new byte[256];
-
   private static final int[] T1 = new int[256];
-
   private static final int[] T2 = new int[256];
-
   private static final int[] T3 = new int[256];
-
   private static final int[] T4 = new int[256];
-
   private static final int[] T5 = new int[256];
-
   private static final int[] T6 = new int[256];
-
   private static final int[] T7 = new int[256];
-
   private static final int[] T8 = new int[256];
-
   private static final int[] U1 = new int[256];
-
   private static final int[] U2 = new int[256];
-
   private static final int[] U3 = new int[256];
-
   private static final int[] U4 = new int[256];
-
   private static final byte[] rcon = new byte[30];
-
   private static final int[][][] shifts = new int[][][] {
-                                                         { { 0, 0 }, { 1, 3 },
-                                                          { 2, 2 }, { 3, 1 } },
-                                                         { { 0, 0 }, { 1, 5 },
-                                                          { 2, 4 }, { 3, 3 } },
-                                                         { { 0, 0 }, { 1, 7 },
-                                                          { 3, 5 }, { 4, 4 } } };
-
+      { { 0, 0 }, { 1, 3 }, { 2, 2 }, { 3, 1 } },
+      { { 0, 0 }, { 1, 5 }, { 2, 4 }, { 3, 3 } },
+      { { 0, 0 }, { 1, 7 }, { 3, 5 }, { 4, 4 } } };
   /**
-   * KAT vector (from ecb_vk):
-   * I=96
+   * KAT vector (from ecb_vk): I=96
    * KEY=0000000000000000000000010000000000000000000000000000000000000000
    * CT=E44429474D6FC3084EB2A6B8B46AF754
    */
-  private static final byte[] KAT_KEY = Util.toBytesFromString("0000000000000000000000010000000000000000000000000000000000000000");
-
-  private static final byte[] KAT_CT = Util.toBytesFromString("E44429474D6FC3084EB2A6B8B46AF754");
-
+  private static final byte[] KAT_KEY = Util.toBytesFromString(
+      "0000000000000000000000010000000000000000000000000000000000000000");
+  private static final byte[] KAT_CT = Util.toBytesFromString(
+      "E44429474D6FC3084EB2A6B8B46AF754");
   /** caches the result of the correctness test, once executed. */
   private static Boolean valid;
 
-  // Static code - to intialise lookup tables --------------------------------
-
   static
     {
       long time = System.currentTimeMillis();
-
       int ROOT = 0x11B;
       int i, j = 0;
-
       // S-box, inverse S-box, T-boxes, U-boxes
       int s, s2, s3, i2, i4, i8, i9, ib, id, ie, t;
       char c;
       for (i = 0; i < 256; i++)
         {
           c = SS.charAt(i >>> 1);
-          S[i] = (byte) (((i & 1) == 0) ? c >>> 8 : c & 0xFF);
+          S[i] = (byte)(((i & 1) == 0) ? c >>> 8 : c & 0xFF);
           s = S[i] & 0xFF;
           Si[s] = (byte) i;
           s2 = s << 1;
           if (s2 >= 0x100)
-            {
-              s2 ^= ROOT;
-            }
+            s2 ^= ROOT;
           s3 = s2 ^ s;
           i2 = i << 1;
           if (i2 >= 0x100)
-            {
-              i2 ^= ROOT;
-            }
+            i2 ^= ROOT;
           i4 = i2 << 1;
           if (i4 >= 0x100)
-            {
-              i4 ^= ROOT;
-            }
+            i4 ^= ROOT;
           i8 = i4 << 1;
           if (i8 >= 0x100)
-            {
-              i8 ^= ROOT;
-            }
+            i8 ^= ROOT;
           i9 = i8 ^ i;
           ib = i9 ^ i2;
           id = i9 ^ i4;
           ie = i8 ^ i4 ^ i2;
-
           T1[i] = t = (s2 << 24) | (s << 16) | (s << 8) | s3;
-          T2[i] = (t >>> 8) | (t << 24);
+          T2[i] = (t >>>  8) | (t << 24);
           T3[i] = (t >>> 16) | (t << 16);
-          T4[i] = (t >>> 24) | (t << 8);
-
+          T4[i] = (t >>> 24) | (t <<  8);
           T5[s] = U1[i] = t = (ie << 24) | (i9 << 16) | (id << 8) | ib;
-          T6[s] = U2[i] = (t >>> 8) | (t << 24);
+          T6[s] = U2[i] = (t >>>  8) | (t << 24);
           T7[s] = U3[i] = (t >>> 16) | (t << 16);
-          T8[s] = U4[i] = (t >>> 24) | (t << 8);
+          T8[s] = U4[i] = (t >>> 24) | (t <<  8);
         }
-      //
       // round constants
-      //
       int r = 1;
       rcon[0] = 1;
       for (i = 1; i < 30; i++)
         {
           r <<= 1;
           if (r >= 0x100)
-            {
-              r ^= ROOT;
-            }
+            r ^= ROOT;
           rcon[i] = (byte) r;
         }
-
       time = System.currentTimeMillis() - time;
-
-      if (DEBUG && debuglevel > 8)
+      if (Configuration.DEBUG)
         {
-          System.out.println("==========");
-          System.out.println();
-          System.out.println("Static Data");
-          System.out.println();
-          System.out.println("S[]:");
+          log.fine("Static Data");
+          log.fine("S[]:");
+          StringBuilder sb;
           for (i = 0; i < 16; i++)
             {
+              sb = new StringBuilder();
               for (j = 0; j < 16; j++)
-                {
-                  System.out.print("0x" + Util.toString(S[i * 16 + j]) + ", ");
-                }
-              System.out.println();
+                sb.append("0x").append(Util.toString(S[i * 16 + j])).append(", ");
+              log.fine(sb.toString());
             }
-          System.out.println();
-          System.out.println("Si[]:");
+          log.fine("Si[]:");
           for (i = 0; i < 16; i++)
             {
+              sb = new StringBuilder();
               for (j = 0; j < 16; j++)
-                {
-                  System.out.print("0x" + Util.toString(Si[i * 16 + j]) + ", ");
-                }
-              System.out.println();
+                sb.append("0x").append(Util.toString(Si[i * 16 + j])).append(", ");
+              log.fine(sb.toString());
             }
 
-          System.out.println();
-          System.out.println("T1[]:");
+          log.fine("T1[]:");
           for (i = 0; i < 64; i++)
             {
+              sb = new StringBuilder();
               for (j = 0; j < 4; j++)
-                {
-                  System.out.print("0x" + Util.toString(T1[i * 4 + j]) + ", ");
-                }
-              System.out.println();
+                sb.append("0x").append(Util.toString(T1[i * 4 + j])).append(", ");
+              log.fine(sb.toString());
             }
-          System.out.println();
-          System.out.println("T2[]:");
+          log.fine("T2[]:");
           for (i = 0; i < 64; i++)
             {
+              sb = new StringBuilder();
               for (j = 0; j < 4; j++)
-                {
-                  System.out.print("0x" + Util.toString(T2[i * 4 + j]) + ", ");
-                }
-              System.out.println();
+                sb.append("0x").append(Util.toString(T2[i * 4 + j])).append(", ");
+              log.fine(sb.toString());
             }
-          System.out.println();
-          System.out.println("T3[]:");
+          log.fine("T3[]:");
           for (i = 0; i < 64; i++)
             {
+              sb = new StringBuilder();
               for (j = 0; j < 4; j++)
-                {
-                  System.out.print("0x" + Util.toString(T3[i * 4 + j]) + ", ");
-                }
-              System.out.println();
+                sb.append("0x").append(Util.toString(T3[i * 4 + j])).append(", ");
+              log.fine(sb.toString());
             }
-          System.out.println();
-          System.out.println("T4[]:");
+          log.fine("T4[]:");
           for (i = 0; i < 64; i++)
             {
+              sb = new StringBuilder();
               for (j = 0; j < 4; j++)
-                {
-                  System.out.print("0x" + Util.toString(T4[i * 4 + j]) + ", ");
-                }
-              System.out.println();
+                sb.append("0x").append(Util.toString(T4[i * 4 + j])).append(", ");
+              log.fine(sb.toString());
             }
-          System.out.println();
-          System.out.println("T5[]:");
+          log.fine("T5[]:");
           for (i = 0; i < 64; i++)
             {
+              sb = new StringBuilder();
               for (j = 0; j < 4; j++)
-                {
-                  System.out.print("0x" + Util.toString(T5[i * 4 + j]) + ", ");
-                }
-              System.out.println();
+                sb.append("0x").append(Util.toString(T5[i * 4 + j])).append(", ");
+              log.fine(sb.toString());
             }
-          System.out.println();
-          System.out.println("T6[]:");
+          log.fine("T6[]:");
           for (i = 0; i < 64; i++)
             {
+              sb = new StringBuilder();
               for (j = 0; j < 4; j++)
-                {
-                  System.out.print("0x" + Util.toString(T6[i * 4 + j]) + ", ");
-                }
-              System.out.println();
+                sb.append("0x").append(Util.toString(T6[i * 4 + j])).append(", ");
+              log.fine(sb.toString());
             }
-          System.out.println();
-          System.out.println("T7[]:");
+          log.fine("T7[]:");
           for (i = 0; i < 64; i++)
             {
+              sb = new StringBuilder();
               for (j = 0; j < 4; j++)
-                {
-                  System.out.print("0x" + Util.toString(T7[i * 4 + j]) + ", ");
-                }
-              System.out.println();
+                sb.append("0x").append(Util.toString(T7[i * 4 + j])).append(", ");
+              log.fine(sb.toString());
             }
-          System.out.println();
-          System.out.println("T8[]:");
+          log.fine("T8[]:");
           for (i = 0; i < 64; i++)
             {
+              sb = new StringBuilder();
               for (j = 0; j < 4; j++)
-                {
-                  System.out.print("0x" + Util.toString(T8[i * 4 + j]) + ", ");
-                }
-              System.out.println();
+                sb.append("0x").append(Util.toString(T8[i * 4 + j])).append(", ");
+              log.fine(sb.toString());
             }
 
-          System.out.println();
-          System.out.println("U1[]:");
+          log.fine("U1[]:");
           for (i = 0; i < 64; i++)
             {
+              sb = new StringBuilder();
               for (j = 0; j < 4; j++)
-                {
-                  System.out.print("0x" + Util.toString(U1[i * 4 + j]) + ", ");
-                }
-              System.out.println();
+                sb.append("0x").append(Util.toString(U1[i * 4 + j])).append(", ");
+              log.fine(sb.toString());
             }
-          System.out.println();
-          System.out.println("U2[]:");
+          log.fine("U2[]:");
           for (i = 0; i < 64; i++)
             {
+              sb = new StringBuilder();
               for (j = 0; j < 4; j++)
-                {
-                  System.out.print("0x" + Util.toString(U2[i * 4 + j]) + ", ");
-                }
-              System.out.println();
+                sb.append("0x").append(Util.toString(U2[i * 4 + j])).append(", ");
+              log.fine(sb.toString());
             }
-          System.out.println();
-          System.out.println("U3[]:");
+          log.fine("U3[]:");
           for (i = 0; i < 64; i++)
             {
+              sb = new StringBuilder();
               for (j = 0; j < 4; j++)
-                {
-                  System.out.print("0x" + Util.toString(U3[i * 4 + j]) + ", ");
-                }
-              System.out.println();
+                sb.append("0x").append(Util.toString(U3[i * 4 + j])).append(", ");
+              log.fine(sb.toString());
             }
-          System.out.println();
-          System.out.println("U4[]:");
+          log.fine("U4[]:");
           for (i = 0; i < 64; i++)
             {
+              sb = new StringBuilder();
               for (j = 0; j < 4; j++)
-                {
-                  System.out.println("0x" + Util.toString(U4[i * 4 + j]) + ", ");
-                }
-              System.out.println();
+                sb.append("0x").append(Util.toString(U4[i * 4 + j])).append(", ");
+              log.fine(sb.toString());
             }
 
-          System.out.println();
-          System.out.println("rcon[]:");
+          log.fine("rcon[]:");
           for (i = 0; i < 5; i++)
             {
+              sb = new StringBuilder();
               for (j = 0; j < 6; j++)
-                {
-                  System.out.print("0x" + Util.toString(rcon[i * 6 + j]) + ", ");
-                }
-              System.out.println();
+                sb.append("0x").append(Util.toString(rcon[i * 6 + j])).append(", ");
+              log.fine(sb.toString());
             }
-
-          System.out.println();
-          System.out.println("Total initialization time: " + time + " ms.");
-          System.out.println();
+          log.fine("Total initialization time: " + time + " ms.");
         }
     }
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial 0-arguments constructor. */
   public Rijndael()
   {
     super(Registry.RIJNDAEL_CIPHER, DEFAULT_BLOCK_SIZE, DEFAULT_KEY_SIZE);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns the number of rounds for a given Rijndael's key and block
-   * sizes.</p>
-   *
+   * Returns the number of rounds for a given Rijndael's key and block sizes.
+   * 
    * @param ks the size of the user key material in bytes.
    * @param bs the desired block size in bytes.
    * @return the number of rounds for a given Rijndael's key and block sizes.
@@ -426,7 +328,6 @@ public final class Rijndael extends BaseCipher
   {
     Object[] sKey = (Object[]) sessionKey; // extract encryption round keys
     int[][] Ke = (int[][]) sKey[0];
-
     int BC = bs / 4;
     int ROUNDS = Ke.length - 1;
     int SC = BC == 4 ? 0 : (BC == 6 ? 1 : 2);
@@ -436,45 +337,32 @@ public final class Rijndael extends BaseCipher
     int[] a = new int[BC];
     int[] t = new int[BC]; // temporary work array
     int i, tt;
-
-    for (i = 0; i < BC; i++)
-      { // plaintext to ints + key
-        t[i] = (in[inOffset++] << 24 | (in[inOffset++] & 0xFF) << 16
-                | (in[inOffset++] & 0xFF) << 8 | (in[inOffset++] & 0xFF))
-               ^ Ke[0][i];
-      }
-
-    for (int r = 1; r < ROUNDS; r++)
-      { // apply round transforms
+    for (i = 0; i < BC; i++) // plaintext to ints + key
+      t[i] = (in[inOffset++]         << 24
+           | (in[inOffset++] & 0xFF) << 16
+           | (in[inOffset++] & 0xFF) <<  8
+           | (in[inOffset++] & 0xFF)      ) ^ Ke[0][i];
+    for (int r = 1; r < ROUNDS; r++) // apply round transforms
+      {
         for (i = 0; i < BC; i++)
-          {
-            a[i] = (T1[(t[i] >>> 24)] ^ T2[(t[(i + s1) % BC] >>> 16) & 0xFF]
-                    ^ T3[(t[(i + s2) % BC] >>> 8) & 0xFF] ^ T4[t[(i + s3) % BC] & 0xFF])
-                   ^ Ke[r][i];
-          }
-
+          a[i] = (T1[(t[ i           ] >>> 24)       ]
+                ^ T2[(t[(i + s1) % BC] >>> 16) & 0xFF]
+                ^ T3[(t[(i + s2) % BC] >>>  8) & 0xFF]
+                ^ T4[ t[(i + s3) % BC]         & 0xFF]) ^ Ke[r][i];
         System.arraycopy(a, 0, t, 0, BC);
-
-        if (DEBUG && debuglevel > 6)
-          {
-            System.out.println("CT" + r + "=" + Util.toString(t));
-          }
+        if (Configuration.DEBUG)
+          log.fine("CT" + r + "=" + Util.toString(t));
       }
-
-    for (i = 0; i < BC; i++)
-      { // last round is special
-        tt = Ke[ROUNDS][i];
-        out[outOffset++] = (byte) (S[(t[i] >>> 24)] ^ (tt >>> 24));
-        out[outOffset++] = (byte) (S[(t[(i + s1) % BC] >>> 16) & 0xFF] ^ (tt >>> 16));
-        out[outOffset++] = (byte) (S[(t[(i + s2) % BC] >>> 8) & 0xFF] ^ (tt >>> 8));
-        out[outOffset++] = (byte) (S[t[(i + s3) % BC] & 0xFF] ^ tt);
-      }
-
-    if (DEBUG && debuglevel > 6)
+    for (i = 0; i < BC; i++) // last round is special
       {
-        System.out.println("CT=" + Util.toString(out, outOffset - bs + 1, bs));
-        System.out.println();
+        tt = Ke[ROUNDS][i];
+        out[outOffset++] = (byte)(S[(t[ i           ] >>> 24)       ] ^ (tt >>> 24));
+        out[outOffset++] = (byte)(S[(t[(i + s1) % BC] >>> 16) & 0xFF] ^ (tt >>> 16));
+        out[outOffset++] = (byte)(S[(t[(i + s2) % BC] >>>  8) & 0xFF] ^ (tt >>>  8));
+        out[outOffset++] = (byte)(S[ t[(i + s3) % BC]         & 0xFF] ^  tt        );
       }
+    if (Configuration.DEBUG)
+      log.fine("CT=" + Util.toString(out, outOffset - bs, bs));
   }
 
   private static void rijndaelDecrypt(byte[] in, int inOffset, byte[] out,
@@ -482,7 +370,6 @@ public final class Rijndael extends BaseCipher
   {
     Object[] sKey = (Object[]) sessionKey; // extract decryption round keys
     int[][] Kd = (int[][]) sKey[1];
-
     int BC = bs / 4;
     int ROUNDS = Kd.length - 1;
     int SC = BC == 4 ? 0 : (BC == 6 ? 1 : 2);
@@ -492,194 +379,187 @@ public final class Rijndael extends BaseCipher
     int[] a = new int[BC];
     int[] t = new int[BC]; // temporary work array
     int i, tt;
-
-    for (i = 0; i < BC; i++)
-      { // ciphertext to ints + key
-        t[i] = (in[inOffset++] << 24 | (in[inOffset++] & 0xFF) << 16
-                | (in[inOffset++] & 0xFF) << 8 | (in[inOffset++] & 0xFF))
-               ^ Kd[0][i];
-      }
-
-    for (int r = 1; r < ROUNDS; r++)
-      { // apply round transforms
+    for (i = 0; i < BC; i++) // ciphertext to ints + key
+      t[i] = (in[inOffset++]         << 24
+           | (in[inOffset++] & 0xFF) << 16
+           | (in[inOffset++] & 0xFF) <<  8
+           | (in[inOffset++] & 0xFF)      ) ^ Kd[0][i];
+    for (int r = 1; r < ROUNDS; r++) // apply round transforms
+      {
         for (i = 0; i < BC; i++)
-          {
-            a[i] = (T5[(t[i] >>> 24)] ^ T6[(t[(i + s1) % BC] >>> 16) & 0xFF]
-                    ^ T7[(t[(i + s2) % BC] >>> 8) & 0xFF] ^ T8[t[(i + s3) % BC] & 0xFF])
-                   ^ Kd[r][i];
-          }
-
+          a[i] = (T5[(t[ i           ] >>> 24)       ]
+                ^ T6[(t[(i + s1) % BC] >>> 16) & 0xFF]
+                ^ T7[(t[(i + s2) % BC] >>>  8) & 0xFF]
+                ^ T8[ t[(i + s3) % BC]         & 0xFF]) ^ Kd[r][i];
         System.arraycopy(a, 0, t, 0, BC);
-
-        if (DEBUG && debuglevel > 6)
-          {
-            System.out.println("PT" + r + "=" + Util.toString(t));
-          }
-      }
-
-    for (i = 0; i < BC; i++)
-      { // last round is special
-        tt = Kd[ROUNDS][i];
-        out[outOffset++] = (byte) (Si[(t[i] >>> 24)] ^ (tt >>> 24));
-        out[outOffset++] = (byte) (Si[(t[(i + s1) % BC] >>> 16) & 0xFF] ^ (tt >>> 16));
-        out[outOffset++] = (byte) (Si[(t[(i + s2) % BC] >>> 8) & 0xFF] ^ (tt >>> 8));
-        out[outOffset++] = (byte) (Si[t[(i + s3) % BC] & 0xFF] ^ tt);
+        if (Configuration.DEBUG)
+          log.fine("PT" + r + "=" + Util.toString(t));
       }
-
-    if (DEBUG && debuglevel > 6)
+    for (i = 0; i < BC; i++) // last round is special
       {
-        System.out.println("PT=" + Util.toString(out, outOffset - bs + 1, bs));
-        System.out.println();
+        tt = Kd[ROUNDS][i];
+        out[outOffset++] = (byte)(Si[(t[ i           ] >>> 24)       ] ^ (tt >>> 24));
+        out[outOffset++] = (byte)(Si[(t[(i + s1) % BC] >>> 16) & 0xFF] ^ (tt >>> 16));
+        out[outOffset++] = (byte)(Si[(t[(i + s2) % BC] >>>  8) & 0xFF] ^ (tt >>>  8));
+        out[outOffset++] = (byte)(Si[ t[(i + s3) % BC]         & 0xFF] ^  tt        );
       }
+    if (Configuration.DEBUG)
+      log.fine("PT=" + Util.toString(out, outOffset - bs, bs));
   }
 
   private static void aesEncrypt(byte[] in, int i, byte[] out, int j, Object key)
   {
-    int[][] Ke = (int[][]) ((Object[]) key)[0]; // extract encryption round keys
+    int[][] Ke = (int[][])((Object[]) key)[0]; // extract encryption round keys
     int ROUNDS = Ke.length - 1;
     int[] Ker = Ke[0];
-
     // plaintext to ints + key
-    int t0 = (in[i++] << 24 | (in[i++] & 0xFF) << 16 | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF))
-             ^ Ker[0];
-    int t1 = (in[i++] << 24 | (in[i++] & 0xFF) << 16 | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF))
-             ^ Ker[1];
-    int t2 = (in[i++] << 24 | (in[i++] & 0xFF) << 16 | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF))
-             ^ Ker[2];
-    int t3 = (in[i++] << 24 | (in[i++] & 0xFF) << 16 | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF))
-             ^ Ker[3];
-
+    int t0 = (in[i++]         << 24
+           | (in[i++] & 0xFF) << 16
+           | (in[i++] & 0xFF) <<  8
+           | (in[i++] & 0xFF)      ) ^ Ker[0];
+    int t1 = (in[i++]         << 24
+           | (in[i++] & 0xFF) << 16
+           | (in[i++] & 0xFF) <<  8
+           | (in[i++] & 0xFF)      ) ^ Ker[1];
+    int t2 = (in[i++]         << 24
+           | (in[i++] & 0xFF) << 16
+           | (in[i++] & 0xFF) <<  8
+           | (in[i++] & 0xFF)      ) ^ Ker[2];
+    int t3 = (in[i++]         << 24
+           | (in[i++] & 0xFF) << 16
+           | (in[i++] & 0xFF) <<  8
+           | (in[i++] & 0xFF)      ) ^ Ker[3];
     int a0, a1, a2, a3;
-    for (int r = 1; r < ROUNDS; r++)
-      { // apply round transforms
+    for (int r = 1; r < ROUNDS; r++) // apply round transforms
+      {
         Ker = Ke[r];
-        a0 = (T1[(t0 >>> 24)] ^ T2[(t1 >>> 16) & 0xFF] ^ T3[(t2 >>> 8) & 0xFF] ^ T4[t3 & 0xFF])
-             ^ Ker[0];
-        a1 = (T1[(t1 >>> 24)] ^ T2[(t2 >>> 16) & 0xFF] ^ T3[(t3 >>> 8) & 0xFF] ^ T4[t0 & 0xFF])
-             ^ Ker[1];
-        a2 = (T1[(t2 >>> 24)] ^ T2[(t3 >>> 16) & 0xFF] ^ T3[(t0 >>> 8) & 0xFF] ^ T4[t1 & 0xFF])
-             ^ Ker[2];
-        a3 = (T1[(t3 >>> 24)] ^ T2[(t0 >>> 16) & 0xFF] ^ T3[(t1 >>> 8) & 0xFF] ^ T4[t2 & 0xFF])
-             ^ Ker[3];
+        a0 = (T1[(t0 >>> 24)       ]
+            ^ T2[(t1 >>> 16) & 0xFF]
+            ^ T3[(t2 >>>  8) & 0xFF]
+            ^ T4[ t3         & 0xFF]) ^ Ker[0];
+        a1 = (T1[(t1 >>> 24)       ]
+            ^ T2[(t2 >>> 16) & 0xFF]
+            ^ T3[(t3 >>>  8) & 0xFF]
+            ^ T4[ t0         & 0xFF]) ^ Ker[1];
+        a2 = (T1[(t2 >>> 24)       ]
+            ^ T2[(t3 >>> 16) & 0xFF]
+            ^ T3[(t0 >>>  8) & 0xFF]
+            ^ T4[ t1         & 0xFF]) ^ Ker[2];
+        a3 = (T1[(t3 >>> 24)       ]
+            ^ T2[(t0 >>> 16) & 0xFF]
+            ^ T3[(t1 >>>  8) & 0xFF]
+            ^ T4[ t2         & 0xFF]) ^ Ker[3];
         t0 = a0;
         t1 = a1;
         t2 = a2;
         t3 = a3;
-
-        if (DEBUG && debuglevel > 6)
-          {
-            System.out.println("CT" + r + "=" + Util.toString(t0)
-                               + Util.toString(t1) + Util.toString(t2)
-                               + Util.toString(t3));
-          }
+        if (Configuration.DEBUG)
+          log.fine("CT" + r + "=" + Util.toString(t0) + Util.toString(t1)
+                   + Util.toString(t2) + Util.toString(t3));
       }
-
     // last round is special
     Ker = Ke[ROUNDS];
     int tt = Ker[0];
-    out[j++] = (byte) (S[(t0 >>> 24)] ^ (tt >>> 24));
-    out[j++] = (byte) (S[(t1 >>> 16) & 0xFF] ^ (tt >>> 16));
-    out[j++] = (byte) (S[(t2 >>> 8) & 0xFF] ^ (tt >>> 8));
-    out[j++] = (byte) (S[t3 & 0xFF] ^ tt);
+    out[j++] = (byte)(S[(t0 >>> 24)       ] ^ (tt >>> 24));
+    out[j++] = (byte)(S[(t1 >>> 16) & 0xFF] ^ (tt >>> 16));
+    out[j++] = (byte)(S[(t2 >>>  8) & 0xFF] ^ (tt >>>  8));
+    out[j++] = (byte)(S[ t3         & 0xFF] ^  tt        );
     tt = Ker[1];
-    out[j++] = (byte) (S[(t1 >>> 24)] ^ (tt >>> 24));
-    out[j++] = (byte) (S[(t2 >>> 16) & 0xFF] ^ (tt >>> 16));
-    out[j++] = (byte) (S[(t3 >>> 8) & 0xFF] ^ (tt >>> 8));
-    out[j++] = (byte) (S[t0 & 0xFF] ^ tt);
+    out[j++] = (byte)(S[(t1 >>> 24)       ] ^ (tt >>> 24));
+    out[j++] = (byte)(S[(t2 >>> 16) & 0xFF] ^ (tt >>> 16));
+    out[j++] = (byte)(S[(t3 >>>  8) & 0xFF] ^ (tt >>>  8));
+    out[j++] = (byte)(S[ t0         & 0xFF] ^  tt        );
     tt = Ker[2];
-    out[j++] = (byte) (S[(t2 >>> 24)] ^ (tt >>> 24));
-    out[j++] = (byte) (S[(t3 >>> 16) & 0xFF] ^ (tt >>> 16));
-    out[j++] = (byte) (S[(t0 >>> 8) & 0xFF] ^ (tt >>> 8));
-    out[j++] = (byte) (S[t1 & 0xFF] ^ tt);
+    out[j++] = (byte)(S[(t2 >>> 24)       ] ^ (tt >>> 24));
+    out[j++] = (byte)(S[(t3 >>> 16) & 0xFF] ^ (tt >>> 16));
+    out[j++] = (byte)(S[(t0 >>>  8) & 0xFF] ^ (tt >>>  8));
+    out[j++] = (byte)(S[ t1         & 0xFF] ^  tt        );
     tt = Ker[3];
-    out[j++] = (byte) (S[(t3 >>> 24)] ^ (tt >>> 24));
-    out[j++] = (byte) (S[(t0 >>> 16) & 0xFF] ^ (tt >>> 16));
-    out[j++] = (byte) (S[(t1 >>> 8) & 0xFF] ^ (tt >>> 8));
-    out[j++] = (byte) (S[t2 & 0xFF] ^ tt);
-
-    if (DEBUG && debuglevel > 6)
-      {
-        System.out.println("CT=" + Util.toString(out, j - 15, 16));
-        System.out.println();
-      }
+    out[j++] = (byte)(S[(t3 >>> 24)       ] ^ (tt >>> 24));
+    out[j++] = (byte)(S[(t0 >>> 16) & 0xFF] ^ (tt >>> 16));
+    out[j++] = (byte)(S[(t1 >>>  8) & 0xFF] ^ (tt >>>  8));
+    out[j++] = (byte)(S[ t2         & 0xFF] ^  tt        );
+    if (Configuration.DEBUG)
+      log.fine("CT=" + Util.toString(out, j - 16, 16));
   }
 
   private static void aesDecrypt(byte[] in, int i, byte[] out, int j, Object key)
   {
-    int[][] Kd = (int[][]) ((Object[]) key)[1]; // extract decryption round keys
+    int[][] Kd = (int[][])((Object[]) key)[1]; // extract decryption round keys
     int ROUNDS = Kd.length - 1;
     int[] Kdr = Kd[0];
-
     // ciphertext to ints + key
-    int t0 = (in[i++] << 24 | (in[i++] & 0xFF) << 16 | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF))
-             ^ Kdr[0];
-    int t1 = (in[i++] << 24 | (in[i++] & 0xFF) << 16 | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF))
-             ^ Kdr[1];
-    int t2 = (in[i++] << 24 | (in[i++] & 0xFF) << 16 | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF))
-             ^ Kdr[2];
-    int t3 = (in[i++] << 24 | (in[i++] & 0xFF) << 16 | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF))
-             ^ Kdr[3];
+    int t0 = (in[i++]         << 24
+           | (in[i++] & 0xFF) << 16
+           | (in[i++] & 0xFF) <<  8
+           | (in[i++] & 0xFF)      ) ^ Kdr[0];
+    int t1 = (in[i++]         << 24
+           | (in[i++] & 0xFF) << 16
+           | (in[i++] & 0xFF) <<  8
+           | (in[i++] & 0xFF)      ) ^ Kdr[1];
+    int t2 = (in[i++]         << 24
+           | (in[i++] & 0xFF) << 16
+           | (in[i++] & 0xFF) <<  8
+           | (in[i++] & 0xFF)      ) ^ Kdr[2];
+    int t3 = (in[i++]         << 24
+           | (in[i++] & 0xFF) << 16
+           | (in[i++] & 0xFF) <<  8
+           | (in[i++] & 0xFF)      ) ^ Kdr[3];
 
     int a0, a1, a2, a3;
-    for (int r = 1; r < ROUNDS; r++)
-      { // apply round transforms
+    for (int r = 1; r < ROUNDS; r++) // apply round transforms
+      {
         Kdr = Kd[r];
-        a0 = (T5[(t0 >>> 24)] ^ T6[(t3 >>> 16) & 0xFF] ^ T7[(t2 >>> 8) & 0xFF] ^ T8[t1 & 0xFF])
-             ^ Kdr[0];
-        a1 = (T5[(t1 >>> 24)] ^ T6[(t0 >>> 16) & 0xFF] ^ T7[(t3 >>> 8) & 0xFF] ^ T8[t2 & 0xFF])
-             ^ Kdr[1];
-        a2 = (T5[(t2 >>> 24)] ^ T6[(t1 >>> 16) & 0xFF] ^ T7[(t0 >>> 8) & 0xFF] ^ T8[t3 & 0xFF])
-             ^ Kdr[2];
-        a3 = (T5[(t3 >>> 24)] ^ T6[(t2 >>> 16) & 0xFF] ^ T7[(t1 >>> 8) & 0xFF] ^ T8[t0 & 0xFF])
-             ^ Kdr[3];
+        a0 = (T5[(t0 >>> 24)       ]
+            ^ T6[(t3 >>> 16) & 0xFF]
+            ^ T7[(t2 >>>  8) & 0xFF]
+            ^ T8[ t1         & 0xFF]) ^ Kdr[0];
+        a1 = (T5[(t1 >>> 24)       ]
+            ^ T6[(t0 >>> 16) & 0xFF]
+            ^ T7[(t3 >>>  8) & 0xFF]
+            ^ T8[ t2         & 0xFF]) ^ Kdr[1];
+        a2 = (T5[(t2 >>> 24)       ]
+            ^ T6[(t1 >>> 16) & 0xFF]
+            ^ T7[(t0 >>>  8) & 0xFF]
+            ^ T8[ t3         & 0xFF]) ^ Kdr[2];
+        a3 = (T5[(t3 >>> 24)       ]
+            ^ T6[(t2 >>> 16) & 0xFF]
+            ^ T7[(t1 >>>  8) & 0xFF]
+            ^ T8[ t0         & 0xFF]) ^ Kdr[3];
         t0 = a0;
         t1 = a1;
         t2 = a2;
         t3 = a3;
-
-        if (DEBUG && debuglevel > 6)
-          {
-            System.out.println("PT" + r + "=" + Util.toString(t0)
-                               + Util.toString(t1) + Util.toString(t2)
-                               + Util.toString(t3));
-          }
+        if (Configuration.DEBUG)
+          log.fine("PT" + r + "=" + Util.toString(t0) + Util.toString(t1)
+                   + Util.toString(t2) + Util.toString(t3));
       }
-
     // last round is special
     Kdr = Kd[ROUNDS];
     int tt = Kdr[0];
-    out[j++] = (byte) (Si[(t0 >>> 24)] ^ (tt >>> 24));
-    out[j++] = (byte) (Si[(t3 >>> 16) & 0xFF] ^ (tt >>> 16));
-    out[j++] = (byte) (Si[(t2 >>> 8) & 0xFF] ^ (tt >>> 8));
-    out[j++] = (byte) (Si[t1 & 0xFF] ^ tt);
+    out[j++] = (byte)(Si[(t0 >>> 24)       ] ^ (tt >>> 24));
+    out[j++] = (byte)(Si[(t3 >>> 16) & 0xFF] ^ (tt >>> 16));
+    out[j++] = (byte)(Si[(t2 >>>  8) & 0xFF] ^ (tt >>>  8));
+    out[j++] = (byte)(Si[ t1         & 0xFF] ^  tt        );
     tt = Kdr[1];
-    out[j++] = (byte) (Si[(t1 >>> 24)] ^ (tt >>> 24));
-    out[j++] = (byte) (Si[(t0 >>> 16) & 0xFF] ^ (tt >>> 16));
-    out[j++] = (byte) (Si[(t3 >>> 8) & 0xFF] ^ (tt >>> 8));
-    out[j++] = (byte) (Si[t2 & 0xFF] ^ tt);
+    out[j++] = (byte)(Si[(t1 >>> 24)       ] ^ (tt >>> 24));
+    out[j++] = (byte)(Si[(t0 >>> 16) & 0xFF] ^ (tt >>> 16));
+    out[j++] = (byte)(Si[(t3 >>>  8) & 0xFF] ^ (tt >>>  8));
+    out[j++] = (byte)(Si[ t2         & 0xFF] ^  tt        );
     tt = Kdr[2];
-    out[j++] = (byte) (Si[(t2 >>> 24)] ^ (tt >>> 24));
-    out[j++] = (byte) (Si[(t1 >>> 16) & 0xFF] ^ (tt >>> 16));
-    out[j++] = (byte) (Si[(t0 >>> 8) & 0xFF] ^ (tt >>> 8));
-    out[j++] = (byte) (Si[t3 & 0xFF] ^ tt);
+    out[j++] = (byte)(Si[(t2 >>> 24)       ] ^ (tt >>> 24));
+    out[j++] = (byte)(Si[(t1 >>> 16) & 0xFF] ^ (tt >>> 16));
+    out[j++] = (byte)(Si[(t0 >>>  8) & 0xFF] ^ (tt >>>  8));
+    out[j++] = (byte)(Si[ t3         & 0xFF] ^  tt        );
     tt = Kdr[3];
-    out[j++] = (byte) (Si[(t3 >>> 24)] ^ (tt >>> 24));
-    out[j++] = (byte) (Si[(t2 >>> 16) & 0xFF] ^ (tt >>> 16));
-    out[j++] = (byte) (Si[(t1 >>> 8) & 0xFF] ^ (tt >>> 8));
-    out[j++] = (byte) (Si[t0 & 0xFF] ^ tt);
-
-    if (DEBUG && debuglevel > 6)
-      {
-        System.out.println("PT=" + Util.toString(out, j - 15, 16));
-        System.out.println();
-      }
+    out[j++] = (byte)(Si[(t3 >>> 24)       ] ^ (tt >>> 24));
+    out[j++] = (byte)(Si[(t2 >>> 16) & 0xFF] ^ (tt >>> 16));
+    out[j++] = (byte)(Si[(t1 >>>  8) & 0xFF] ^ (tt >>>  8));
+    out[j++] = (byte)(Si[ t0         & 0xFF] ^  tt        );
+    if (Configuration.DEBUG)
+      log.fine("PT=" + Util.toString(out, j - 16, 16));
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.lang.Cloneable interface implementation ----------------------------
-
   public Object clone()
   {
     Rijndael result = new Rijndael();
@@ -688,14 +568,12 @@ public final class Rijndael extends BaseCipher
     return result;
   }
 
-  // IBlockCipherSpi interface implementation --------------------------------
-
   public Iterator blockSizes()
   {
     ArrayList al = new ArrayList();
-    al.add(new Integer(128 / 8));
-    al.add(new Integer(192 / 8));
-    al.add(new Integer(256 / 8));
+    al.add(Integer.valueOf(128 / 8));
+    al.add(Integer.valueOf(192 / 8));
+    al.add(Integer.valueOf(256 / 8));
 
     return Collections.unmodifiableList(al).iterator();
   }
@@ -703,9 +581,9 @@ public final class Rijndael extends BaseCipher
   public Iterator keySizes()
   {
     ArrayList al = new ArrayList();
-    al.add(new Integer(128 / 8));
-    al.add(new Integer(192 / 8));
-    al.add(new Integer(256 / 8));
+    al.add(Integer.valueOf(128 / 8));
+    al.add(Integer.valueOf(192 / 8));
+    al.add(Integer.valueOf(256 / 8));
 
     return Collections.unmodifiableList(al).iterator();
   }
@@ -713,7 +591,7 @@ public final class Rijndael extends BaseCipher
   /**
    * Expands a user-supplied key material into a session key for a designated
    * <i>block size</i>.
-   *
+   * 
    * @param k the 128/192/256-bit user-key to use.
    * @param bs the block size in bytes of this Rijndael.
    * @return an Object encapsulating the session key.
@@ -723,18 +601,11 @@ public final class Rijndael extends BaseCipher
   public Object makeKey(byte[] k, int bs) throws InvalidKeyException
   {
     if (k == null)
-      {
-        throw new InvalidKeyException("Empty key");
-      }
-    if (!(k.length == 16 || k.length == 24 || k.length == 32))
-      {
-        throw new InvalidKeyException("Incorrect key length");
-      }
-    if (!(bs == 16 || bs == 24 || bs == 32))
-      {
-        throw new IllegalArgumentException();
-      }
-
+      throw new InvalidKeyException("Empty key");
+    if (! (k.length == 16 || k.length == 24 || k.length == 32))
+      throw new InvalidKeyException("Incorrect key length");
+    if (! (bs == 16 || bs == 24 || bs == 32))
+      throw new IllegalArgumentException();
     int ROUNDS = getRounds(k.length, bs);
     int BC = bs / 4;
     int[][] Ke = new int[ROUNDS + 1][BC]; // encryption round keys
@@ -743,13 +614,12 @@ public final class Rijndael extends BaseCipher
     int KC = k.length / 4;
     int[] tk = new int[KC];
     int i, j;
-
     // copy user material bytes into temporary ints
     for (i = 0, j = 0; i < KC;)
-      {
-        tk[i++] = k[j++] << 24 | (k[j++] & 0xFF) << 16 | (k[j++] & 0xFF) << 8
-                  | (k[j++] & 0xFF);
-      }
+      tk[i++] =  k[j++]         << 24
+              | (k[j++] & 0xFF) << 16
+              | (k[j++] & 0xFF) << 8
+              | (k[j++] & 0xFF);
     // copy values into round key arrays
     int t = 0;
     for (j = 0; (j < KC) && (t < ROUND_KEY_COUNT); j++, t++)
@@ -763,31 +633,23 @@ public final class Rijndael extends BaseCipher
         // extrapolate using phi (the round key evolution function)
         tt = tk[KC - 1];
         tk[0] ^= (S[(tt >>> 16) & 0xFF] & 0xFF) << 24
-                 ^ (S[(tt >>> 8) & 0xFF] & 0xFF) << 16
-                 ^ (S[tt & 0xFF] & 0xFF) << 8 ^ (S[(tt >>> 24)] & 0xFF)
-                 ^ rcon[rconpointer++] << 24;
+               ^ (S[(tt >>>  8) & 0xFF] & 0xFF) << 16
+               ^ (S[ tt         & 0xFF] & 0xFF) <<  8
+               ^ (S[(tt >>> 24)       ] & 0xFF) ^ rcon[rconpointer++] << 24;
         if (KC != 8)
-          {
-            for (i = 1, j = 0; i < KC;)
-              {
-                tk[i++] ^= tk[j++];
-              }
-          }
+          for (i = 1, j = 0; i < KC;)
+            tk[i++] ^= tk[j++];
         else
           {
             for (i = 1, j = 0; i < KC / 2;)
-              {
-                tk[i++] ^= tk[j++];
-              }
+              tk[i++] ^= tk[j++];
             tt = tk[KC / 2 - 1];
-            tk[KC / 2] ^= (S[tt & 0xFF] & 0xFF)
-                          ^ (S[(tt >>> 8) & 0xFF] & 0xFF) << 8
-                          ^ (S[(tt >>> 16) & 0xFF] & 0xFF) << 16
-                          ^ S[(tt >>> 24) & 0xFF] << 24;
+            tk[KC / 2] ^= (S[ tt         & 0xFF] & 0xFF)
+                        ^ (S[(tt >>>  8) & 0xFF] & 0xFF) << 8
+                        ^ (S[(tt >>> 16) & 0xFF] & 0xFF) << 16
+                        ^  S[(tt >>> 24) & 0xFF]         << 24;
             for (j = KC / 2, i = j + 1; i < KC;)
-              {
-                tk[i++] ^= tk[j++];
-              }
+              tk[i++] ^= tk[j++];
           }
         // copy values into round key arrays
         for (j = 0; (j < KC) && (t < ROUND_KEY_COUNT); j++, t++)
@@ -796,51 +658,36 @@ public final class Rijndael extends BaseCipher
             Kd[ROUNDS - (t / BC)][t % BC] = tk[j];
           }
       }
-    for (int r = 1; r < ROUNDS; r++)
-      { // inverse MixColumn where needed
-        for (j = 0; j < BC; j++)
-          {
-            tt = Kd[r][j];
-            Kd[r][j] = U1[(tt >>> 24)] ^ U2[(tt >>> 16) & 0xFF]
-                       ^ U3[(tt >>> 8) & 0xFF] ^ U4[tt & 0xFF];
-          }
-      }
-
+    for (int r = 1; r < ROUNDS; r++) // inverse MixColumn where needed
+      for (j = 0; j < BC; j++)
+        {
+          tt = Kd[r][j];
+          Kd[r][j] = U1[(tt >>> 24)       ]
+                   ^ U2[(tt >>> 16) & 0xFF]
+                   ^ U3[(tt >>>  8) & 0xFF]
+                   ^ U4[ tt         & 0xFF];
+        }
     return new Object[] { Ke, Kd };
   }
 
   public void encrypt(byte[] in, int i, byte[] out, int j, Object k, int bs)
   {
-    if (!(bs == 16 || bs == 24 || bs == 32))
-      {
-        throw new IllegalArgumentException();
-      }
-
+    if (! (bs == 16 || bs == 24 || bs == 32))
+      throw new IllegalArgumentException();
     if (bs == DEFAULT_BLOCK_SIZE)
-      {
-        aesEncrypt(in, i, out, j, k);
-      }
+      aesEncrypt(in, i, out, j, k);
     else
-      {
-        rijndaelEncrypt(in, i, out, j, k, bs);
-      }
+      rijndaelEncrypt(in, i, out, j, k, bs);
   }
 
   public void decrypt(byte[] in, int i, byte[] out, int j, Object k, int bs)
   {
-    if (!(bs == 16 || bs == 24 || bs == 32))
-      {
-        throw new IllegalArgumentException();
-      }
-
+    if (! (bs == 16 || bs == 24 || bs == 32))
+      throw new IllegalArgumentException();
     if (bs == DEFAULT_BLOCK_SIZE)
-      {
-        aesDecrypt(in, i, out, j, k);
-      }
+      aesDecrypt(in, i, out, j, k);
     else
-      {
-        rijndaelDecrypt(in, i, out, j, k, bs);
-      }
+      rijndaelDecrypt(in, i, out, j, k, bs);
   }
 
   public boolean selfTest()
@@ -849,11 +696,9 @@ public final class Rijndael extends BaseCipher
       {
         boolean result = super.selfTest(); // do symmetry tests
         if (result)
-          {
-            result = testKat(KAT_KEY, KAT_CT);
-          }
+          result = testKat(KAT_KEY, KAT_CT);
         valid = Boolean.valueOf(result);
       }
     return valid.booleanValue();
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/cipher/Serpent.java b/libjava/classpath/gnu/javax/crypto/cipher/Serpent.java
index 2ed1e4b5593..636e311e7ee 100644
--- a/libjava/classpath/gnu/javax/crypto/cipher/Serpent.java
+++ b/libjava/classpath/gnu/javax/crypto/cipher/Serpent.java
@@ -47,78 +47,57 @@ import java.util.Collections;
 import java.util.Iterator;
 
 /**
- * <p>Serpent is a 32-round substitution-permutation network block cipher,
+ * Serpent is a 32-round substitution-permutation network block cipher,
  * operating on 128-bit blocks and accepting keys of 128, 192, and 256 bits in
  * length. At each round the plaintext is XORed with a 128 bit portion of the
  * session key -- a 4224 bit key computed from the input key -- then one of
  * eight S-boxes are applied, and finally a simple linear transformation is
  * done. Decryption does the exact same thing in reverse order, and using the
- * eight inverses of the S-boxes.</p>
- *
- * <p>Serpent was designed by Ross Anderson, Eli Biham, and Lars Knudsen as a
- * proposed cipher for the Advanced Encryption Standard.</p>
- *
- * <p>Serpent can be sped up greatly by replacing S-box substitution with a
- * sequence of binary operations, and the optimal implementation depends
- * upon finding the fastest sequence of binary operations that reproduce this
- * substitution. This implementation uses the S-boxes discovered by
- * <a href="http://www.ii.uib.no/~osvik/">Dag Arne Osvik</a>, which are
- * optimized for the Pentium family of processors.</p>
- *
- * <p>References:</p>
- *
+ * eight inverses of the S-boxes.
+ * <p>
+ * Serpent was designed by Ross Anderson, Eli Biham, and Lars Knudsen as a
+ * proposed cipher for the Advanced Encryption Standard.
+ * <p>
+ * Serpent can be sped up greatly by replacing S-box substitution with a
+ * sequence of binary operations, and the optimal implementation depends upon
+ * finding the fastest sequence of binary operations that reproduce this
+ * substitution. This implementation uses the S-boxes discovered by <a
+ * href="http://www.ii.uib.no/~osvik/">Dag Arne Osvik</a>, which are optimized
+ * for the Pentium family of processors.
+ * <p>
+ * References:
  * <ol>
- *    <li><a href="http://www.cl.cam.ac.uk/~rja14/serpent.html">Serpent: A
- *    Candidate Block Cipher for the Advanced Encryption Standard.</a></li>
+ * <li><a href="http://www.cl.cam.ac.uk/~rja14/serpent.html">Serpent: A
+ * Candidate Block Cipher for the Advanced Encryption Standard.</a></li>
  * </ol>
  */
-public class Serpent extends BaseCipher
+public class Serpent
+    extends BaseCipher
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   private static final int DEFAULT_KEY_SIZE = 16;
-
   private static final int DEFAULT_BLOCK_SIZE = 16;
-
   private static final int ROUNDS = 32;
-
   /** The fractional part of the golden ratio, (sqrt(5)+1)/2. */
   private static final int PHI = 0x9e3779b9;
-
   /**
-   * KAT vector (from ecb_vk):
-   * I=9
+   * KAT vector (from ecb_vk): I=9
    * KEY=008000000000000000000000000000000000000000000000
    * CT=5587B5BCB9EE5A28BA2BACC418005240
    */
-  private static final byte[] KAT_KEY = Util.toReversedBytesFromString("008000000000000000000000000000000000000000000000");
-
-  private static final byte[] KAT_CT = Util.toReversedBytesFromString("5587B5BCB9EE5A28BA2BACC418005240");
-
+  private static final byte[] KAT_KEY = Util.toReversedBytesFromString(
+      "008000000000000000000000000000000000000000000000");
+  private static final byte[] KAT_CT =
+      Util.toReversedBytesFromString("5587B5BCB9EE5A28BA2BACC418005240");
   /** caches the result of the correctness test, once executed. */
   private static Boolean valid;
-
   private int x0, x1, x2, x3, x4;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial zero-argument constructor. */
   public Serpent()
   {
     super(Registry.SERPENT_CIPHER, DEFAULT_BLOCK_SIZE, DEFAULT_KEY_SIZE);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.lang.Cloneable interface implementation ----------------------------
-
   public Object clone()
   {
     Serpent result = new Serpent();
@@ -126,20 +105,17 @@ public class Serpent extends BaseCipher
     return result;
   }
 
-  // IBlockCipherSpi interface implementation --------------------------------
-
   public Iterator blockSizes()
   {
-    return Collections.singleton(new Integer(DEFAULT_BLOCK_SIZE)).iterator();
+    return Collections.singleton(Integer.valueOf(DEFAULT_BLOCK_SIZE)).iterator();
   }
 
   public Iterator keySizes()
   {
     ArrayList keySizes = new ArrayList();
-    keySizes.add(new Integer(16));
-    keySizes.add(new Integer(24));
-    keySizes.add(new Integer(32));
-
+    keySizes.add(Integer.valueOf(16));
+    keySizes.add(Integer.valueOf(24));
+    keySizes.add(Integer.valueOf(32));
     return Collections.unmodifiableList(keySizes).iterator();
   }
 
@@ -148,24 +124,19 @@ public class Serpent extends BaseCipher
     // Not strictly true, but here to conform with the AES proposal.
     // This restriction can be removed if deemed necessary.
     if (kb.length != 16 && kb.length != 24 && kb.length != 32)
-      {
-        throw new InvalidKeyException("Key length is not 16, 24, or 32 bytes");
-      }
+      throw new InvalidKeyException("Key length is not 16, 24, or 32 bytes");
     Key key = new Key();
-
     // Here w is our "pre-key".
     int[] w = new int[4 * (ROUNDS + 1)];
     int i, j;
     for (i = 0, j = 0; i < 8 && j < kb.length; i++)
-      {
-        w[i] = (kb[j++] & 0xff) | (kb[j++] & 0xff) << 8
-               | (kb[j++] & 0xff) << 16 | (kb[j++] & 0xff) << 24;
-      }
+      w[i] = (kb[j++] & 0xff)
+           | (kb[j++] & 0xff) << 8
+           | (kb[j++] & 0xff) << 16
+           | (kb[j++] & 0xff) << 24;
     // Pad key if < 256 bits.
     if (i != 8)
-      {
-        w[i] = 1;
-      }
+      w[i] = 1;
     // Transform using w_i-8 ... w_i-1
     for (i = 8, j = 0; i < 16; i++)
       {
@@ -174,16 +145,13 @@ public class Serpent extends BaseCipher
       }
     // Translate by 8.
     for (i = 0; i < 8; i++)
-      {
-        w[i] = w[i + 8];
-      }
+      w[i] = w[i + 8];
     // Transform the rest of the key.
     for (; i < w.length; i++)
       {
         int t = w[i - 8] ^ w[i - 5] ^ w[i - 3] ^ w[i - 1] ^ PHI ^ i;
         w[i] = t << 11 | t >>> 21;
       }
-
     // After these s-boxes the pre-key (w, above) will become the
     // session key (key, below).
     sbox3(w[0], w[1], w[2], w[3]);
@@ -351,7 +319,6 @@ public class Serpent extends BaseCipher
     key.k129 = x1;
     key.k130 = x2;
     key.k131 = x3;
-
     return key;
   }
 
@@ -359,16 +326,22 @@ public class Serpent extends BaseCipher
                                    Object K, int bs)
   {
     Key key = (Key) K;
-
-    x0 = (in[i] & 0xff) | (in[i + 1] & 0xff) << 8 | (in[i + 2] & 0xff) << 16
-         | (in[i + 3] & 0xff) << 24;
-    x1 = (in[i + 4] & 0xff) | (in[i + 5] & 0xff) << 8
-         | (in[i + 6] & 0xff) << 16 | (in[i + 7] & 0xff) << 24;
-    x2 = (in[i + 8] & 0xff) | (in[i + 9] & 0xff) << 8
-         | (in[i + 10] & 0xff) << 16 | (in[i + 11] & 0xff) << 24;
-    x3 = (in[i + 12] & 0xff) | (in[i + 13] & 0xff) << 8
-         | (in[i + 14] & 0xff) << 16 | (in[i + 15] & 0xff) << 24;
-
+    x0 = (in[i     ] & 0xff)
+       | (in[i +  1] & 0xff) << 8
+       | (in[i +  2] & 0xff) << 16
+       | (in[i +  3] & 0xff) << 24;
+    x1 = (in[i +  4] & 0xff)
+       | (in[i +  5] & 0xff) << 8
+       | (in[i +  6] & 0xff) << 16
+       | (in[i +  7] & 0xff) << 24;
+    x2 = (in[i +  8] & 0xff)
+       | (in[i +  9] & 0xff) << 8
+       | (in[i + 10] & 0xff) << 16
+       | (in[i + 11] & 0xff) << 24;
+    x3 = (in[i + 12] & 0xff)
+       | (in[i + 13] & 0xff) << 8
+       | (in[i + 14] & 0xff) << 16
+       | (in[i + 15] & 0xff) << 24;
     x0 ^= key.k0;
     x1 ^= key.k1;
     x2 ^= key.k2;
@@ -412,7 +385,6 @@ public class Serpent extends BaseCipher
     x0 = x3;
     x3 = x2;
     x2 = x4;
-
     x0 ^= key.k32;
     x1 ^= key.k33;
     x2 ^= key.k34;
@@ -456,7 +428,6 @@ public class Serpent extends BaseCipher
     x0 = x3;
     x3 = x2;
     x2 = x4;
-
     x0 ^= key.k64;
     x1 ^= key.k65;
     x2 ^= key.k66;
@@ -500,7 +471,6 @@ public class Serpent extends BaseCipher
     x0 = x3;
     x3 = x2;
     x2 = x4;
-
     x0 ^= key.k96;
     x1 ^= key.k97;
     x2 ^= key.k98;
@@ -548,39 +518,44 @@ public class Serpent extends BaseCipher
     x1 ^= key.k129;
     x2 ^= key.k130;
     x3 ^= key.k131;
-
-    out[o] = (byte) x0;
-    out[o + 1] = (byte) (x0 >>> 8);
-    out[o + 2] = (byte) (x0 >>> 16);
-    out[o + 3] = (byte) (x0 >>> 24);
-    out[o + 4] = (byte) x1;
-    out[o + 5] = (byte) (x1 >>> 8);
-    out[o + 6] = (byte) (x1 >>> 16);
-    out[o + 7] = (byte) (x1 >>> 24);
-    out[o + 8] = (byte) x2;
-    out[o + 9] = (byte) (x2 >>> 8);
-    out[o + 10] = (byte) (x2 >>> 16);
-    out[o + 11] = (byte) (x2 >>> 24);
+    out[o     ] = (byte) x0;
+    out[o +  1] = (byte)(x0 >>> 8);
+    out[o +  2] = (byte)(x0 >>> 16);
+    out[o +  3] = (byte)(x0 >>> 24);
+    out[o +  4] = (byte) x1;
+    out[o +  5] = (byte)(x1 >>> 8);
+    out[o +  6] = (byte)(x1 >>> 16);
+    out[o +  7] = (byte)(x1 >>> 24);
+    out[o +  8] = (byte) x2;
+    out[o +  9] = (byte)(x2 >>> 8);
+    out[o + 10] = (byte)(x2 >>> 16);
+    out[o + 11] = (byte)(x2 >>> 24);
     out[o + 12] = (byte) x3;
-    out[o + 13] = (byte) (x3 >>> 8);
-    out[o + 14] = (byte) (x3 >>> 16);
-    out[o + 15] = (byte) (x3 >>> 24);
+    out[o + 13] = (byte)(x3 >>> 8);
+    out[o + 14] = (byte)(x3 >>> 16);
+    out[o + 15] = (byte)(x3 >>> 24);
   }
 
   public synchronized void decrypt(byte[] in, int i, byte[] out, int o,
                                    Object K, int bs)
   {
     Key key = (Key) K;
-
-    x0 = (in[i] & 0xff) | (in[i + 1] & 0xff) << 8 | (in[i + 2] & 0xff) << 16
-         | (in[i + 3] & 0xff) << 24;
-    x1 = (in[i + 4] & 0xff) | (in[i + 5] & 0xff) << 8
-         | (in[i + 6] & 0xff) << 16 | (in[i + 7] & 0xff) << 24;
-    x2 = (in[i + 8] & 0xff) | (in[i + 9] & 0xff) << 8
-         | (in[i + 10] & 0xff) << 16 | (in[i + 11] & 0xff) << 24;
-    x3 = (in[i + 12] & 0xff) | (in[i + 13] & 0xff) << 8
-         | (in[i + 14] & 0xff) << 16 | (in[i + 15] & 0xff) << 24;
-
+    x0 = (in[i     ] & 0xff)
+       | (in[i +  1] & 0xff) << 8
+       | (in[i +  2] & 0xff) << 16
+       | (in[i +  3] & 0xff) << 24;
+    x1 = (in[i +  4] & 0xff)
+       | (in[i +  5] & 0xff) << 8
+       | (in[i +  6] & 0xff) << 16
+       | (in[i +  7] & 0xff) << 24;
+    x2 = (in[i +  8] & 0xff)
+       | (in[i +  9] & 0xff) << 8
+       | (in[i + 10] & 0xff) << 16
+       | (in[i + 11] & 0xff) << 24;
+    x3 = (in[i + 12] & 0xff)
+       | (in[i + 13] & 0xff) << 8
+       | (in[i + 14] & 0xff) << 16
+       | (in[i + 15] & 0xff) << 24;
     x0 ^= key.k128;
     x1 ^= key.k129;
     x2 ^= key.k130;
@@ -629,7 +604,6 @@ public class Serpent extends BaseCipher
     x1 = x3;
     x3 = x4;
     x4 = x2;
-
     x3 ^= key.k92;
     x0 ^= key.k93;
     x1 ^= key.k94;
@@ -673,7 +647,6 @@ public class Serpent extends BaseCipher
     x1 = x3;
     x3 = x4;
     x4 = x2;
-
     x3 ^= key.k60;
     x0 ^= key.k61;
     x1 ^= key.k62;
@@ -717,7 +690,6 @@ public class Serpent extends BaseCipher
     x1 = x3;
     x3 = x4;
     x4 = x2;
-
     x3 ^= key.k28;
     x0 ^= key.k29;
     x1 ^= key.k30;
@@ -756,28 +728,26 @@ public class Serpent extends BaseCipher
     x2 = x1;
     x1 = x3;
     x3 = x4;
-
     x0 ^= key.k0;
     x1 ^= key.k1;
     x2 ^= key.k2;
     x3 ^= key.k3;
-
-    out[o] = (byte) x0;
-    out[o + 1] = (byte) (x0 >>> 8);
-    out[o + 2] = (byte) (x0 >>> 16);
-    out[o + 3] = (byte) (x0 >>> 24);
-    out[o + 4] = (byte) x1;
-    out[o + 5] = (byte) (x1 >>> 8);
-    out[o + 6] = (byte) (x1 >>> 16);
-    out[o + 7] = (byte) (x1 >>> 24);
-    out[o + 8] = (byte) x2;
-    out[o + 9] = (byte) (x2 >>> 8);
-    out[o + 10] = (byte) (x2 >>> 16);
-    out[o + 11] = (byte) (x2 >>> 24);
+    out[o     ] = (byte) x0;
+    out[o +  1] = (byte)(x0 >>> 8);
+    out[o +  2] = (byte)(x0 >>> 16);
+    out[o +  3] = (byte)(x0 >>> 24);
+    out[o +  4] = (byte) x1;
+    out[o +  5] = (byte)(x1 >>> 8);
+    out[o +  6] = (byte)(x1 >>> 16);
+    out[o +  7] = (byte)(x1 >>> 24);
+    out[o +  8] = (byte) x2;
+    out[o +  9] = (byte)(x2 >>> 8);
+    out[o + 10] = (byte)(x2 >>> 16);
+    out[o + 11] = (byte)(x2 >>> 24);
     out[o + 12] = (byte) x3;
-    out[o + 13] = (byte) (x3 >>> 8);
-    out[o + 14] = (byte) (x3 >>> 16);
-    out[o + 15] = (byte) (x3 >>> 24);
+    out[o + 13] = (byte)(x3 >>> 8);
+    out[o + 14] = (byte)(x3 >>> 16);
+    out[o + 15] = (byte)(x3 >>> 24);
   }
 
   public boolean selfTest()
@@ -786,19 +756,14 @@ public class Serpent extends BaseCipher
       {
         boolean result = super.selfTest(); // do symmetry tests
         if (result)
-          {
-            result = testKat(KAT_KEY, KAT_CT);
-          }
+          result = testKat(KAT_KEY, KAT_CT);
         valid = Boolean.valueOf(result);
       }
     return valid.booleanValue();
   }
 
-  // Own methods. ----------------------------------------------------------
-
   // These first few S-boxes operate directly on the "registers",
   // x0..x4, and perform the linear transform.
-
   private void sbox0()
   {
     x3 ^= x0;
@@ -1492,8 +1457,6 @@ public class Serpent extends BaseCipher
     x2 ^= x1;
   }
 
-  // These S-Box functions are used in the key setup.
-
   /** S-Box 0. */
   private void sbox0(int r0, int r1, int r2, int r3)
   {
@@ -1654,15 +1617,9 @@ public class Serpent extends BaseCipher
     x3 = r0;
   }
 
-  // Inner classes.
-  // -----------------------------------------------------------------------
-
-  private class Key implements Cloneable
+  private class Key
+      implements Cloneable
   {
-
-    // Constants and variables.
-    // --------------------------------------------------------------------
-
     int k0, k1, k2, k3, k4, k5, k6, k7, k8, k9, k10, k11, k12, k13, k14, k15,
         k16, k17, k18, k19, k20, k21, k22, k23, k24, k25, k26, k27, k28, k29,
         k30, k31, k32, k33, k34, k35, k36, k37, k38, k39, k40, k41, k42, k43,
@@ -1674,9 +1631,6 @@ public class Serpent extends BaseCipher
         k112, k113, k114, k115, k116, k117, k118, k119, k120, k121, k122, k123,
         k124, k125, k126, k127, k128, k129, k130, k131;
 
-    // Constructors.
-    // --------------------------------------------------------------------
-
     /** Trivial 0-arguments constructor. */
     Key()
     {
@@ -1819,12 +1773,9 @@ public class Serpent extends BaseCipher
       this.k131 = that.k131;
     }
 
-    // Cloneable interface implementation.
-    // --------------------------------------------------------------------
-
     public Object clone()
     {
       return new Key(this);
     }
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/cipher/Square.java b/libjava/classpath/gnu/javax/crypto/cipher/Square.java
index a73116eb422..af738da043a 100644
--- a/libjava/classpath/gnu/javax/crypto/cipher/Square.java
+++ b/libjava/classpath/gnu/javax/crypto/cipher/Square.java
@@ -47,145 +47,74 @@ import java.util.Collections;
 import java.util.Iterator;
 
 /**
- * <p>Square is a 128-bit key, 128-bit block cipher algorithm developed by Joan
- * Daemen, Lars Knudsen and Vincent Rijmen.</p>
- *
- * <p>References:</p>
- *
+ * Square is a 128-bit key, 128-bit block cipher algorithm developed by Joan
+ * Daemen, Lars Knudsen and Vincent Rijmen.
+ * <p>
+ * References:
  * <ol>
- *    <li><a href="http://www.esat.kuleuven.ac.be/~rijmen/square/">The block
- *    cipher Square</a>.<br>
- *    <a href="mailto:daemen.j@protonworld.com">Joan Daemen</a>,
- *    <a href="mailto:lars.knudsen@esat.kuleuven.ac.be">Lars Knudsen</a> and
- *    <a href="mailto:vincent.rijmen@esat.kuleuven.ac.be">Vincent Rijmen</a>.</li>
+ * <li><a href="http://www.esat.kuleuven.ac.be/~rijmen/square/">The block
+ * cipher Square</a>.<br>
+ * <a href="mailto:daemen.j@protonworld.com">Joan Daemen</a>, <a
+ * href="mailto:lars.knudsen@esat.kuleuven.ac.be">Lars Knudsen</a> and <a
+ * href="mailto:vincent.rijmen@esat.kuleuven.ac.be">Vincent Rijmen</a>.</li>
  * </ol>
  */
-public final class Square extends BaseCipher
+public final class Square
+    extends BaseCipher
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   private static final int DEFAULT_BLOCK_SIZE = 16; // in bytes
-
   private static final int DEFAULT_KEY_SIZE = 16; // in bytes
-
   private static final int ROUNDS = 8;
-
   private static final int ROOT = 0x1F5; // for generating GF(2**8)
-
   private static final int[] OFFSET = new int[ROUNDS];
-
-  private static final String Sdata = "\uB1CE\uC395\u5AAD\uE702\u4D44\uFB91\u0C87\uA150"
-                                      + "\uCB67\u54DD\u468F\uE14E\uF0FD\uFCEB\uF9C4\u1A6E"
-                                      + "\u5EF5\uCC8D\u1C56\u43FE\u0761\uF875\u59FF\u0322"
-                                      + "\u8AD1\u13EE\u8800\u0E34\u1580\u94E3\uEDB5\u5323"
-                                      + "\u4B47\u17A7\u9035\uABD8\uB8DF\u4F57\u9A92\uDB1B"
-                                      + "\u3CC8\u9904\u8EE0\uD77D\u85BB\u402C\u3A45\uF142"
-                                      + "\u6520\u4118\u7225\u9370\u3605\uF20B\uA379\uEC08"
-                                      + "\u2731\u32B6\u7CB0\u0A73\u5B7B\uB781\uD20D\u6A26"
-                                      + "\u9E58\u9C83\u74B3\uAC30\u7A69\u770F\uAE21\uDED0"
-                                      + "\u2E97\u10A4\u98A8\uD468\u2D62\u296D\u1649\u76C7"
-                                      + "\uE8C1\u9637\uE5CA\uF4E9\u6312\uC2A6\u14BC\uD328"
-                                      + "\uAF2F\uE624\u52C6\uA009\uBD8C\uCF5D\u115F\u01C5"
-                                      + "\u9F3D\uA29B\uC93B\uBE51\u191F\u3F5C\uB2EF\u4ACD"
-                                      + "\uBFBA\u6F64\uD9F3\u3EB4\uAADC\uD506\uC07E\uF666"
-                                      + "\u6C84\u7138\uB91D\u7F9D\u488B\u2ADA\uA533\u8239"
-                                      + "\uD678\u86FA\uE42B\uA91E\u8960\u6BEA\u554C\uF7E2";
-
+  private static final String Sdata =
+      "\uB1CE\uC395\u5AAD\uE702\u4D44\uFB91\u0C87\uA150"
+    + "\uCB67\u54DD\u468F\uE14E\uF0FD\uFCEB\uF9C4\u1A6E"
+    + "\u5EF5\uCC8D\u1C56\u43FE\u0761\uF875\u59FF\u0322"
+    + "\u8AD1\u13EE\u8800\u0E34\u1580\u94E3\uEDB5\u5323"
+    + "\u4B47\u17A7\u9035\uABD8\uB8DF\u4F57\u9A92\uDB1B"
+    + "\u3CC8\u9904\u8EE0\uD77D\u85BB\u402C\u3A45\uF142"
+    + "\u6520\u4118\u7225\u9370\u3605\uF20B\uA379\uEC08"
+    + "\u2731\u32B6\u7CB0\u0A73\u5B7B\uB781\uD20D\u6A26"
+    + "\u9E58\u9C83\u74B3\uAC30\u7A69\u770F\uAE21\uDED0"
+    + "\u2E97\u10A4\u98A8\uD468\u2D62\u296D\u1649\u76C7"
+    + "\uE8C1\u9637\uE5CA\uF4E9\u6312\uC2A6\u14BC\uD328"
+    + "\uAF2F\uE624\u52C6\uA009\uBD8C\uCF5D\u115F\u01C5"
+    + "\u9F3D\uA29B\uC93B\uBE51\u191F\u3F5C\uB2EF\u4ACD"
+    + "\uBFBA\u6F64\uD9F3\u3EB4\uAADC\uD506\uC07E\uF666"
+    + "\u6C84\u7138\uB91D\u7F9D\u488B\u2ADA\uA533\u8239"
+    + "\uD678\u86FA\uE42B\uA91E\u8960\u6BEA\u554C\uF7E2";
   /** Substitution boxes for encryption and decryption. */
   private static final byte[] Se = new byte[256];
-
   private static final byte[] Sd = new byte[256];
-
   /** Transposition boxes for encryption and decryption. */
   private static final int[] Te = new int[256];
-
   private static final int[] Td = new int[256];
-
   /**
-   * KAT vector (from ecb_vk):
-   * I=87
-   * KEY=00000000000000000000020000000000
+   * KAT vector (from ecb_vk): I=87 KEY=00000000000000000000020000000000
    * CT=A9DF031B4E25E89F527EFFF89CB0BEBA
    */
-  private static final byte[] KAT_KEY = Util.toBytesFromString("00000000000000000000020000000000");
-
-  private static final byte[] KAT_CT = Util.toBytesFromString("A9DF031B4E25E89F527EFFF89CB0BEBA");
-
+  private static final byte[] KAT_KEY =
+      Util.toBytesFromString("00000000000000000000020000000000");
+  private static final byte[] KAT_CT =
+      Util.toBytesFromString("A9DF031B4E25E89F527EFFF89CB0BEBA");
   /** caches the result of the correctness test, once executed. */
   private static Boolean valid;
-
-  // Static code - to intialise lookup tables
-  // -------------------------------------------------------------------------
-
   static
     {
       int i, j;
-      /*
-       // Generate exp and log tables used in multiplication over GF(2 ** m)
-       byte[] exp = new byte[256];
-       byte[] log = new byte[256];
-
-       exp[0] = 1;
-       for (i = 1; i < 256; i++) {
-       j = exp[i - 1] << 1;
-       if ((j & 0x100) != 0) {
-       j ^= ROOT; // reduce j (mod ROOT)
-       }
-
-       exp[i] = (byte) j;
-       log[j & 0xFF] = (byte) i;
-       }
-
-       // Compute the substitution box Se[] and its inverse Sd[] based on
-       // F(x) = x**{-1} plus affine transform of the output.
-       Se[0] = 0;
-       Se[1] = 1;
-       for (i = 2; i < 256; i++) {
-       Se[i] = exp[(255 - log[i]) & 0xFF];
-       }
-
-       // Let Se[i] be represented as an 8-row vector V over GF(2); the affine
-       // transformation is A * V + T, where the rows of the 8 x 8 matrix A are
-       // contained in trans[0]...trans[7] and the 8-row vector T is contained
-       // in 0xB1.
-       int[] trans = new int[] {0x01, 0x03, 0x05, 0x0F, 0x1F, 0x3D, 0x7B, 0xD6};
-       int u, v;
-       for (i = 0; i < 256; i++) {
-       v = 0xB1;                        // affine part of the transform
-       for (j = 0; j < 8; j++) {
-       u = Se[i] & trans[j] & 0xFF; // column-wise mult. over GF(2)
-       u ^= u >>> 4;                // sum of all bits of u over GF(2)
-       u ^= u >>> 2;
-       u ^= u >>> 1;
-       u &= 1;
-       v ^= u << j;                 // row alignment of the result
-       }
-       Se[i] = (byte) v;
-       Sd[v] = (byte) i;                // inverse substitution box
-       }
-
-       System.out.println("Se="+Util.toUnicodeString(Se));
-       System.out.println("Sd="+Util.toUnicodeString(Sd));
-       */
-      /**/
       // re-construct Se box values
       int limit = Sdata.length();
       char c1;
       for (i = 0, j = 0; i < limit; i++)
         {
           c1 = Sdata.charAt(i);
-          Se[j++] = (byte) (c1 >>> 8);
+          Se[j++] = (byte)(c1 >>> 8);
           Se[j++] = (byte) c1;
         }
-
       // compute Sd box values
       for (i = 0; i < 256; i++)
-        {
-          Sd[Se[i] & 0xFF] = (byte) i;
-        }
-
+        Sd[Se[i] & 0xFF] = (byte) i;
       // generate OFFSET values
       OFFSET[0] = 1;
       for (i = 1; i < ROUNDS; i++)
@@ -193,9 +122,7 @@ public final class Square extends BaseCipher
           OFFSET[i] = mul(OFFSET[i - 1], 2);
           OFFSET[i - 1] <<= 24;
         }
-
       OFFSET[ROUNDS - 1] <<= 24;
-
       // generate Te and Td boxes if we're not reading their values
       // Notes:
       // (1) The function mul() computes the product of two elements of GF(2**8)
@@ -207,111 +134,122 @@ public final class Square extends BaseCipher
       for (i = 0; i < 256; i++)
         {
           j = Se[i] & 0xFF;
-          Te[i] = (Se[i & 3] == 0) ? 0 : mul(j, 2) << 24 | j << 16 | j << 8
-                                         | mul(j, 3);
-
+          Te[i] = (Se[i & 3] == 0) ? 0
+                                   : mul(j, 2) << 24
+                                   | j << 16
+                                   | j << 8
+                                   | mul(j, 3);
           j = Sd[i] & 0xFF;
-          Td[i] = (Sd[i & 3] == 0) ? 0 : mul(j, 14) << 24 | mul(j, 9) << 16
-                                         | mul(j, 13) << 8 | mul(j, 11);
+          Td[i] = (Sd[i & 3] == 0) ? 0
+                                   : mul(j, 14) << 24
+                                   | mul(j,  9) << 16
+                                   | mul(j, 13) << 8
+                                   | mul(j, 11);
         }
-      /**/
     }
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial 0-arguments constructor. */
   public Square()
   {
     super(Registry.SQUARE_CIPHER, DEFAULT_BLOCK_SIZE, DEFAULT_KEY_SIZE);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   private static void square(byte[] in, int i, byte[] out, int j, int[][] K,
                              int[] T, byte[] S)
   {
-    int a = ((in[i++]) << 24 | (in[i++] & 0xFF) << 16 | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF))
-            ^ K[0][0];
-    int b = ((in[i++]) << 24 | (in[i++] & 0xFF) << 16 | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF))
-            ^ K[0][1];
-    int c = ((in[i++]) << 24 | (in[i++] & 0xFF) << 16 | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF))
-            ^ K[0][2];
-    int d = ((in[i++]) << 24 | (in[i++] & 0xFF) << 16 | (in[i++] & 0xFF) << 8 | (in[i] & 0xFF))
-            ^ K[0][3];
-
+    int a = ((in[i++])        << 24
+           | (in[i++] & 0xFF) << 16
+           | (in[i++] & 0xFF) <<  8
+           | (in[i++] & 0xFF)      ) ^ K[0][0];
+    int b = ((in[i++])        << 24
+           | (in[i++] & 0xFF) << 16
+           | (in[i++] & 0xFF) <<  8
+           | (in[i++] & 0xFF)      ) ^ K[0][1];
+    int c = ((in[i++])        << 24
+           | (in[i++] & 0xFF) << 16
+           | (in[i++] & 0xFF) <<  8
+           | (in[i++] & 0xFF)      ) ^ K[0][2];
+    int d = ((in[i++])        << 24
+           | (in[i++] & 0xFF) << 16
+           | (in[i++] & 0xFF) <<  8
+           | (in[i  ] & 0xFF)      ) ^ K[0][3];
     int r, aa, bb, cc, dd;
     for (r = 1; r < ROUNDS; r++)
       { // R - 1 full rounds
-        aa = T[(a >>> 24)] ^ rot32R(T[(b >>> 24)], 8)
-             ^ rot32R(T[(c >>> 24)], 16) ^ rot32R(T[(d >>> 24)], 24) ^ K[r][0];
-        bb = T[(a >>> 16) & 0xFF] ^ rot32R(T[(b >>> 16) & 0xFF], 8)
-             ^ rot32R(T[(c >>> 16) & 0xFF], 16)
-             ^ rot32R(T[(d >>> 16) & 0xFF], 24) ^ K[r][1];
-        cc = T[(a >>> 8) & 0xFF] ^ rot32R(T[(b >>> 8) & 0xFF], 8)
-             ^ rot32R(T[(c >>> 8) & 0xFF], 16)
-             ^ rot32R(T[(d >>> 8) & 0xFF], 24) ^ K[r][2];
-        dd = T[a & 0xFF] ^ rot32R(T[b & 0xFF], 8) ^ rot32R(T[c & 0xFF], 16)
-             ^ rot32R(T[d & 0xFF], 24) ^ K[r][3];
-
+        aa =        T[(a >>> 24)       ]
+           ^ rot32R(T[(b >>> 24)       ], 8)
+           ^ rot32R(T[(c >>> 24)       ], 16)
+           ^ rot32R(T[(d >>> 24)       ], 24) ^ K[r][0];
+        bb =        T[(a >>> 16) & 0xFF]
+           ^ rot32R(T[(b >>> 16) & 0xFF], 8)
+           ^ rot32R(T[(c >>> 16) & 0xFF], 16)
+           ^ rot32R(T[(d >>> 16) & 0xFF], 24) ^ K[r][1];
+        cc =        T[(a >>>  8) & 0xFF]
+           ^ rot32R(T[(b >>>  8) & 0xFF], 8)
+           ^ rot32R(T[(c >>>  8) & 0xFF], 16)
+           ^ rot32R(T[(d >>>  8) & 0xFF], 24) ^ K[r][2];
+        dd =        T[ a         & 0xFF]
+           ^ rot32R(T[ b         & 0xFF], 8)
+           ^ rot32R(T[ c         & 0xFF], 16)
+           ^ rot32R(T[ d         & 0xFF], 24) ^ K[r][3];
         a = aa;
         b = bb;
         c = cc;
         d = dd;
       }
-
     // last round (diffusion becomes only transposition)
-    aa = ((S[(a >>> 24)]) << 24 | (S[(b >>> 24)] & 0xFF) << 16
-          | (S[(c >>> 24)] & 0xFF) << 8 | (S[(d >>> 24)] & 0xFF))
-         ^ K[r][0];
-    bb = ((S[(a >>> 16) & 0xFF]) << 24 | (S[(b >>> 16) & 0xFF] & 0xFF) << 16
-          | (S[(c >>> 16) & 0xFF] & 0xFF) << 8 | (S[(d >>> 16) & 0xFF] & 0xFF))
-         ^ K[r][1];
-    cc = ((S[(a >>> 8) & 0xFF]) << 24 | (S[(b >>> 8) & 0xFF] & 0xFF) << 16
-          | (S[(c >>> 8) & 0xFF] & 0xFF) << 8 | (S[(d >>> 8) & 0xFF] & 0xFF))
-         ^ K[r][2];
-    dd = ((S[a & 0xFF]) << 24 | (S[b & 0xFF] & 0xFF) << 16
-          | (S[c & 0xFF] & 0xFF) << 8 | (S[d & 0xFF] & 0xFF))
-         ^ K[r][3];
-
-    out[j++] = (byte) (aa >>> 24);
-    out[j++] = (byte) (aa >>> 16);
-    out[j++] = (byte) (aa >>> 8);
+    aa = ((S[(a >>> 24)       ]       ) << 24
+        | (S[(b >>> 24)       ] & 0xFF) << 16
+        | (S[(c >>> 24)       ] & 0xFF) <<  8
+        | (S[(d >>> 24)       ] & 0xFF)      ) ^ K[r][0];
+    bb = ((S[(a >>> 16) & 0xFF]       ) << 24
+        | (S[(b >>> 16) & 0xFF] & 0xFF) << 16
+        | (S[(c >>> 16) & 0xFF] & 0xFF) <<  8
+        | (S[(d >>> 16) & 0xFF] & 0xFF)      ) ^ K[r][1];
+    cc = ((S[(a >>>  8) & 0xFF]       ) << 24
+        | (S[(b >>>  8) & 0xFF] & 0xFF) << 16
+        | (S[(c >>>  8) & 0xFF] & 0xFF) <<  8
+        | (S[(d >>>  8) & 0xFF] & 0xFF)      ) ^ K[r][2];
+    dd = ((S[ a         & 0xFF]       ) << 24
+        | (S[ b         & 0xFF] & 0xFF) << 16
+        | (S[ c         & 0xFF] & 0xFF) <<  8
+        | (S[ d         & 0xFF] & 0xFF)      ) ^ K[r][3];
+    out[j++] = (byte)(aa >>> 24);
+    out[j++] = (byte)(aa >>> 16);
+    out[j++] = (byte)(aa >>> 8);
     out[j++] = (byte) aa;
-    out[j++] = (byte) (bb >>> 24);
-    out[j++] = (byte) (bb >>> 16);
-    out[j++] = (byte) (bb >>> 8);
+    out[j++] = (byte)(bb >>> 24);
+    out[j++] = (byte)(bb >>> 16);
+    out[j++] = (byte)(bb >>> 8);
     out[j++] = (byte) bb;
-    out[j++] = (byte) (cc >>> 24);
-    out[j++] = (byte) (cc >>> 16);
-    out[j++] = (byte) (cc >>> 8);
+    out[j++] = (byte)(cc >>> 24);
+    out[j++] = (byte)(cc >>> 16);
+    out[j++] = (byte)(cc >>> 8);
     out[j++] = (byte) cc;
-    out[j++] = (byte) (dd >>> 24);
-    out[j++] = (byte) (dd >>> 16);
-    out[j++] = (byte) (dd >>> 8);
-    out[j] = (byte) dd;
+    out[j++] = (byte)(dd >>> 24);
+    out[j++] = (byte)(dd >>> 16);
+    out[j++] = (byte)(dd >>> 8);
+    out[j  ] = (byte) dd;
   }
 
   /**
-   * <p>Applies the Theta function to an input <i>in</i> in order to produce in
-   * <i>out</i> an internal session sub-key.</p>
-   *
-   * <p>Both <i>in</i> and <i>out</i> are arrays of four ints.</p>
-   *
-   * <p>Pseudo-code is:</p>
-   *
+   * Applies the Theta function to an input <i>in</i> in order to produce in
+   * <i>out</i> an internal session sub-key.
+   * <p>
+   * Both <i>in</i> and <i>out</i> are arrays of four ints.
+   * <p>
+   * Pseudo-code is:
    * <pre>
-   *    for (i = 0; i < 4; i++) {
-   *       out[i] = 0;
-   *       for (j = 0, n = 24; j < 4; j++, n -= 8) {
-   *          k = mul(in[i] >>> 24, G[0][j]) ^
-   *              mul(in[i] >>> 16, G[1][j]) ^
-   *              mul(in[i] >>>  8, G[2][j]) ^
-   *              mul(in[i]       , G[3][j]);
-   *          out[i] ^= k << n;
+   * for (i = 0; i &lt; 4; i++)
+   *   {
+   *     out[i] = 0;
+   *     for (j = 0, n = 24; j &lt; 4; j++, n -= 8)
+   *       {
+   *         k = mul(in[i] &gt;&gt;&gt; 24, G[0][j]) &circ; mul(in[i] &gt;&gt;&gt; 16, G[1][j])
+   *             &circ; mul(in[i] &gt;&gt;&gt; 8, G[2][j]) &circ; mul(in[i], G[3][j]);
+   *         out[i] &circ;= k &lt;&lt; n;
    *       }
-   *    }
+   *   }
    * </pre>
    */
   private static void transform(int[] in, int[] out)
@@ -332,8 +270,8 @@ public final class Square extends BaseCipher
   }
 
   /**
-   * <p>Left rotate a 32-bit chunk.</p>
-   *
+   * Left rotate a 32-bit chunk.
+   * 
    * @param x the 32-bit data to rotate
    * @param s number of places to left-rotate by
    * @return the newly permutated value.
@@ -344,8 +282,8 @@ public final class Square extends BaseCipher
   }
 
   /**
-   * <p>Right rotate a 32-bit chunk.</p>
-   *
+   * Right rotate a 32-bit chunk.
+   * 
    * @param x the 32-bit data to rotate
    * @param s number of places to right-rotate by
    * @return the newly permutated value.
@@ -356,12 +294,12 @@ public final class Square extends BaseCipher
   }
 
   /**
-   * <p>Returns the product of two binary numbers a and b, using the generator
-   * ROOT as the modulus: p = (a * b) mod ROOT. ROOT Generates a suitable
-   * Galois Field in GF(2**8).</p>
-   *
-   * <p>For best performance call it with abs(b) &lt; abs(a).</p>
-   *
+   * Returns the product of two binary numbers a and b, using the generator ROOT
+   * as the modulus: p = (a * b) mod ROOT. ROOT Generates a suitable Galois
+   * Field in GF(2**8).
+   * <p>
+   * For best performance call it with abs(b) &lt; abs(a).
+   * 
    * @param a operand for multiply.
    * @param b operand for multiply.
    * @return the result of (a * b) % ROOT.
@@ -369,35 +307,22 @@ public final class Square extends BaseCipher
   private static final int mul(int a, int b)
   {
     if (a == 0)
-      {
-        return 0;
-      }
-
+      return 0;
     a &= 0xFF;
     b &= 0xFF;
     int result = 0;
     while (b != 0)
       {
         if ((b & 0x01) != 0)
-          {
-            result ^= a;
-          }
-
+          result ^= a;
         b >>>= 1;
         a <<= 1;
         if (a > 0xFF)
-          {
-            a ^= ROOT;
-          }
+          a ^= ROOT;
       }
     return result & 0xFF;
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.lang.Cloneable interface implementation ----------------------------
-
   public Object clone()
   {
     Square result = new Square();
@@ -406,12 +331,10 @@ public final class Square extends BaseCipher
     return result;
   }
 
-  // IBlockCipherSpi interface implementation --------------------------------
-
   public Iterator blockSizes()
   {
     ArrayList al = new ArrayList();
-    al.add(new Integer(DEFAULT_BLOCK_SIZE));
+    al.add(Integer.valueOf(DEFAULT_BLOCK_SIZE));
 
     return Collections.unmodifiableList(al).iterator();
   }
@@ -419,7 +342,7 @@ public final class Square extends BaseCipher
   public Iterator keySizes()
   {
     ArrayList al = new ArrayList();
-    al.add(new Integer(DEFAULT_KEY_SIZE));
+    al.add(Integer.valueOf(DEFAULT_KEY_SIZE));
 
     return Collections.unmodifiableList(al).iterator();
   }
@@ -427,36 +350,35 @@ public final class Square extends BaseCipher
   public Object makeKey(byte[] uk, int bs) throws InvalidKeyException
   {
     if (bs != DEFAULT_BLOCK_SIZE)
-      {
-        throw new IllegalArgumentException();
-      }
+      throw new IllegalArgumentException();
     if (uk == null)
-      {
-        throw new InvalidKeyException("Empty key");
-      }
+      throw new InvalidKeyException("Empty key");
     if (uk.length != DEFAULT_KEY_SIZE)
-      {
-        throw new InvalidKeyException("Key is not 128-bit.");
-      }
-
+      throw new InvalidKeyException("Key is not 128-bit.");
     int[][] Ke = new int[ROUNDS + 1][4];
     int[][] Kd = new int[ROUNDS + 1][4];
     int[][] tK = new int[ROUNDS + 1][4];
     int i = 0;
-
-    Ke[0][0] = (uk[i++] & 0xFF) << 24 | (uk[i++] & 0xFF) << 16
-               | (uk[i++] & 0xFF) << 8 | (uk[i++] & 0xFF);
+    Ke[0][0] = (uk[i++] & 0xFF) << 24
+             | (uk[i++] & 0xFF) << 16
+             | (uk[i++] & 0xFF) << 8
+             | (uk[i++] & 0xFF);
     tK[0][0] = Ke[0][0];
-    Ke[0][1] = (uk[i++] & 0xFF) << 24 | (uk[i++] & 0xFF) << 16
-               | (uk[i++] & 0xFF) << 8 | (uk[i++] & 0xFF);
+    Ke[0][1] = (uk[i++] & 0xFF) << 24
+             | (uk[i++] & 0xFF) << 16
+             | (uk[i++] & 0xFF) << 8
+             | (uk[i++] & 0xFF);
     tK[0][1] = Ke[0][1];
-    Ke[0][2] = (uk[i++] & 0xFF) << 24 | (uk[i++] & 0xFF) << 16
-               | (uk[i++] & 0xFF) << 8 | (uk[i++] & 0xFF);
+    Ke[0][2] = (uk[i++] & 0xFF) << 24
+             | (uk[i++] & 0xFF) << 16
+             | (uk[i++] & 0xFF) << 8
+             | (uk[i++] & 0xFF);
     tK[0][2] = Ke[0][2];
-    Ke[0][3] = (uk[i++] & 0xFF) << 24 | (uk[i++] & 0xFF) << 16
-               | (uk[i++] & 0xFF) << 8 | (uk[i] & 0xFF);
+    Ke[0][3] = (uk[i++] & 0xFF) << 24
+             | (uk[i++] & 0xFF) << 16
+             | (uk[i++] & 0xFF) << 8
+             | (uk[i  ] & 0xFF);
     tK[0][3] = Ke[0][3];
-
     int j;
     for (i = 1, j = 0; i < ROUNDS + 1; i++, j++)
       {
@@ -464,41 +386,28 @@ public final class Square extends BaseCipher
         tK[i][1] = tK[j][1] ^ tK[i][0];
         tK[i][2] = tK[j][2] ^ tK[i][1];
         tK[i][3] = tK[j][3] ^ tK[i][2];
-
         System.arraycopy(tK[i], 0, Ke[i], 0, 4);
-
         transform(Ke[j], Ke[j]);
       }
-
     for (i = 0; i < ROUNDS; i++)
-      {
-        System.arraycopy(tK[ROUNDS - i], 0, Kd[i], 0, 4);
-      }
-
+      System.arraycopy(tK[ROUNDS - i], 0, Kd[i], 0, 4);
     transform(tK[0], Kd[ROUNDS]);
-
     return new Object[] { Ke, Kd };
   }
 
   public void encrypt(byte[] in, int i, byte[] out, int j, Object k, int bs)
   {
     if (bs != DEFAULT_BLOCK_SIZE)
-      {
-        throw new IllegalArgumentException();
-      }
-
-    int[][] K = (int[][]) ((Object[]) k)[0];
+      throw new IllegalArgumentException();
+    int[][] K = (int[][])((Object[]) k)[0];
     square(in, i, out, j, K, Te, Se);
   }
 
   public void decrypt(byte[] in, int i, byte[] out, int j, Object k, int bs)
   {
     if (bs != DEFAULT_BLOCK_SIZE)
-      {
-        throw new IllegalArgumentException();
-      }
-
-    int[][] K = (int[][]) ((Object[]) k)[1];
+      throw new IllegalArgumentException();
+    int[][] K = (int[][])((Object[]) k)[1];
     square(in, i, out, j, K, Td, Sd);
   }
 
@@ -508,9 +417,7 @@ public final class Square extends BaseCipher
       {
         boolean result = super.selfTest(); // do symmetry tests
         if (result)
-          {
-            result = testKat(KAT_KEY, KAT_CT);
-          }
+          result = testKat(KAT_KEY, KAT_CT);
         valid = Boolean.valueOf(result);
       }
     return valid.booleanValue();
diff --git a/libjava/classpath/gnu/javax/crypto/cipher/TripleDES.java b/libjava/classpath/gnu/javax/crypto/cipher/TripleDES.java
index 9b44c9ca7fb..1e98bfc8342 100644
--- a/libjava/classpath/gnu/javax/crypto/cipher/TripleDES.java
+++ b/libjava/classpath/gnu/javax/crypto/cipher/TripleDES.java
@@ -40,54 +40,50 @@ package gnu.javax.crypto.cipher;
 
 import gnu.java.security.Registry;
 
+import java.util.ArrayList;
 import java.util.Collections;
 import java.util.Iterator;
 import java.security.InvalidKeyException;
 
 /**
- * Triple-DES, 3DES, or DESede is a <i>combined cipher</i> that uses
- * three iterations of the Data Encryption Standard cipher to improve
- * the security (at the cost of speed) of plain DES.
- *
- * <p>Triple-DES runs the DES algorithm three times with three
- * independent 56 bit keys. To encrypt:</p>
- *
- * <blockquote><i>C<sub>i</sub> =
- * E<sub>k3</sub> ( E<sub>k2</sub><sup>-1</sup> ( E<sub>k1</sub> ( P<sub>i</sub> )))</i></blockquote>
- *
- * <p>And to decrypt:</p>
- *
- * <blockquote><i>P<sub>i</sub> =
- * E<sub>k1</sub><sup>-1</sup> ( E<sub>k2</sub> ( E<sub>k3</sub><sup>-1</sup> ( C<sub>i</sub> )))</i></blockquote>
- *
- * <p>(The "ede" comes from the encryption operation, which runs
- * Encrypt-Decrypt-Encrypt)</p>
- *
- * <p>References:</p>
+ * Triple-DES, 3DES, or DESede is a <i>combined cipher</i> that uses three
+ * iterations of the Data Encryption Standard cipher to theoretically improve
+ * the security of plain DES, at the cost of speed.
+ * <p>
+ * Triple-DES runs the DES algorithm three times with one, two or three
+ * independent 56-bit (DES) keys. When used with one DES key, the cipher behaves
+ * exactly like a (slower) DES.
+ * <p>
+ * To encrypt:
+ * <blockquote><i>C<sub>i</sub> = E<sub>k3</sub> ( E<sub>k2</sub><sup>-1</sup> (
+ * E<sub>k1</sub> ( P<sub>i</sub> )))</i>
+ * </blockquote>
+ * <p>
+ * And to decrypt:
+ * <blockquote><i>P<sub>i</sub> = E<sub>k1</sub><sup>-1</sup> (
+ * E<sub>k2</sub> ( E<sub>k3</sub><sup>-1</sup> ( C<sub>i</sub> )))</i>
+ * </blockquote>
+ * <p>
+ * (The "ede" comes from the encryption operation, which runs
+ * Encrypt-Decrypt-Encrypt)
+ * <p>
+ * References:
  * <ol>
- * <li>Bruce Schneier, <i>Applied Cryptography: Protocols, Algorithms,
- * and Source Code in C, Second Edition</i>. (1996 John Wiley and Sons)
- * ISBN 0-471-11709-9. Page 294--295.</li>
+ * <li>Bruce Schneier, <i>Applied Cryptography: Protocols, Algorithms, and
+ * Source Code in C, Second Edition</i>. (1996 John Wiley and Sons) ISBN
+ * 0-471-11709-9. Page 294--295.</li>
  * </ol>
  */
-public class TripleDES extends BaseCipher
+public class TripleDES
+    extends BaseCipher
 {
-
-  // Constants and variables.
-  // -----------------------------------------------------------------------
-
   /** Triple-DES only operates on 64 bit blocks. */
   public static final int BLOCK_SIZE = 8;
-
-  /** Triple-DES uses 168 bits of a parity-adjusted 192 bit key. */
+  /** By default, Triple-DES uses 168 bits of a parity-adjusted 192 bit key. */
   public static final int KEY_SIZE = 24;
-
   /** The underlying DES instance. */
   private DES des;
 
-  // Constructors.
-  // -----------------------------------------------------------------------
-
   /**
    * Default 0-arguments constructor.
    */
@@ -97,27 +93,48 @@ public class TripleDES extends BaseCipher
     des = new DES();
   }
 
-  // Class methods.
-  // -----------------------------------------------------------------------
-
   /**
-   * Transform a key so it will be parity adjusted.
-   *
-   * @param kb     The key bytes to adjust.
+   * Convenience method which calls the method with same name and three
+   * arguments, passing <code>3</code> as the value of the first parameter.
+   * 
+   * @param kb The key bytes to adjust.
    * @param offset The starting offset into the key bytes.
-   * @see DES#adjustParity(byte[],int)
    */
   public static void adjustParity(byte[] kb, int offset)
   {
+    adjustParity(3, kb, offset);
+  }
+
+  /**
+   * Adjusts, in-situ, the parity of the designated bytes, so they can be used
+   * as DES keys for a 3-DES 1-, 2- or 3-key cipher.
+   * 
+   * @param keyCount the number of independent DES keys. Can be either
+   *          <code>1</code>, <code>2</code> or <code>3</code>. Any other value
+   *          will cause an {@link IllegalArgumentException} to be raised.
+   * @param kb the array containing the key bytes to adjust. MUST have at least
+   *          <code>8 * keyCount</code> bytes starting at offset position
+   *          <code>offset</code>, otherwise an
+   *          {@link ArrayIndexOutOfBoundsException} will be raised.
+   * @param offset the starting offset into the array.
+   * @see DES#adjustParity(byte[],int)
+   */
+  public static void adjustParity(int keyCount, byte[] kb, int offset)
+  {
+    if (keyCount < 1 || keyCount > 3)
+      throw new IllegalArgumentException("Invalid keyCount value: " + keyCount);
     DES.adjustParity(kb, offset);
-    DES.adjustParity(kb, offset + 8);
-    DES.adjustParity(kb, offset + 16);
+    if (keyCount > 1)
+      DES.adjustParity(kb, offset + 8);
+    if (keyCount > 2)
+      DES.adjustParity(kb, offset + 16);
   }
 
   /**
-   * Tests if a byte array has already been parity adjusted.
-   *
-   * @param kb     The key bytes to test.
+   * Convenience method which calls the method with same name and three
+   * arguments, passing <code>3</code> as the value of the first parameter.
+   * 
+   * @param kb The key bytes to test.
    * @param offset The starting offset into the key bytes.
    * @return <code>true</code> if the bytes in <i>kb</i> starting at
    *         <i>offset</i> are parity adjusted.
@@ -126,13 +143,38 @@ public class TripleDES extends BaseCipher
    */
   public static boolean isParityAdjusted(byte[] kb, int offset)
   {
-    return DES.isParityAdjusted(kb, offset)
-           && DES.isParityAdjusted(kb, offset + 8)
-           && DES.isParityAdjusted(kb, offset + 16);
+    return isParityAdjusted(3, kb, offset);
   }
 
-  // Methods implementing BaseCipher.
-  // -----------------------------------------------------------------------
+  /**
+   * Tests if enough bytes, expected to be used as DES keys for a 3-DES 1-, 2-
+   * or 3-key cipher, located in a designated byte array, has already been
+   * parity adjusted.
+   * 
+   * @param keyCount the number of independent DES keys. Can be either
+   *          <code>1</code>, <code>2</code> or <code>3</code>. Any other value
+   *          will cause an {@link IllegalArgumentException} to be raised.
+   * @param kb the array containing the key bytes to test. MUST have at least
+   *          <code>8 * keyCount</code> bytes starting at offset position
+   *          <code>offset</code>, otherwise an
+   *          {@link ArrayIndexOutOfBoundsException} will be raised.
+   * @param offset the starting offset into the array.
+   * @return <code>true</code> if the bytes in <i>kb</i> starting at
+   *         <i>offset</i> are parity adjusted.
+   * @see DES#isParityAdjusted(byte[],int)
+   * @see #adjustParity(int,byte[],int)
+   */
+  public static boolean isParityAdjusted(int keyCount, byte[] kb, int offset)
+  {
+    if (keyCount < 1 || keyCount > 3)
+      throw new IllegalArgumentException("Invalid keyCount value: " + keyCount);
+    boolean result = DES.isParityAdjusted(kb, offset);
+    if (keyCount > 1)
+      result = result && DES.isParityAdjusted(kb, offset + 8);
+    if (keyCount > 2)
+      result = result && DES.isParityAdjusted(kb, offset + 16);
+    return result;
+  }
 
   public Object clone()
   {
@@ -141,32 +183,54 @@ public class TripleDES extends BaseCipher
 
   public Iterator blockSizes()
   {
-    return Collections.singleton(new Integer(BLOCK_SIZE)).iterator();
+    return Collections.singleton(Integer.valueOf(BLOCK_SIZE)).iterator();
   }
 
   public Iterator keySizes()
   {
-    return Collections.singleton(new Integer(KEY_SIZE)).iterator();
+    ArrayList al = new ArrayList();
+    al.add(Integer.valueOf(8));
+    al.add(Integer.valueOf(16));
+    al.add(Integer.valueOf(24));
+    return Collections.unmodifiableList(al).iterator();
   }
 
   public Object makeKey(byte[] kb, int bs) throws InvalidKeyException
   {
-    if (kb.length != KEY_SIZE)
-      throw new InvalidKeyException("TripleDES key must be 24 bytes");
-
-    if (!isParityAdjusted(kb, 0))
-      adjustParity(kb, 0);
-
-    byte[] k1 = new byte[DES.KEY_SIZE], k2 = new byte[DES.KEY_SIZE], k3 = new byte[DES.KEY_SIZE];
-    System.arraycopy(kb, 0, k1, 0, DES.KEY_SIZE);
-    System.arraycopy(kb, DES.KEY_SIZE, k2, 0, DES.KEY_SIZE);
-    System.arraycopy(kb, 2 * DES.KEY_SIZE, k3, 0, DES.KEY_SIZE);
+    if (kb.length != 8 && kb.length != 16 && kb.length != 24)
+      throw new InvalidKeyException("TripleDES key must be 8, 16 or 24 bytes: "
+                                    + kb.length);
     Context ctx = new Context();
-
+    byte[] k1 = new byte[DES.KEY_SIZE];
+    System.arraycopy(kb, 0, k1, 0, DES.KEY_SIZE);
+    if (! DES.isParityAdjusted(k1, 0))
+      DES.adjustParity(k1, 0);
     ctx.k1 = (DES.Context) des.makeKey(k1, bs);
-    ctx.k2 = (DES.Context) des.makeKey(k2, bs);
-    ctx.k3 = (DES.Context) des.makeKey(k3, bs);
 
+    if (kb.length == 8)
+      {
+        ctx.k2 = (DES.Context) des.makeKey(k1, bs);
+        ctx.k3 = (DES.Context) des.makeKey(k1, bs);
+      }
+    else
+      {
+        byte[] k2 = new byte[DES.KEY_SIZE];
+        System.arraycopy(kb, DES.KEY_SIZE, k2, 0, DES.KEY_SIZE);
+        if (! DES.isParityAdjusted(k2, 0))
+          DES.adjustParity(k2, 0);
+        ctx.k2 = (DES.Context) des.makeKey(k2, bs);
+
+        byte[] k3 = new byte[DES.KEY_SIZE];
+        if (kb.length == 16)
+          ctx.k3 = (DES.Context) des.makeKey(k1, bs);
+        else
+          {
+            System.arraycopy(kb, 2 * DES.KEY_SIZE, k3, 0, DES.KEY_SIZE);
+            if (! DES.isParityAdjusted(k3, 0))
+              DES.adjustParity(k3, 0);
+            ctx.k3 = (DES.Context) des.makeKey(k3, bs);
+          }
+      }
     return ctx;
   }
 
@@ -186,11 +250,8 @@ public class TripleDES extends BaseCipher
     des.decrypt(temp, 0, out, o, ((Context) K).k1, bs);
   }
 
-  // Inner classes.
-  // -----------------------------------------------------------------------
-
   private final class Context
   {
     DES.Context k1, k2, k3;
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/cipher/Twofish.java b/libjava/classpath/gnu/javax/crypto/cipher/Twofish.java
index f5565d4b46f..b6932442897 100644
--- a/libjava/classpath/gnu/javax/crypto/cipher/Twofish.java
+++ b/libjava/classpath/gnu/javax/crypto/cipher/Twofish.java
@@ -38,204 +38,142 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.cipher;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.Registry;
 import gnu.java.security.util.Util;
 
-//import java.io.PrintWriter;
 import java.security.InvalidKeyException;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.Iterator;
+import java.util.logging.Logger;
 
 /**
- * <p>Twofish is a balanced 128-bit Feistel cipher, consisting of 16 rounds. In
+ * Twofish is a balanced 128-bit Feistel cipher, consisting of 16 rounds. In
  * each round, a 64-bit S-box value is computed from 64 bits of the block, and
  * this value is xored into the other half of the block. The two half-blocks are
  * then exchanged, and the next round begins. Before the first round, all input
  * bits are xored with key-dependent "whitening" subkeys, and after the final
  * round the output bits are xored with other key-dependent whitening subkeys;
- * these subkeys are not used anywhere else in the algorithm.</p>
- *
- * <p>Twofish is designed by Bruce Schneier, Doug Whiting, John Kelsey, Chris
- * Hall, David Wagner and Niels Ferguson.</p>
- *
- * <p>References:</p>
- *
+ * these subkeys are not used anywhere else in the algorithm.
+ * <p>
+ * Twofish is designed by Bruce Schneier, Doug Whiting, John Kelsey, Chris
+ * Hall, David Wagner and Niels Ferguson.
+ * <p>
+ * References:
  * <ol>
  *    <li><a href="http://www.counterpane.com/twofish-paper.html">Twofish: A
  *    128-bit Block Cipher</a>.</li>
  * </ol>
  */
-public final class Twofish extends BaseCipher
+public final class Twofish
+    extends BaseCipher
 {
-
-  // Debugging methods and variables
-  // -------------------------------------------------------------------------
-
-  //   private static final String NAME = "twofish";
-  private static final boolean DEBUG = false;
-
-  private static final int debuglevel = 9;
-
-  //   private static final PrintWriter err = new PrintWriter(System.out, true);
-  //   private static void debug(String s) {
-  //      err.println(">>> "+NAME+": "+s);
-  //   }
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
+  private static final Logger log = Logger.getLogger(Twofish.class.getName());
   private static final int DEFAULT_BLOCK_SIZE = 16; // in bytes
-
   private static final int DEFAULT_KEY_SIZE = 16; // in bytes
-
   private static final int MAX_ROUNDS = 16; // max # rounds (for allocating subkeys)
-
   private static final int ROUNDS = MAX_ROUNDS;
-
   // subkey array indices
   private static final int INPUT_WHITEN = 0;
-
-  private static final int OUTPUT_WHITEN = INPUT_WHITEN + DEFAULT_BLOCK_SIZE
-                                           / 4;
-
-  private static final int ROUND_SUBKEYS = OUTPUT_WHITEN + DEFAULT_BLOCK_SIZE
-                                           / 4;
-
-  //   private static final int TOTAL_SUBKEYS = ROUND_SUBKEYS + 2*MAX_ROUNDS;
-
+  private static final int OUTPUT_WHITEN = INPUT_WHITEN + DEFAULT_BLOCK_SIZE / 4;
+  private static final int ROUND_SUBKEYS = OUTPUT_WHITEN + DEFAULT_BLOCK_SIZE / 4;
   private static final int SK_STEP = 0x02020202;
-
   private static final int SK_BUMP = 0x01010101;
-
   private static final int SK_ROTL = 9;
-
   private static final String[] Pm = new String[] {
-                                                   // p0
-                                                   "\uA967\uB3E8\u04FD\uA376\u9A92\u8078\uE4DD\uD138"
-                                                       + "\u0DC6\u3598\u18F7\uEC6C\u4375\u3726\uFA13\u9448"
-                                                       + "\uF2D0\u8B30\u8454\uDF23\u195B\u3D59\uF3AE\uA282"
-                                                       + "\u6301\u832E\uD951\u9B7C\uA6EB\uA5BE\u160C\uE361"
-                                                       + "\uC08C\u3AF5\u732C\u250B\uBB4E\u896B\u536A\uB4F1"
-                                                       + "\uE1E6\uBD45\uE2F4\uB666\uCC95\u0356\uD41C\u1ED7"
-                                                       + "\uFBC3\u8EB5\uE9CF\uBFBA\uEA77\u39AF\u33C9\u6271"
-                                                       + "\u8179\u09AD\u24CD\uF9D8\uE5C5\uB94D\u4408\u86E7"
-                                                       + "\uA11D\uAAED\u0670\uB2D2\u417B\uA011\u31C2\u2790"
-                                                       + "\u20F6\u60FF\u965C\uB1AB\u9E9C\u521B\u5F93\u0AEF"
-                                                       + "\u9185\u49EE\u2D4F\u8F3B\u4787\u6D46\uD63E\u6964"
-                                                       + "\u2ACE\uCB2F\uFC97\u057A\uAC7F\uD51A\u4B0E\uA75A"
-                                                       + "\u2814\u3F29\u883C\u4C02\uB8DA\uB017\u551F\u8A7D"
-                                                       + "\u57C7\u8D74\uB7C4\u9F72\u7E15\u2212\u5807\u9934"
-                                                       + "\u6E50\uDE68\u65BC\uDBF8\uC8A8\u2B40\uDCFE\u32A4"
-                                                       + "\uCA10\u21F0\uD35D\u0F00\u6F9D\u3642\u4A5E\uC1E0",
-                                                   // p1
-                                                   "\u75F3\uC6F4\uDB7B\uFBC8\u4AD3\uE66B\u457D\uE84B"
-                                                       + "\uD632\uD8FD\u3771\uF1E1\u300F\uF81B\u87FA\u063F"
-                                                       + "\u5EBA\uAE5B\u8A00\uBC9D\u6DC1\uB10E\u805D\uD2D5"
-                                                       + "\uA084\u0714\uB590\u2CA3\uB273\u4C54\u9274\u3651"
-                                                       + "\u38B0\uBD5A\uFC60\u6296\u6C42\uF710\u7C28\u278C"
-                                                       + "\u1395\u9CC7\u2446\u3B70\uCAE3\u85CB\u11D0\u93B8"
-                                                       + "\uA683\u20FF\u9F77\uC3CC\u036F\u08BF\u40E7\u2BE2"
-                                                       + "\u790C\uAA82\u413A\uEAB9\uE49A\uA497\u7EDA\u7A17"
-                                                       + "\u6694\uA11D\u3DF0\uDEB3\u0B72\uA71C\uEFD1\u533E"
-                                                       + "\u8F33\u265F\uEC76\u2A49\u8188\uEE21\uC41A\uEBD9"
-                                                       + "\uC539\u99CD\uAD31\u8B01\u1823\uDD1F\u4E2D\uF948"
-                                                       + "\u4FF2\u658E\u785C\u5819\u8DE5\u9857\u677F\u0564"
-                                                       + "\uAF63\uB6FE\uF5B7\u3CA5\uCEE9\u6844\uE04D\u4369"
-                                                       + "\u292E\uAC15\u59A8\u0A9E\u6E47\uDF34\u356A\uCFDC"
-                                                       + "\u22C9\uC09B\u89D4\uEDAB\u12A2\u0D52\uBB02\u2FA9"
-                                                       + "\uD761\u1EB4\u5004\uF6C2\u1625\u8656\u5509\uBE91" };
-
+      // p0
+      "\uA967\uB3E8\u04FD\uA376\u9A92\u8078\uE4DD\uD138"
+    + "\u0DC6\u3598\u18F7\uEC6C\u4375\u3726\uFA13\u9448"
+    + "\uF2D0\u8B30\u8454\uDF23\u195B\u3D59\uF3AE\uA282"
+    + "\u6301\u832E\uD951\u9B7C\uA6EB\uA5BE\u160C\uE361"
+    + "\uC08C\u3AF5\u732C\u250B\uBB4E\u896B\u536A\uB4F1"
+    + "\uE1E6\uBD45\uE2F4\uB666\uCC95\u0356\uD41C\u1ED7"
+    + "\uFBC3\u8EB5\uE9CF\uBFBA\uEA77\u39AF\u33C9\u6271"
+    + "\u8179\u09AD\u24CD\uF9D8\uE5C5\uB94D\u4408\u86E7"
+    + "\uA11D\uAAED\u0670\uB2D2\u417B\uA011\u31C2\u2790"
+    + "\u20F6\u60FF\u965C\uB1AB\u9E9C\u521B\u5F93\u0AEF"
+    + "\u9185\u49EE\u2D4F\u8F3B\u4787\u6D46\uD63E\u6964"
+    + "\u2ACE\uCB2F\uFC97\u057A\uAC7F\uD51A\u4B0E\uA75A"
+    + "\u2814\u3F29\u883C\u4C02\uB8DA\uB017\u551F\u8A7D"
+    + "\u57C7\u8D74\uB7C4\u9F72\u7E15\u2212\u5807\u9934"
+    + "\u6E50\uDE68\u65BC\uDBF8\uC8A8\u2B40\uDCFE\u32A4"
+    + "\uCA10\u21F0\uD35D\u0F00\u6F9D\u3642\u4A5E\uC1E0",
+      // p1
+      "\u75F3\uC6F4\uDB7B\uFBC8\u4AD3\uE66B\u457D\uE84B"
+    + "\uD632\uD8FD\u3771\uF1E1\u300F\uF81B\u87FA\u063F"
+    + "\u5EBA\uAE5B\u8A00\uBC9D\u6DC1\uB10E\u805D\uD2D5"
+    + "\uA084\u0714\uB590\u2CA3\uB273\u4C54\u9274\u3651"
+    + "\u38B0\uBD5A\uFC60\u6296\u6C42\uF710\u7C28\u278C"
+    + "\u1395\u9CC7\u2446\u3B70\uCAE3\u85CB\u11D0\u93B8"
+    + "\uA683\u20FF\u9F77\uC3CC\u036F\u08BF\u40E7\u2BE2"
+    + "\u790C\uAA82\u413A\uEAB9\uE49A\uA497\u7EDA\u7A17"
+    + "\u6694\uA11D\u3DF0\uDEB3\u0B72\uA71C\uEFD1\u533E"
+    + "\u8F33\u265F\uEC76\u2A49\u8188\uEE21\uC41A\uEBD9"
+    + "\uC539\u99CD\uAD31\u8B01\u1823\uDD1F\u4E2D\uF948"
+    + "\u4FF2\u658E\u785C\u5819\u8DE5\u9857\u677F\u0564"
+    + "\uAF63\uB6FE\uF5B7\u3CA5\uCEE9\u6844\uE04D\u4369"
+    + "\u292E\uAC15\u59A8\u0A9E\u6E47\uDF34\u356A\uCFDC"
+    + "\u22C9\uC09B\u89D4\uEDAB\u12A2\u0D52\uBB02\u2FA9"
+    + "\uD761\u1EB4\u5004\uF6C2\u1625\u8656\u5509\uBE91" };
   /** Fixed 8x8 permutation S-boxes */
   private static final byte[][] P = new byte[2][256]; // blank final
-
   /**
    * Define the fixed p0/p1 permutations used in keyed S-box lookup. By
    * changing the following constant definitions, the S-boxes will
    * automatically get changed in the Twofish engine.
    */
   private static final int P_00 = 1;
-
   private static final int P_01 = 0;
-
   private static final int P_02 = 0;
-
   private static final int P_03 = P_01 ^ 1;
-
   private static final int P_04 = 1;
-
   private static final int P_10 = 0;
-
   private static final int P_11 = 0;
-
   private static final int P_12 = 1;
-
   private static final int P_13 = P_11 ^ 1;
-
   private static final int P_14 = 0;
-
   private static final int P_20 = 1;
-
   private static final int P_21 = 1;
-
   private static final int P_22 = 0;
-
   private static final int P_23 = P_21 ^ 1;
-
   private static final int P_24 = 0;
-
   private static final int P_30 = 0;
-
   private static final int P_31 = 1;
-
   private static final int P_32 = 1;
-
   private static final int P_33 = P_31 ^ 1;
-
   private static final int P_34 = 1;
-
   /** Primitive polynomial for GF(256) */
-  //   private static final int GF256_FDBK =   0x169;
   private static final int GF256_FDBK_2 = 0x169 / 2;
-
   private static final int GF256_FDBK_4 = 0x169 / 4;
-
   /** MDS matrix */
   private static final int[][] MDS = new int[4][256]; // blank final
-
   private static final int RS_GF_FDBK = 0x14D; // field generator
-
   /**
    * KAT vector (from ecb_vk):
    * I=183
    * KEY=0000000000000000000000000000000000000000000002000000000000000000
    * CT=F51410475B33FBD3DB2117B5C17C82D4
    */
-  private static final byte[] KAT_KEY = Util.toBytesFromString("0000000000000000000000000000000000000000000002000000000000000000");
-
-  private static final byte[] KAT_CT = Util.toBytesFromString("F51410475B33FBD3DB2117B5C17C82D4");
-
+  private static final byte[] KAT_KEY = Util.toBytesFromString(
+      "0000000000000000000000000000000000000000000002000000000000000000");
+  private static final byte[] KAT_CT =
+      Util.toBytesFromString("F51410475B33FBD3DB2117B5C17C82D4");
   /** caches the result of the correctness test, once executed. */
   private static Boolean valid;
-
-  // Static code - to intialise the MDS matrix and lookup tables -------------
-
   static
     {
       long time = System.currentTimeMillis();
-
       // expand the P arrays
       int i;
       char c;
       for (i = 0; i < 256; i++)
         {
           c = Pm[0].charAt(i >>> 1);
-          P[0][i] = (byte) ((i & 1) == 0 ? c >>> 8 : c);
-
+          P[0][i] = (byte)((i & 1) == 0 ? c >>> 8 : c);
           c = Pm[1].charAt(i >>> 1);
-          P[1][i] = (byte) ((i & 1) == 0 ? c >>> 8 : c);
+          P[1][i] = (byte)((i & 1) == 0 ? c >>> 8 : c);
         }
-
       // precompute the MDS matrix
       int[] m1 = new int[2];
       int[] mX = new int[2];
@@ -247,80 +185,65 @@ public final class Twofish extends BaseCipher
           m1[0] = j;
           mX[0] = Mx_X(j) & 0xFF;
           mY[0] = Mx_Y(j) & 0xFF;
-
           j = P[1][i] & 0xFF;
           m1[1] = j;
           mX[1] = Mx_X(j) & 0xFF;
           mY[1] = Mx_Y(j) & 0xFF;
-
-          MDS[0][i] = m1[P_00] << 0 | // fill matrix w/ above elements
-                      mX[P_00] << 8 | mY[P_00] << 16 | mY[P_00] << 24;
-          MDS[1][i] = mY[P_10] << 0 | mY[P_10] << 8 | mX[P_10] << 16
-                      | m1[P_10] << 24;
-          MDS[2][i] = mX[P_20] << 0 | mY[P_20] << 8 | m1[P_20] << 16
-                      | mY[P_20] << 24;
-          MDS[3][i] = mX[P_30] << 0 | m1[P_30] << 8 | mY[P_30] << 16
-                      | mX[P_30] << 24;
+          MDS[0][i] = m1[P_00] << 0
+                    | mX[P_00] << 8
+                    | mY[P_00] << 16
+                    | mY[P_00] << 24;
+          MDS[1][i] = mY[P_10] << 0
+                    | mY[P_10] << 8
+                    | mX[P_10] << 16
+                    | m1[P_10] << 24;
+          MDS[2][i] = mX[P_20] << 0
+                    | mY[P_20] << 8
+                    | m1[P_20] << 16
+                    | mY[P_20] << 24;
+          MDS[3][i] = mX[P_30] << 0
+                    | m1[P_30] << 8
+                    | mY[P_30] << 16
+                    | mX[P_30] << 24;
         }
-
       time = System.currentTimeMillis() - time;
-
-      if (DEBUG && debuglevel > 8)
+      if (Configuration.DEBUG)
         {
-          System.out.println("==========");
-          System.out.println();
-          System.out.println("Static Data");
-          System.out.println();
-          System.out.println("MDS[0][]:");
+          log.fine("Static Data");
+          log.fine("MDS[0][]:");
+          StringBuilder sb;
           for (i = 0; i < 64; i++)
             {
+              sb = new StringBuilder();
               for (j = 0; j < 4; j++)
-                {
-                  System.out.print("0x" + Util.toString(MDS[0][i * 4 + j])
-                                   + ", ");
-                }
-              System.out.println();
+                sb.append("0x").append(Util.toString(MDS[0][i * 4 + j])).append(", ");
+              log.fine(sb.toString());
             }
-
-          System.out.println();
-          System.out.println("MDS[1][]:");
+          log.fine("MDS[1][]:");
           for (i = 0; i < 64; i++)
             {
+              sb = new StringBuilder();
               for (j = 0; j < 4; j++)
-                {
-                  System.out.print("0x" + Util.toString(MDS[1][i * 4 + j])
-                                   + ", ");
-                }
-              System.out.println();
+                sb.append("0x").append(Util.toString(MDS[1][i * 4 + j])).append(", ");
+              log.fine(sb.toString());
             }
-
-          System.out.println();
-          System.out.println("MDS[2][]:");
+          log.fine("MDS[2][]:");
           for (i = 0; i < 64; i++)
             {
+              sb = new StringBuilder();
               for (j = 0; j < 4; j++)
-                {
-                  System.out.print("0x" + Util.toString(MDS[2][i * 4 + j])
-                                   + ", ");
-                }
-              System.out.println();
+                sb.append("0x").append(Util.toString(MDS[2][i * 4 + j])).append(", ");
+              log.fine(sb.toString());
             }
-
-          System.out.println();
-          System.out.println("MDS[3][]:");
+          log.fine("MDS[3][]:");
           for (i = 0; i < 64; i++)
             {
+              sb = new StringBuilder();
               for (j = 0; j < 4; j++)
-                {
-                  System.out.print("0x" + Util.toString(MDS[3][i * 4 + j])
-                                   + ", ");
-                }
-              System.out.println();
+                sb.append("0x").append(Util.toString(MDS[3][i * 4 + j])).append(", ");
+              log.fine(sb.toString());
             }
-
-          System.out.println();
-          System.out.println("Total initialization time: " + time + " ms.");
-          System.out.println();
+          log.fine("Total initialization time: " + time + " ms.");
         }
     }
 
@@ -331,14 +254,11 @@ public final class Twofish extends BaseCipher
 
   private static final int LFSR2(int x)
   {
-    return (x >> 2) ^ ((x & 0x02) != 0 ? GF256_FDBK_2 : 0)
-           ^ ((x & 0x01) != 0 ? GF256_FDBK_4 : 0);
+    return (x >> 2)
+        ^ ((x & 0x02) != 0 ? GF256_FDBK_2 : 0)
+        ^ ((x & 0x01) != 0 ? GF256_FDBK_4 : 0);
   }
 
-  //   private static final int Mx_1(int x) {
-  //      return x;
-  //   }
-
   private static final int Mx_X(int x)
   { // 5B
     return x ^ LFSR2(x);
@@ -349,18 +269,12 @@ public final class Twofish extends BaseCipher
     return x ^ LFSR1(x) ^ LFSR2(x);
   }
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial 0-arguments constructor. */
   public Twofish()
   {
     super(Registry.TWOFISH_CIPHER, DEFAULT_BLOCK_SIZE, DEFAULT_KEY_SIZE);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   private static final int b0(int x)
   {
     return x & 0xFF;
@@ -393,15 +307,11 @@ public final class Twofish extends BaseCipher
   {
     int r = k1;
     int i;
-    for (i = 0; i < 4; i++)
-      { // shift 1 byte at a time
-        r = RS_rem(r);
-      }
+    for (i = 0; i < 4; i++) // shift 1 byte at a time
+      r = RS_rem(r);
     r ^= k0;
     for (i = 0; i < 4; i++)
-      {
-        r = RS_rem(r);
-      }
+      r = RS_rem(r);
     return r;
   }
 
@@ -431,15 +341,14 @@ public final class Twofish extends BaseCipher
     int k1 = k32[1];
     int k2 = k32[2];
     int k3 = k32[3];
-
     int result = 0;
     switch (k64Cnt & 3)
       {
       case 1:
         result = MDS[0][(P[P_01][b0] & 0xFF) ^ b0(k0)]
-                 ^ MDS[1][(P[P_11][b1] & 0xFF) ^ b1(k0)]
-                 ^ MDS[2][(P[P_21][b2] & 0xFF) ^ b2(k0)]
-                 ^ MDS[3][(P[P_31][b3] & 0xFF) ^ b3(k0)];
+               ^ MDS[1][(P[P_11][b1] & 0xFF) ^ b1(k0)]
+               ^ MDS[2][(P[P_21][b2] & 0xFF) ^ b2(k0)]
+               ^ MDS[3][(P[P_31][b3] & 0xFF) ^ b3(k0)];
         break;
       case 0: // same as 4
         b0 = (P[P_04][b0] & 0xFF) ^ b0(k3);
@@ -452,14 +361,10 @@ public final class Twofish extends BaseCipher
         b2 = (P[P_23][b2] & 0xFF) ^ b2(k2);
         b3 = (P[P_33][b3] & 0xFF) ^ b3(k2);
       case 2: // 128-bit keys (optimize for this case)
-        result = MDS[0][(P[P_01][(P[P_02][b0] & 0xFF) ^ b0(k1)] & 0xFF)
-                        ^ b0(k0)]
-                 ^ MDS[1][(P[P_11][(P[P_12][b1] & 0xFF) ^ b1(k1)] & 0xFF)
-                          ^ b1(k0)]
-                 ^ MDS[2][(P[P_21][(P[P_22][b2] & 0xFF) ^ b2(k1)] & 0xFF)
-                          ^ b2(k0)]
-                 ^ MDS[3][(P[P_31][(P[P_32][b3] & 0xFF) ^ b3(k1)] & 0xFF)
-                          ^ b3(k0)];
+        result = MDS[0][(P[P_01][(P[P_02][b0] & 0xFF) ^ b0(k1)] & 0xFF) ^ b0(k0)]
+               ^ MDS[1][(P[P_11][(P[P_12][b1] & 0xFF) ^ b1(k1)] & 0xFF) ^ b1(k0)]
+               ^ MDS[2][(P[P_21][(P[P_22][b2] & 0xFF) ^ b2(k1)] & 0xFF) ^ b2(k0)]
+               ^ MDS[3][(P[P_31][(P[P_32][b3] & 0xFF) ^ b3(k1)] & 0xFF) ^ b3(k0)];
         break;
       }
     return result;
@@ -467,23 +372,14 @@ public final class Twofish extends BaseCipher
 
   private static final int Fe32(int[] sBox, int x, int R)
   {
-    return sBox[2 * _b(x, R)] ^ sBox[2 * _b(x, R + 1) + 1]
-           ^ sBox[0x200 + 2 * _b(x, R + 2)]
-           ^ sBox[0x200 + 2 * _b(x, R + 3) + 1];
+    return sBox[        2 * _b(x, R    )    ]
+         ^ sBox[        2 * _b(x, R + 1) + 1]
+         ^ sBox[0x200 + 2 * _b(x, R + 2)    ]
+         ^ sBox[0x200 + 2 * _b(x, R + 3) + 1];
   }
 
   private static final int _b(int x, int N)
   {
-    //      int result = 0;
-    //      switch (N%4) {
-    //      case 0: result = b0(x); break;
-    //      case 1: result = b1(x); break;
-    //      case 2: result = b2(x); break;
-    //      case 3: result = b3(x); break;
-    //      }
-    //      return result;
-    // profiling shows that the code spends too long in this method.
-    // following constructs seem to improve, albeit marginally, performance
     switch (N % 4)
       {
       case 0:
@@ -497,43 +393,33 @@ public final class Twofish extends BaseCipher
       }
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.lang.Cloneable interface implementation ----------------------------
-
   public Object clone()
   {
     Twofish result = new Twofish();
     result.currentBlockSize = this.currentBlockSize;
-
     return result;
   }
 
-  // IBlockCipherSpi interface implementation --------------------------------
-
   public Iterator blockSizes()
   {
     ArrayList al = new ArrayList();
-    al.add(new Integer(DEFAULT_BLOCK_SIZE));
-
+    al.add(Integer.valueOf(DEFAULT_BLOCK_SIZE));
     return Collections.unmodifiableList(al).iterator();
   }
 
   public Iterator keySizes()
   {
     ArrayList al = new ArrayList();
-    al.add(new Integer(8)); //   64-bit
-    al.add(new Integer(16)); // 128-bit
-    al.add(new Integer(24)); // 192-bit
-    al.add(new Integer(32)); // 256-bit
-
+    al.add(Integer.valueOf(8)); //   64-bit
+    al.add(Integer.valueOf(16)); // 128-bit
+    al.add(Integer.valueOf(24)); // 192-bit
+    al.add(Integer.valueOf(32)); // 256-bit
     return Collections.unmodifiableList(al).iterator();
   }
 
   /**
-   * <p>Expands a user-supplied key material into a session key for a designated
-   * <i>block size</i>.</p>
+   * Expands a user-supplied key material into a session key for a designated
+   * <i>block size</i>.
    *
    * @param k the 64/128/192/256-bit user-key to use.
    * @param bs the desired block size in bytes.
@@ -544,35 +430,30 @@ public final class Twofish extends BaseCipher
   public Object makeKey(byte[] k, int bs) throws InvalidKeyException
   {
     if (bs != DEFAULT_BLOCK_SIZE)
-      {
-        throw new IllegalArgumentException();
-      }
+      throw new IllegalArgumentException();
     if (k == null)
-      {
-        throw new InvalidKeyException("Empty key");
-      }
+      throw new InvalidKeyException("Empty key");
     int length = k.length;
-    if (!(length == 8 || length == 16 || length == 24 || length == 32))
-      {
-        throw new InvalidKeyException("Incorrect key length");
-      }
-
+    if (! (length == 8 || length == 16 || length == 24 || length == 32))
+      throw new InvalidKeyException("Incorrect key length");
     int k64Cnt = length / 8;
     int subkeyCnt = ROUND_SUBKEYS + 2 * ROUNDS;
     int[] k32e = new int[4]; // even 32-bit entities
     int[] k32o = new int[4]; // odd 32-bit entities
     int[] sBoxKey = new int[4];
-    //
     // split user key material into even and odd 32-bit entities and
     // compute S-box keys using (12, 8) Reed-Solomon code over GF(256)
-    //
     int i, j, offset = 0;
     for (i = 0, j = k64Cnt - 1; i < 4 && offset < length; i++, j--)
       {
-        k32e[i] = (k[offset++] & 0xFF) | (k[offset++] & 0xFF) << 8
-                  | (k[offset++] & 0xFF) << 16 | (k[offset++] & 0xFF) << 24;
-        k32o[i] = (k[offset++] & 0xFF) | (k[offset++] & 0xFF) << 8
-                  | (k[offset++] & 0xFF) << 16 | (k[offset++] & 0xFF) << 24;
+        k32e[i] = (k[offset++] & 0xFF)
+                | (k[offset++] & 0xFF) << 8
+                | (k[offset++] & 0xFF) << 16
+                | (k[offset++] & 0xFF) << 24;
+        k32o[i] = (k[offset++] & 0xFF)
+                | (k[offset++] & 0xFF) << 8
+                | (k[offset++] & 0xFF) << 16
+                | (k[offset++] & 0xFF) << 24;
         sBoxKey[j] = RS_MDS_Encode(k32e[i], k32o[i]); // reverse order
       }
     // compute the round decryption subkeys for PHT. these same subkeys
@@ -589,7 +470,6 @@ public final class Twofish extends BaseCipher
         A += B;
         subKeys[2 * i + 1] = A << SK_ROTL | A >>> (32 - SK_ROTL);
       }
-
     // fully expand the table for speed
     int k0 = sBoxKey[0];
     int k1 = sBoxKey[1];
@@ -603,9 +483,9 @@ public final class Twofish extends BaseCipher
         switch (k64Cnt & 3)
           {
           case 1:
-            sBox[2 * i] = MDS[0][(P[P_01][b0] & 0xFF) ^ b0(k0)];
-            sBox[2 * i + 1] = MDS[1][(P[P_11][b1] & 0xFF) ^ b1(k0)];
-            sBox[0x200 + 2 * i] = MDS[2][(P[P_21][b2] & 0xFF) ^ b2(k0)];
+            sBox[        2 * i    ] = MDS[0][(P[P_01][b0] & 0xFF) ^ b0(k0)];
+            sBox[        2 * i + 1] = MDS[1][(P[P_11][b1] & 0xFF) ^ b1(k0)];
+            sBox[0x200 + 2 * i    ] = MDS[2][(P[P_21][b2] & 0xFF) ^ b2(k0)];
             sBox[0x200 + 2 * i + 1] = MDS[3][(P[P_31][b3] & 0xFF) ^ b3(k0)];
             break;
           case 0: // same as 4
@@ -619,77 +499,61 @@ public final class Twofish extends BaseCipher
             b2 = (P[P_23][b2] & 0xFF) ^ b2(k2);
             b3 = (P[P_33][b3] & 0xFF) ^ b3(k2);
           case 2: // 128-bit keys
-            sBox[2 * i] = MDS[0][(P[P_01][(P[P_02][b0] & 0xFF) ^ b0(k1)] & 0xFF)
-                                 ^ b0(k0)];
-            sBox[2 * i + 1] = MDS[1][(P[P_11][(P[P_12][b1] & 0xFF) ^ b1(k1)] & 0xFF)
-                                     ^ b1(k0)];
-            sBox[0x200 + 2 * i] = MDS[2][(P[P_21][(P[P_22][b2] & 0xFF) ^ b2(k1)] & 0xFF)
-                                         ^ b2(k0)];
+            sBox[        2 * i    ] = MDS[0][(P[P_01][(P[P_02][b0] & 0xFF)
+                                                      ^ b0(k1)] & 0xFF) ^ b0(k0)];
+            sBox[        2 * i + 1] = MDS[1][(P[P_11][(P[P_12][b1] & 0xFF)
+                                                      ^ b1(k1)] & 0xFF) ^ b1(k0)];
+            sBox[0x200 + 2 * i    ] = MDS[2][(P[P_21][(P[P_22][b2] & 0xFF)
+                                                      ^ b2(k1)] & 0xFF) ^ b2(k0)];
             sBox[0x200 + 2 * i + 1] = MDS[3][(P[P_31][(P[P_32][b3] & 0xFF)
-                                                      ^ b3(k1)] & 0xFF)
-                                             ^ b3(k0)];
+                                                      ^ b3(k1)] & 0xFF) ^ b3(k0)];
           }
       }
-
-    if (DEBUG && debuglevel > 7)
+    if (Configuration.DEBUG)
       {
-        System.out.println("S-box[]:");
+        StringBuilder sb;
+        log.fine("S-box[]:");
         for (i = 0; i < 64; i++)
           {
+            sb = new StringBuilder();
             for (j = 0; j < 4; j++)
-              {
-                System.out.print("0x" + Util.toString(sBox[i * 4 + j]) + ", ");
-              }
-            System.out.println();
+              sb.append("0x").append(Util.toString(sBox[i * 4 + j])).append(", ");
+            log.fine(sb.toString());
           }
-        System.out.println();
+        log.fine("");
         for (i = 0; i < 64; i++)
           {
+            sb = new StringBuilder();
             for (j = 0; j < 4; j++)
-              {
-                System.out.print("0x" + Util.toString(sBox[256 + i * 4 + j])
-                                 + ", ");
-              }
-            System.out.println();
+              sb.append("0x").append(Util.toString(sBox[256 + i * 4 + j])).append(", ");
+            log.fine(sb.toString());
           }
-        System.out.println();
+        log.fine("");
         for (i = 0; i < 64; i++)
           {
+            sb = new StringBuilder();
             for (j = 0; j < 4; j++)
-              {
-                System.out.print("0x" + Util.toString(sBox[512 + i * 4 + j])
-                                 + ", ");
-              }
-            System.out.println();
+              sb.append("0x").append(Util.toString(sBox[512 + i * 4 + j])).append(", ");
+            log.fine(sb.toString());
           }
-        System.out.println();
+        log.fine("");
         for (i = 0; i < 64; i++)
           {
+            sb = new StringBuilder();
             for (j = 0; j < 4; j++)
-              {
-                System.out.print("0x" + Util.toString(sBox[768 + i * 4 + j])
-                                 + ", ");
-              }
-            System.out.println();
+              sb.append("0x").append(Util.toString(sBox[768 + i * 4 + j])).append(", ");
+            log.fine(sb.toString());
           }
-        System.out.println();
-        System.out.println("User (odd, even) keys  --> S-Box keys:");
+        log.fine("User (odd, even) keys  --> S-Box keys:");
         for (i = 0; i < k64Cnt; i++)
-          {
-            System.out.println("0x" + Util.toString(k32o[i]) + "  0x"
-                               + Util.toString(k32e[i]) + " --> 0x"
-                               + Util.toString(sBoxKey[k64Cnt - 1 - i]));
-          }
-        System.out.println();
-        System.out.println("Round keys:");
+          log.fine("0x" + Util.toString(k32o[i])
+                   + "  0x" + Util.toString(k32e[i])
+                   + " --> 0x" + Util.toString(sBoxKey[k64Cnt - 1 - i]));
+        log.fine("Round keys:");
         for (i = 0; i < ROUND_SUBKEYS + 2 * ROUNDS; i += 2)
-          {
-            System.out.println("0x" + Util.toString(subKeys[i]) + "  0x"
-                               + Util.toString(subKeys[i + 1]));
-          }
-        System.out.println();
+          log.fine("0x" + Util.toString(subKeys[i])
+                   + "  0x" + Util.toString(subKeys[i + 1]));
       }
-
     return new Object[] { sBox, subKeys };
   }
 
@@ -697,38 +561,35 @@ public final class Twofish extends BaseCipher
                       Object sessionKey, int bs)
   {
     if (bs != DEFAULT_BLOCK_SIZE)
-      {
-        throw new IllegalArgumentException();
-      }
-
+      throw new IllegalArgumentException();
     Object[] sk = (Object[]) sessionKey; // extract S-box and session key
     int[] sBox = (int[]) sk[0];
     int[] sKey = (int[]) sk[1];
-
-    if (DEBUG && debuglevel > 6)
-      {
-        System.out.println("PT=" + Util.toString(in, inOffset, bs));
-      }
-
-    int x0 = (in[inOffset++] & 0xFF) | (in[inOffset++] & 0xFF) << 8
-             | (in[inOffset++] & 0xFF) << 16 | (in[inOffset++] & 0xFF) << 24;
-    int x1 = (in[inOffset++] & 0xFF) | (in[inOffset++] & 0xFF) << 8
-             | (in[inOffset++] & 0xFF) << 16 | (in[inOffset++] & 0xFF) << 24;
-    int x2 = (in[inOffset++] & 0xFF) | (in[inOffset++] & 0xFF) << 8
-             | (in[inOffset++] & 0xFF) << 16 | (in[inOffset++] & 0xFF) << 24;
-    int x3 = (in[inOffset++] & 0xFF) | (in[inOffset++] & 0xFF) << 8
-             | (in[inOffset++] & 0xFF) << 16 | (in[inOffset++] & 0xFF) << 24;
-
+    if (Configuration.DEBUG)
+      log.fine("PT=" + Util.toString(in, inOffset, bs));
+    int x0 = (in[inOffset++] & 0xFF)
+           | (in[inOffset++] & 0xFF) << 8
+           | (in[inOffset++] & 0xFF) << 16
+           | (in[inOffset++] & 0xFF) << 24;
+    int x1 = (in[inOffset++] & 0xFF)
+           | (in[inOffset++] & 0xFF) << 8
+           | (in[inOffset++] & 0xFF) << 16
+           | (in[inOffset++] & 0xFF) << 24;
+    int x2 = (in[inOffset++] & 0xFF)
+           | (in[inOffset++] & 0xFF) << 8
+           | (in[inOffset++] & 0xFF) << 16
+           | (in[inOffset++] & 0xFF) << 24;
+    int x3 = (in[inOffset++] & 0xFF)
+           | (in[inOffset++] & 0xFF) << 8
+           | (in[inOffset++] & 0xFF) << 16
+           | (in[inOffset++] & 0xFF) << 24;
     x0 ^= sKey[INPUT_WHITEN];
     x1 ^= sKey[INPUT_WHITEN + 1];
     x2 ^= sKey[INPUT_WHITEN + 2];
     x3 ^= sKey[INPUT_WHITEN + 3];
-    if (DEBUG && debuglevel > 6)
-      {
-        System.out.println("PTw=" + Util.toString(x0) + Util.toString(x1)
-                           + Util.toString(x2) + Util.toString(x3));
-      }
-
+    if (Configuration.DEBUG)
+      log.fine("PTw=" + Util.toString(x0) + Util.toString(x1)
+               + Util.toString(x2) + Util.toString(x3));
     int t0, t1;
     int k = ROUND_SUBKEYS;
     for (int R = 0; R < ROUNDS; R += 2)
@@ -739,96 +600,79 @@ public final class Twofish extends BaseCipher
         x2 = x2 >>> 1 | x2 << 31;
         x3 = x3 << 1 | x3 >>> 31;
         x3 ^= t0 + 2 * t1 + sKey[k++];
-        if (DEBUG && debuglevel > 6)
-          {
-            System.out.println("CT" + (R) + "=" + Util.toString(x0)
-                               + Util.toString(x1) + Util.toString(x2)
-                               + Util.toString(x3));
-          }
-
+        if (Configuration.DEBUG)
+          log.fine("CT" + (R) + "=" + Util.toString(x0) + Util.toString(x1)
+                   + Util.toString(x2) + Util.toString(x3));
         t0 = Fe32(sBox, x2, 0);
         t1 = Fe32(sBox, x3, 3);
         x0 ^= t0 + t1 + sKey[k++];
         x0 = x0 >>> 1 | x0 << 31;
         x1 = x1 << 1 | x1 >>> 31;
         x1 ^= t0 + 2 * t1 + sKey[k++];
-        if (DEBUG && debuglevel > 6)
-          {
-            System.out.println("CT" + (R + 1) + "=" + Util.toString(x0)
-                               + Util.toString(x1) + Util.toString(x2)
-                               + Util.toString(x3));
-          }
+        if (Configuration.DEBUG)
+          log.fine("CT" + (R + 1) + "=" + Util.toString(x0) + Util.toString(x1)
+                   + Util.toString(x2) + Util.toString(x3));
       }
     x2 ^= sKey[OUTPUT_WHITEN];
     x3 ^= sKey[OUTPUT_WHITEN + 1];
     x0 ^= sKey[OUTPUT_WHITEN + 2];
     x1 ^= sKey[OUTPUT_WHITEN + 3];
-    if (DEBUG && debuglevel > 6)
-      {
-        System.out.println("CTw=" + Util.toString(x0) + Util.toString(x1)
-                           + Util.toString(x2) + Util.toString(x3));
-      }
-
+    if (Configuration.DEBUG)
+      log.fine("CTw=" + Util.toString(x0) + Util.toString(x1)
+               + Util.toString(x2) + Util.toString(x3));
     out[outOffset++] = (byte) x2;
-    out[outOffset++] = (byte) (x2 >>> 8);
-    out[outOffset++] = (byte) (x2 >>> 16);
-    out[outOffset++] = (byte) (x2 >>> 24);
+    out[outOffset++] = (byte)(x2 >>> 8);
+    out[outOffset++] = (byte)(x2 >>> 16);
+    out[outOffset++] = (byte)(x2 >>> 24);
     out[outOffset++] = (byte) x3;
-    out[outOffset++] = (byte) (x3 >>> 8);
-    out[outOffset++] = (byte) (x3 >>> 16);
-    out[outOffset++] = (byte) (x3 >>> 24);
+    out[outOffset++] = (byte)(x3 >>> 8);
+    out[outOffset++] = (byte)(x3 >>> 16);
+    out[outOffset++] = (byte)(x3 >>> 24);
     out[outOffset++] = (byte) x0;
-    out[outOffset++] = (byte) (x0 >>> 8);
-    out[outOffset++] = (byte) (x0 >>> 16);
-    out[outOffset++] = (byte) (x0 >>> 24);
+    out[outOffset++] = (byte)(x0 >>> 8);
+    out[outOffset++] = (byte)(x0 >>> 16);
+    out[outOffset++] = (byte)(x0 >>> 24);
     out[outOffset++] = (byte) x1;
-    out[outOffset++] = (byte) (x1 >>> 8);
-    out[outOffset++] = (byte) (x1 >>> 16);
-    out[outOffset] = (byte) (x1 >>> 24);
-
-    if (DEBUG && debuglevel > 6)
-      {
-        System.out.println("CT=" + Util.toString(out, outOffset - 15, 16));
-        System.out.println();
-      }
+    out[outOffset++] = (byte)(x1 >>> 8);
+    out[outOffset++] = (byte)(x1 >>> 16);
+    out[outOffset  ] = (byte)(x1 >>> 24);
+    if (Configuration.DEBUG)
+      log.fine("CT=" + Util.toString(out, outOffset - 15, 16) + "\n");
   }
 
   public void decrypt(byte[] in, int inOffset, byte[] out, int outOffset,
                       Object sessionKey, int bs)
   {
     if (bs != DEFAULT_BLOCK_SIZE)
-      {
-        throw new IllegalArgumentException();
-      }
-
+      throw new IllegalArgumentException();
     Object[] sk = (Object[]) sessionKey; // extract S-box and session key
     int[] sBox = (int[]) sk[0];
     int[] sKey = (int[]) sk[1];
-
-    if (DEBUG && debuglevel > 6)
-      {
-        System.out.println("CT=" + Util.toString(in, inOffset, bs));
-      }
-
-    int x2 = (in[inOffset++] & 0xFF) | (in[inOffset++] & 0xFF) << 8
-             | (in[inOffset++] & 0xFF) << 16 | (in[inOffset++] & 0xFF) << 24;
-    int x3 = (in[inOffset++] & 0xFF) | (in[inOffset++] & 0xFF) << 8
-             | (in[inOffset++] & 0xFF) << 16 | (in[inOffset++] & 0xFF) << 24;
-    int x0 = (in[inOffset++] & 0xFF) | (in[inOffset++] & 0xFF) << 8
-             | (in[inOffset++] & 0xFF) << 16 | (in[inOffset++] & 0xFF) << 24;
-    int x1 = (in[inOffset++] & 0xFF) | (in[inOffset++] & 0xFF) << 8
-             | (in[inOffset++] & 0xFF) << 16 | (in[inOffset++] & 0xFF) << 24;
-
+    if (Configuration.DEBUG)
+      log.fine("CT=" + Util.toString(in, inOffset, bs));
+    int x2 = (in[inOffset++] & 0xFF)
+           | (in[inOffset++] & 0xFF) << 8
+           | (in[inOffset++] & 0xFF) << 16
+           | (in[inOffset++] & 0xFF) << 24;
+    int x3 = (in[inOffset++] & 0xFF)
+           | (in[inOffset++] & 0xFF) << 8
+           | (in[inOffset++] & 0xFF) << 16
+           | (in[inOffset++] & 0xFF) << 24;
+    int x0 = (in[inOffset++] & 0xFF)
+           | (in[inOffset++] & 0xFF) << 8
+           | (in[inOffset++] & 0xFF) << 16
+           | (in[inOffset++] & 0xFF) << 24;
+    int x1 = (in[inOffset++] & 0xFF)
+           | (in[inOffset++] & 0xFF) << 8
+           | (in[inOffset++] & 0xFF) << 16
+           | (in[inOffset++] & 0xFF) << 24;
     x2 ^= sKey[OUTPUT_WHITEN];
     x3 ^= sKey[OUTPUT_WHITEN + 1];
     x0 ^= sKey[OUTPUT_WHITEN + 2];
     x1 ^= sKey[OUTPUT_WHITEN + 3];
-    if (DEBUG && debuglevel > 6)
-      {
-        System.out.println("CTw=" + Util.toString(x2) + Util.toString(x3)
-                           + Util.toString(x0) + Util.toString(x1));
-      }
-
+    if (Configuration.DEBUG)
+      log.fine("CTw=" + Util.toString(x2) + Util.toString(x3)
+               + Util.toString(x0) + Util.toString(x1));
     int k = ROUND_SUBKEYS + 2 * ROUNDS - 1;
     int t0, t1;
     for (int R = 0; R < ROUNDS; R += 2)
@@ -839,58 +683,44 @@ public final class Twofish extends BaseCipher
         x1 = x1 >>> 1 | x1 << 31;
         x0 = x0 << 1 | x0 >>> 31;
         x0 ^= t0 + t1 + sKey[k--];
-        if (DEBUG && debuglevel > 6)
-          {
-            System.out.println("PT" + (ROUNDS - R) + "=" + Util.toString(x2)
-                               + Util.toString(x3) + Util.toString(x0)
-                               + Util.toString(x1));
-          }
-
+        if (Configuration.DEBUG)
+          log.fine("PT" + (ROUNDS - R) + "=" + Util.toString(x2)
+                   + Util.toString(x3) + Util.toString(x0) + Util.toString(x1));
         t0 = Fe32(sBox, x0, 0);
         t1 = Fe32(sBox, x1, 3);
         x3 ^= t0 + 2 * t1 + sKey[k--];
         x3 = x3 >>> 1 | x3 << 31;
         x2 = x2 << 1 | x2 >>> 31;
         x2 ^= t0 + t1 + sKey[k--];
-        if (DEBUG && debuglevel > 6)
-          {
-            System.out.println("PT" + (ROUNDS - R - 1) + "="
-                               + Util.toString(x2) + Util.toString(x3)
-                               + Util.toString(x0) + Util.toString(x1));
-          }
+        if (Configuration.DEBUG)
+          log.fine("PT" + (ROUNDS - R - 1) + "=" + Util.toString(x2)
+                   + Util.toString(x3) + Util.toString(x0) + Util.toString(x1));
       }
     x0 ^= sKey[INPUT_WHITEN];
     x1 ^= sKey[INPUT_WHITEN + 1];
     x2 ^= sKey[INPUT_WHITEN + 2];
     x3 ^= sKey[INPUT_WHITEN + 3];
-    if (DEBUG && debuglevel > 6)
-      {
-        System.out.println("PTw=" + Util.toString(x2) + Util.toString(x3)
-                           + Util.toString(x0) + Util.toString(x1));
-      }
-
+    if (Configuration.DEBUG)
+      log.fine("PTw=" + Util.toString(x2) + Util.toString(x3)
+               + Util.toString(x0) + Util.toString(x1));
     out[outOffset++] = (byte) x0;
-    out[outOffset++] = (byte) (x0 >>> 8);
-    out[outOffset++] = (byte) (x0 >>> 16);
-    out[outOffset++] = (byte) (x0 >>> 24);
+    out[outOffset++] = (byte)(x0 >>> 8);
+    out[outOffset++] = (byte)(x0 >>> 16);
+    out[outOffset++] = (byte)(x0 >>> 24);
     out[outOffset++] = (byte) x1;
-    out[outOffset++] = (byte) (x1 >>> 8);
-    out[outOffset++] = (byte) (x1 >>> 16);
-    out[outOffset++] = (byte) (x1 >>> 24);
+    out[outOffset++] = (byte)(x1 >>> 8);
+    out[outOffset++] = (byte)(x1 >>> 16);
+    out[outOffset++] = (byte)(x1 >>> 24);
     out[outOffset++] = (byte) x2;
-    out[outOffset++] = (byte) (x2 >>> 8);
-    out[outOffset++] = (byte) (x2 >>> 16);
-    out[outOffset++] = (byte) (x2 >>> 24);
+    out[outOffset++] = (byte)(x2 >>> 8);
+    out[outOffset++] = (byte)(x2 >>> 16);
+    out[outOffset++] = (byte)(x2 >>> 24);
     out[outOffset++] = (byte) x3;
-    out[outOffset++] = (byte) (x3 >>> 8);
-    out[outOffset++] = (byte) (x3 >>> 16);
-    out[outOffset] = (byte) (x3 >>> 24);
-
-    if (DEBUG && debuglevel > 6)
-      {
-        System.out.println("PT=" + Util.toString(out, outOffset - 15, 16));
-        System.out.println();
-      }
+    out[outOffset++] = (byte)(x3 >>> 8);
+    out[outOffset++] = (byte)(x3 >>> 16);
+    out[outOffset  ] = (byte)(x3 >>> 24);
+    if (Configuration.DEBUG)
+      log.fine("PT=" + Util.toString(out, outOffset - 15, 16) + "\n");
   }
 
   public boolean selfTest()
@@ -899,11 +729,9 @@ public final class Twofish extends BaseCipher
       {
         boolean result = super.selfTest(); // do symmetry tests
         if (result)
-          {
-            result = testKat(KAT_KEY, KAT_CT);
-          }
+          result = testKat(KAT_KEY, KAT_CT);
         valid = Boolean.valueOf(result);
       }
     return valid.booleanValue();
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/cipher/WeakKeyException.java b/libjava/classpath/gnu/javax/crypto/cipher/WeakKeyException.java
index 4454e0e4502..f89ff54d1ca 100644
--- a/libjava/classpath/gnu/javax/crypto/cipher/WeakKeyException.java
+++ b/libjava/classpath/gnu/javax/crypto/cipher/WeakKeyException.java
@@ -41,18 +41,12 @@ package gnu.javax.crypto.cipher;
 import java.security.InvalidKeyException;
 
 /**
- * <p>Checked exception thrown to indicate that a weak key has been generated
- * and or specified instead of a valid non-weak value.</p>
+ * Checked exception thrown to indicate that a weak key has been generated and
+ * or specified instead of a valid non-weak value.
  */
-public class WeakKeyException extends InvalidKeyException
+public class WeakKeyException
+    extends InvalidKeyException
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public WeakKeyException()
   {
     super();
@@ -62,10 +56,4 @@ public class WeakKeyException extends InvalidKeyException
   {
     super(msg);
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/jce/DiffieHellmanImpl.java b/libjava/classpath/gnu/javax/crypto/jce/DiffieHellmanImpl.java
index 02761477a69..4f4d5e47908 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/DiffieHellmanImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/DiffieHellmanImpl.java
@@ -46,6 +46,7 @@ import java.security.spec.AlgorithmParameterSpec;
 
 import javax.crypto.KeyAgreementSpi;
 import javax.crypto.SecretKey;
+import javax.crypto.ShortBufferException;
 import javax.crypto.interfaces.DHPrivateKey;
 import javax.crypto.interfaces.DHPublicKey;
 import javax.crypto.spec.DHParameterSpec;
@@ -63,7 +64,7 @@ public final class DiffieHellmanImpl
   private DHPrivateKey key;
 
   /** The current result. */
-  private BigInteger result;
+  private byte[] result;
 
   /** True if the caller told us we are done. */
   private boolean last_phase_done;
@@ -96,43 +97,49 @@ public final class DiffieHellmanImpl
     if (! s1.getG().equals(s2.getG()) || ! s1.getP().equals(s2.getP())
         || s1.getL() != s2.getL())
       throw new InvalidKeyException("Incompatible key");
-
-    result = pub.getY().modPow(key.getX(), s1.getP());
     if (! lastPhase)
-      throw new IllegalArgumentException("This key-agreement MUST be concluded in one step only");
-
+      throw new IllegalArgumentException(
+          "This key-agreement MUST be concluded in one step only");
+    BigInteger resultBI = pub.getY().modPow(key.getX(), s1.getP());
+    result = resultBI.toByteArray();
+    if (result[0] == 0x00)
+      {
+        byte[] buf = new byte[result.length - 1];
+        System.arraycopy(result, 1, buf, 0, buf.length);
+        result = buf;
+      }
     last_phase_done = true;
     return null;
   }
 
   protected byte[] engineGenerateSecret()
   {
-    if (result == null || ! last_phase_done)
-      throw new IllegalStateException("Not finished");
-
-    byte[] buf = result.toByteArray();
-    if (buf[0] == 0x00)
-      {
-        byte[] buf2 = new byte[buf.length - 1];
-        System.arraycopy(buf, 1, buf2, 0, buf2.length);
-        buf = buf2;
-      }
-
-    return buf;
+    checkState();
+    byte[] res = (byte[]) result.clone();
+    reset();
+    return res;
   }
 
   protected int engineGenerateSecret(byte[] secret, int offset)
+      throws ShortBufferException
   {
-    byte[] s = engineGenerateSecret();
-    System.arraycopy(s, 0, secret, offset, s.length);
-    return s.length;
+    checkState();
+    if (result.length > secret.length - offset)
+      throw new ShortBufferException();
+    System.arraycopy(result, 0, secret, offset, result.length);
+    int res = result.length;
+    reset();
+    return res;
   }
 
   protected SecretKey engineGenerateSecret(String algorithm)
       throws InvalidKeyException
   {
-    byte[] s = engineGenerateSecret();
-    return new SecretKeySpec(s, algorithm);
+    checkState();
+    byte[] s = (byte[]) result.clone();
+    SecretKey res = new SecretKeySpec(s, algorithm);
+    reset();
+    return res;
   }
 
   protected void engineInit(Key key, SecureRandom random)
@@ -140,10 +147,8 @@ public final class DiffieHellmanImpl
   {
     if (! (key instanceof DHPrivateKey))
       throw new InvalidKeyException("Key MUST be a DHPrivateKey");
-
     this.key = (DHPrivateKey) key;
-    result = null;
-    last_phase_done = false;
+    reset();
   }
 
   protected void engineInit(Key key, AlgorithmParameterSpec params,
@@ -152,4 +157,16 @@ public final class DiffieHellmanImpl
   {
     engineInit(key, random);
   }
+
+  private void reset()
+  {
+    result = null;
+    last_phase_done = false;
+  }
+
+  private void checkState()
+  {
+    if (result == null || ! last_phase_done)
+      throw new IllegalStateException("Not finished");
+  }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/jce/GnuCrypto.java b/libjava/classpath/gnu/javax/crypto/jce/GnuCrypto.java
index b0e73b13256..8099fd13da9 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/GnuCrypto.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/GnuCrypto.java
@@ -49,24 +49,14 @@ import java.util.HashSet;
 import java.util.Set;
 
 /**
- * <p>The GNU Crypto implementation of the Java Cryptographic Extension (JCE)
- * Provider.</p>
- *
+ * The additional GNU algorithm implementation as a Java Cryptographic Extension
+ * (JCE) Provider.
+ * 
  * @see java.security.Provider
  */
-public final class GnuCrypto extends Provider
+public final class GnuCrypto
+    extends Provider
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
-  /**
-   * <p>The <a href="http://www.gnu.org/software/gnu-crypto/">GNU Crypto</a>
-   * Provider.</p>
-   */
   public GnuCrypto()
   {
     super(Registry.GNU_CRYPTO, 2.1, "GNU Crypto JCE Provider");
@@ -120,8 +110,7 @@ public final class GnuCrypto extends Provider
             gnu.javax.crypto.jce.cipher.PBES2.HMacHaval.AES.class.getName());
         put("Cipher.PBEWithHMacHavalAndAnubis",
             gnu.javax.crypto.jce.cipher.PBES2.HMacHaval.Anubis.class.getName());
-        put(
-            "Cipher.PBEWithHMacHavalAndBlowfish",
+        put("Cipher.PBEWithHMacHavalAndBlowfish",
             gnu.javax.crypto.jce.cipher.PBES2.HMacHaval.Blowfish.class.getName());
         put("Cipher.PBEWithHMacHavalAndCast5",
             gnu.javax.crypto.jce.cipher.PBES2.HMacHaval.Cast5.class.getName());
@@ -133,8 +122,7 @@ public final class GnuCrypto extends Provider
             gnu.javax.crypto.jce.cipher.PBES2.HMacHaval.Serpent.class.getName());
         put("Cipher.PBEWithHMacHavalAndSquare",
             gnu.javax.crypto.jce.cipher.PBES2.HMacHaval.Square.class.getName());
-        put(
-            "Cipher.PBEWithHMacHavalAndTripleDES",
+        put("Cipher.PBEWithHMacHavalAndTripleDES",
             gnu.javax.crypto.jce.cipher.PBES2.HMacHaval.TripleDES.class.getName());
         put("Cipher.PBEWithHMacHavalAndTwofish",
             gnu.javax.crypto.jce.cipher.PBES2.HMacHaval.Twofish.class.getName());
@@ -228,8 +216,7 @@ public final class GnuCrypto extends Provider
             gnu.javax.crypto.jce.cipher.PBES2.HMacSHA256.AES.class.getName());
         put("Cipher.PBEWithHMacSHA256AndAnubis",
             gnu.javax.crypto.jce.cipher.PBES2.HMacSHA256.Anubis.class.getName());
-        put(
-            "Cipher.PBEWithHMacSHA256AndBlowfish",
+        put("Cipher.PBEWithHMacSHA256AndBlowfish",
             gnu.javax.crypto.jce.cipher.PBES2.HMacSHA256.Blowfish.class.getName());
         put("Cipher.PBEWithHMacSHA256AndCast5",
             gnu.javax.crypto.jce.cipher.PBES2.HMacSHA256.Cast5.class.getName());
@@ -237,24 +224,20 @@ public final class GnuCrypto extends Provider
             gnu.javax.crypto.jce.cipher.PBES2.HMacSHA256.DES.class.getName());
         put("Cipher.PBEWithHMacSHA256AndKhazad",
             gnu.javax.crypto.jce.cipher.PBES2.HMacSHA256.Khazad.class.getName());
-        put(
-            "Cipher.PBEWithHMacSHA256AndSerpent",
+        put("Cipher.PBEWithHMacSHA256AndSerpent",
             gnu.javax.crypto.jce.cipher.PBES2.HMacSHA256.Serpent.class.getName());
         put("Cipher.PBEWithHMacSHA256AndSquare",
             gnu.javax.crypto.jce.cipher.PBES2.HMacSHA256.Square.class.getName());
-        put(
-            "Cipher.PBEWithHMacSHA256AndTripleDES",
+        put("Cipher.PBEWithHMacSHA256AndTripleDES",
             gnu.javax.crypto.jce.cipher.PBES2.HMacSHA256.TripleDES.class.getName());
-        put(
-            "Cipher.PBEWithHMacSHA256AndTwofish",
+        put("Cipher.PBEWithHMacSHA256AndTwofish",
             gnu.javax.crypto.jce.cipher.PBES2.HMacSHA256.Twofish.class.getName());
 
         put("Cipher.PBEWithHMacSHA384AndAES",
             gnu.javax.crypto.jce.cipher.PBES2.HMacSHA384.AES.class.getName());
         put("Cipher.PBEWithHMacSHA384AndAnubis",
             gnu.javax.crypto.jce.cipher.PBES2.HMacSHA384.Anubis.class.getName());
-        put(
-            "Cipher.PBEWithHMacSHA384AndBlowfish",
+        put("Cipher.PBEWithHMacSHA384AndBlowfish",
             gnu.javax.crypto.jce.cipher.PBES2.HMacSHA384.Blowfish.class.getName());
         put("Cipher.PBEWithHMacSHA384AndCast5",
             gnu.javax.crypto.jce.cipher.PBES2.HMacSHA384.Cast5.class.getName());
@@ -262,24 +245,20 @@ public final class GnuCrypto extends Provider
             gnu.javax.crypto.jce.cipher.PBES2.HMacSHA384.DES.class.getName());
         put("Cipher.PBEWithHMacSHA384AndKhazad",
             gnu.javax.crypto.jce.cipher.PBES2.HMacSHA384.Khazad.class.getName());
-        put(
-            "Cipher.PBEWithHMacSHA384AndSerpent",
+        put("Cipher.PBEWithHMacSHA384AndSerpent",
             gnu.javax.crypto.jce.cipher.PBES2.HMacSHA384.Serpent.class.getName());
         put("Cipher.PBEWithHMacSHA384AndSquare",
             gnu.javax.crypto.jce.cipher.PBES2.HMacSHA384.Square.class.getName());
-        put(
-            "Cipher.PBEWithHMacSHA384AndTripleDES",
+        put("Cipher.PBEWithHMacSHA384AndTripleDES",
             gnu.javax.crypto.jce.cipher.PBES2.HMacSHA384.TripleDES.class.getName());
-        put(
-            "Cipher.PBEWithHMacSHA384AndTwofish",
+        put("Cipher.PBEWithHMacSHA384AndTwofish",
             gnu.javax.crypto.jce.cipher.PBES2.HMacSHA384.Twofish.class.getName());
 
         put("Cipher.PBEWithHMacSHA512AndAES",
             gnu.javax.crypto.jce.cipher.PBES2.HMacSHA512.AES.class.getName());
         put("Cipher.PBEWithHMacSHA512AndAnubis",
             gnu.javax.crypto.jce.cipher.PBES2.HMacSHA512.Anubis.class.getName());
-        put(
-            "Cipher.PBEWithHMacSHA512AndBlowfish",
+        put("Cipher.PBEWithHMacSHA512AndBlowfish",
             gnu.javax.crypto.jce.cipher.PBES2.HMacSHA512.Blowfish.class.getName());
         put("Cipher.PBEWithHMacSHA512AndCast5",
             gnu.javax.crypto.jce.cipher.PBES2.HMacSHA512.Cast5.class.getName());
@@ -287,24 +266,20 @@ public final class GnuCrypto extends Provider
             gnu.javax.crypto.jce.cipher.PBES2.HMacSHA512.DES.class.getName());
         put("Cipher.PBEWithHMacSHA512AndKhazad",
             gnu.javax.crypto.jce.cipher.PBES2.HMacSHA512.Khazad.class.getName());
-        put(
-            "Cipher.PBEWithHMacSHA512AndSerpent",
+        put("Cipher.PBEWithHMacSHA512AndSerpent",
             gnu.javax.crypto.jce.cipher.PBES2.HMacSHA512.Serpent.class.getName());
         put("Cipher.PBEWithHMacSHA512AndSquare",
             gnu.javax.crypto.jce.cipher.PBES2.HMacSHA512.Square.class.getName());
-        put(
-            "Cipher.PBEWithHMacSHA512AndTripleDES",
+        put("Cipher.PBEWithHMacSHA512AndTripleDES",
             gnu.javax.crypto.jce.cipher.PBES2.HMacSHA512.TripleDES.class.getName());
-        put(
-            "Cipher.PBEWithHMacSHA512AndTwofish",
+        put("Cipher.PBEWithHMacSHA512AndTwofish",
             gnu.javax.crypto.jce.cipher.PBES2.HMacSHA512.Twofish.class.getName());
 
         put("Cipher.PBEWithHMacTigerAndAES",
             gnu.javax.crypto.jce.cipher.PBES2.HMacTiger.AES.class.getName());
         put("Cipher.PBEWithHMacTigerAndAnubis",
             gnu.javax.crypto.jce.cipher.PBES2.HMacTiger.Anubis.class.getName());
-        put(
-            "Cipher.PBEWithHMacTigerAndBlowfish",
+        put("Cipher.PBEWithHMacTigerAndBlowfish",
             gnu.javax.crypto.jce.cipher.PBES2.HMacTiger.Blowfish.class.getName());
         put("Cipher.PBEWithHMacTigerAndCast5",
             gnu.javax.crypto.jce.cipher.PBES2.HMacTiger.Cast5.class.getName());
@@ -316,44 +291,44 @@ public final class GnuCrypto extends Provider
             gnu.javax.crypto.jce.cipher.PBES2.HMacTiger.Serpent.class.getName());
         put("Cipher.PBEWithHMacTigerAndSquare",
             gnu.javax.crypto.jce.cipher.PBES2.HMacTiger.Square.class.getName());
-        put(
-            "Cipher.PBEWithHMacTigerAndTripleDES",
+        put("Cipher.PBEWithHMacTigerAndTripleDES",
             gnu.javax.crypto.jce.cipher.PBES2.HMacTiger.TripleDES.class.getName());
         put("Cipher.PBEWithHMacTigerAndTwofish",
             gnu.javax.crypto.jce.cipher.PBES2.HMacTiger.Twofish.class.getName());
 
         put("Cipher.PBEWithHMacWhirlpoolAndAES",
             gnu.javax.crypto.jce.cipher.PBES2.HMacWhirlpool.AES.class.getName());
-        put(
-            "Cipher.PBEWithHMacWhirlpoolAndAnubis",
+        put("Cipher.PBEWithHMacWhirlpoolAndAnubis",
             gnu.javax.crypto.jce.cipher.PBES2.HMacWhirlpool.Anubis.class.getName());
-        put(
-            "Cipher.PBEWithHMacWhirlpoolAndBlowfish",
+        put("Cipher.PBEWithHMacWhirlpoolAndBlowfish",
             gnu.javax.crypto.jce.cipher.PBES2.HMacWhirlpool.Blowfish.class.getName());
-        put(
-            "Cipher.PBEWithHMacWhirlpoolAndCast5",
+        put("Cipher.PBEWithHMacWhirlpoolAndCast5",
             gnu.javax.crypto.jce.cipher.PBES2.HMacWhirlpool.Cast5.class.getName());
         put("Cipher.PBEWithHMacWhirlpoolAndDES",
             gnu.javax.crypto.jce.cipher.PBES2.HMacWhirlpool.DES.class.getName());
-        put(
-            "Cipher.PBEWithHMacWhirlpoolAndKhazad",
+        put("Cipher.PBEWithHMacWhirlpoolAndKhazad",
             gnu.javax.crypto.jce.cipher.PBES2.HMacWhirlpool.Khazad.class.getName());
-        put(
-            "Cipher.PBEWithHMacWhirlpoolAndSerpent",
+        put("Cipher.PBEWithHMacWhirlpoolAndSerpent",
             gnu.javax.crypto.jce.cipher.PBES2.HMacWhirlpool.Serpent.class.getName());
-        put(
-            "Cipher.PBEWithHMacWhirlpoolAndSquare",
+        put("Cipher.PBEWithHMacWhirlpoolAndSquare",
             gnu.javax.crypto.jce.cipher.PBES2.HMacWhirlpool.Square.class.getName());
-        put(
-            "Cipher.PBEWithHMacWhirlpoolAndTripleDES",
+        put("Cipher.PBEWithHMacWhirlpoolAndTripleDES",
             gnu.javax.crypto.jce.cipher.PBES2.HMacWhirlpool.TripleDES.class.getName());
-        put(
-            "Cipher.PBEWithHMacWhirlpoolAndTwofish",
+        put("Cipher.PBEWithHMacWhirlpoolAndTwofish",
             gnu.javax.crypto.jce.cipher.PBES2.HMacWhirlpool.Twofish.class.getName());
 
+        // Key Wrapping Algorithm cipher
+        put("Cipher." + Registry.AES128_KWA,
+            gnu.javax.crypto.jce.cipher.AES128KeyWrapSpi.class.getName());
+        put("Cipher." + Registry.AES192_KWA,
+            gnu.javax.crypto.jce.cipher.AES192KeyWrapSpi.class.getName());
+        put("Cipher." + Registry.AES256_KWA,
+            gnu.javax.crypto.jce.cipher.AES256KeyWrapSpi.class.getName());
+        put("Cipher." + Registry.TRIPLEDES_KWA,
+            gnu.javax.crypto.jce.cipher.TripleDESKeyWrapSpi.class.getName());
+
         // SecretKeyFactory interface to PBKDF2.
-        put(
-            "SecretKeyFactory.PBKDF2WithHMacHaval",
+        put("SecretKeyFactory.PBKDF2WithHMacHaval",
             gnu.javax.crypto.jce.PBKDF2SecretKeyFactory.HMacHaval.class.getName());
         put("SecretKeyFactory.PBKDF2WithHMacMD2",
             gnu.javax.crypto.jce.PBKDF2SecretKeyFactory.HMacMD2.class.getName());
@@ -361,30 +336,23 @@ public final class GnuCrypto extends Provider
             gnu.javax.crypto.jce.PBKDF2SecretKeyFactory.HMacMD4.class.getName());
         put("SecretKeyFactory.PBKDF2WithHMacMD5",
             gnu.javax.crypto.jce.PBKDF2SecretKeyFactory.HMacMD5.class.getName());
-        put(
-            "SecretKeyFactory.PBKDF2WithHMacSHA1",
+        put("SecretKeyFactory.PBKDF2WithHMacSHA1",
             gnu.javax.crypto.jce.PBKDF2SecretKeyFactory.HMacSHA1.class.getName());
-        put(
-            "SecretKeyFactory.PBKDF2WithHMacSHA256",
+        put("SecretKeyFactory.PBKDF2WithHMacSHA256",
             gnu.javax.crypto.jce.PBKDF2SecretKeyFactory.HMacSHA256.class.getName());
-        put(
-            "SecretKeyFactory.PBKDF2WithHMacSHA384",
+        put("SecretKeyFactory.PBKDF2WithHMacSHA384",
             gnu.javax.crypto.jce.PBKDF2SecretKeyFactory.HMacSHA384.class.getName());
-        put(
-            "SecretKeyFactory.PBKDF2WithHMacSHA512",
+        put("SecretKeyFactory.PBKDF2WithHMacSHA512",
             gnu.javax.crypto.jce.PBKDF2SecretKeyFactory.HMacSHA512.class.getName());
-        put(
-            "SecretKeyFactory.PBKDF2WithHMacTiger",
+        put("SecretKeyFactory.PBKDF2WithHMacTiger",
             gnu.javax.crypto.jce.PBKDF2SecretKeyFactory.HMacTiger.class.getName());
-        put(
-            "SecretKeyFactory.PBKDF2WithHMacWhirlpool",
+        put("SecretKeyFactory.PBKDF2WithHMacWhirlpool",
             gnu.javax.crypto.jce.PBKDF2SecretKeyFactory.HMacWhirlpool.class.getName());
 
         // Simple SecretKeyFactory implementations.
         put("SecretKeyFactory.Anubis",
             gnu.javax.crypto.jce.key.AnubisSecretKeyFactoryImpl.class.getName());
-        put(
-            "SecretKeyFactory.Blowfish",
+        put("SecretKeyFactory.Blowfish",
             gnu.javax.crypto.jce.key.BlowfishSecretKeyFactoryImpl.class.getName());
         put("SecretKeyFactory.Cast5",
             gnu.javax.crypto.jce.key.Cast5SecretKeyFactoryImpl.class.getName());
@@ -392,11 +360,9 @@ public final class GnuCrypto extends Provider
             gnu.javax.crypto.jce.key.DESSecretKeyFactoryImpl.class.getName());
         put("SecretKeyFactory.Khazad",
             gnu.javax.crypto.jce.key.KhazadSecretKeyFactoryImpl.class.getName());
-        put(
-            "SecretKeyFactory.Rijndael",
+        put("SecretKeyFactory.Rijndael",
             gnu.javax.crypto.jce.key.RijndaelSecretKeyFactoryImpl.class.getName());
-        put(
-            "SecretKeyFactory.Serpent",
+        put("SecretKeyFactory.Serpent",
             gnu.javax.crypto.jce.key.SerpentSecretKeyFactoryImpl.class.getName());
         put("SecretKeyFactory.Square",
             gnu.javax.crypto.jce.key.SquareSecretKeyFactoryImpl.class.getName());
@@ -409,7 +375,19 @@ public final class GnuCrypto extends Provider
 
         put("AlgorithmParameters.BlockCipherParameters",
             gnu.javax.crypto.jce.params.BlockCipherParameters.class.getName());
-
+        put("Alg.Alias.AlgorithmParameters.Anubis", "BlockCipherParameters");
+        put("Alg.Alias.AlgorithmParameters.Blowfish", "BlockCipherParameters");
+        put("Alg.Alias.AlgorithmParameters.Cast5", "BlockCipherParameters");
+        put("Alg.Alias.AlgorithmParameters.DES", "BlockCipherParameters");
+        put("Alg.Alias.AlgorithmParameters.Khazad", "BlockCipherParameters");
+        put("Alg.Alias.AlgorithmParameters.Rijndael", "BlockCipherParameters");
+        put("Alg.Alias.AlgorithmParameters.AES", "BlockCipherParameters");
+        put("Alg.Alias.AlgorithmParameters.Serpent", "BlockCipherParameters");
+        put("Alg.Alias.AlgorithmParameters.Square", "BlockCipherParameters");
+        put("Alg.Alias.AlgorithmParameters.TripleDES", "BlockCipherParameters");
+        put("Alg.Alias.AlgorithmParameters.DESede", "BlockCipherParameters");
+        put("Alg.Alias.AlgorithmParameters.3-DES", "BlockCipherParameters");
+        put("Alg.Alias.AlgorithmParameters.3DES", "BlockCipherParameters");
 
         // KeyGenerator Adapter implementations
         put("KeyGenerator.Anubis",
@@ -541,19 +519,25 @@ public final class GnuCrypto extends Provider
         put("Alg.Alias.Cipher.RSA", "RSAES-PKCS1-v1_5");
 
         // SecureRandom
-        put("SecureRandom.ARCFOUR", gnu.javax.crypto.jce.prng.ARCFourRandomSpi.class.getName());
+        put("SecureRandom.ARCFOUR",
+            gnu.javax.crypto.jce.prng.ARCFourRandomSpi.class.getName());
         put("SecureRandom.ARCFOUR ImplementedIn", "Software");
-        put("SecureRandom.CSPRNG", gnu.javax.crypto.jce.prng.CSPRNGSpi.class.getName());
+        put("SecureRandom.CSPRNG",
+            gnu.javax.crypto.jce.prng.CSPRNGSpi.class.getName());
         put("SecureRandom.CSPRNG ImplementedIn", "Software");
-        put("SecureRandom.ICM", gnu.javax.crypto.jce.prng.ICMRandomSpi.class.getName());
+        put("SecureRandom.ICM",
+            gnu.javax.crypto.jce.prng.ICMRandomSpi.class.getName());
         put("SecureRandom.ICM ImplementedIn", "Software");
-        put("SecureRandom.UMAC-KDF", gnu.javax.crypto.jce.prng.UMacRandomSpi.class.getName());
+        put("SecureRandom.UMAC-KDF",
+            gnu.javax.crypto.jce.prng.UMacRandomSpi.class.getName());
         put("SecureRandom.UMAC-KDF ImplementedIn", "Software");
-        put("SecureRandom.Fortuna", gnu.javax.crypto.jce.prng.FortunaImpl.class.getName ());
+        put("SecureRandom.Fortuna",
+            gnu.javax.crypto.jce.prng.FortunaImpl.class.getName());
         put("SecureRandom.Fortuna ImplementedIn", "Software");
 
         // KeyStore
-        put("KeyStore.GKR", gnu.javax.crypto.jce.keyring.GnuKeyring.class.getName());
+        put("KeyStore.GKR",
+            gnu.javax.crypto.jce.keyring.GnuKeyring.class.getName());
         put("Alg.Alias.KeyStore.GnuKeyring", "GKR");
 
         // KeyPairGenerator ---------------------------------------------------
@@ -587,13 +571,10 @@ public final class GnuCrypto extends Provider
     });
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns a {@link Set} of names of symmetric key block cipher algorithms
-   * available from this {@link Provider}.</p>
-   *
+   * Returns a {@link Set} of names of symmetric key block cipher algorithms
+   * available from this {@link Provider}.
+   * 
    * @return a {@link Set} of cipher names (Strings).
    */
   public static final Set getCipherNames()
@@ -605,16 +586,13 @@ public final class GnuCrypto extends Provider
   }
 
   /**
-   * <p>Returns a {@link Set} of names of MAC algorithms available from
-   * this {@link Provider}.</p>
-   *
+   * Returns a {@link Set} of names of MAC algorithms available from this
+   * {@link Provider}.
+   * 
    * @return a {@link Set} of MAC names (Strings).
    */
   public static final Set getMacNames()
   {
     return MacFactory.getNames();
   }
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/javax/crypto/jce/GnuSasl.java b/libjava/classpath/gnu/javax/crypto/jce/GnuSasl.java
index 6ee86ae19d5..923b40a5f92 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/GnuSasl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/GnuSasl.java
@@ -47,53 +47,63 @@ import java.security.PrivilegedAction;
 import java.security.Provider;
 import java.util.Set;
 
-public final class GnuSasl extends Provider
+public final class GnuSasl
+    extends Provider
 {
-
-  // Constructor.
-  // -------------------------------------------------------------------------
-
   public GnuSasl()
   {
-    super (Registry.GNU_SASL, 2.1, "GNU Crypto SASL Provider");
+    super(Registry.GNU_SASL, 2.1, "GNU SASL Provider");
 
-    AccessController.doPrivileged (new PrivilegedAction()
+    AccessController.doPrivileged(new PrivilegedAction()
+    {
+      public Object run()
       {
-        public Object run()
-        {
-          // SASL Client and Server mechanisms
-          put("SaslClientFactory.ANONYMOUS", gnu.javax.crypto.sasl.ClientFactory.class.getName());
-          put("SaslClientFactory.PLAIN", gnu.javax.crypto.sasl.ClientFactory.class.getName());
-          put("SaslClientFactory.CRAM-MD5", gnu.javax.crypto.sasl.ClientFactory.class.getName());
-          put("SaslClientFactory.SRP", gnu.javax.crypto.sasl.ClientFactory.class.getName());
-
-          put("SaslServerFactory.ANONYMOUS", gnu.javax.crypto.sasl.ServerFactory.class.getName());
-          put("SaslServerFactory.PLAIN", gnu.javax.crypto.sasl.ServerFactory.class.getName());
-          put("SaslServerFactory.CRAM-MD5", gnu.javax.crypto.sasl.ServerFactory.class.getName());
-          put("SaslServerFactory.SRP-MD5", gnu.javax.crypto.sasl.ServerFactory.class.getName());
-          put("SaslServerFactory.SRP-SHA-160", gnu.javax.crypto.sasl.ServerFactory.class.getName());
-          put("SaslServerFactory.SRP-RIPEMD128", gnu.javax.crypto.sasl.ServerFactory.class.getName());
-          put("SaslServerFactory.SRP-RIPEMD160", gnu.javax.crypto.sasl.ServerFactory.class.getName());
-          put("SaslServerFactory.SRP-TIGER", gnu.javax.crypto.sasl.ServerFactory.class.getName());
-          put("SaslServerFactory.SRP-WHIRLPOOL", gnu.javax.crypto.sasl.ServerFactory.class.getName());
-
-          put("Alg.Alias.SaslServerFactory.SRP-SHS", "SRP-SHA-160");
-          put("Alg.Alias.SaslServerFactory.SRP-SHA", "SRP-SHA-160");
-          put("Alg.Alias.SaslServerFactory.SRP-SHA1", "SRP-SHA-160");
-          put("Alg.Alias.SaslServerFactory.SRP-SHA-1", "SRP-SHA-160");
-          put("Alg.Alias.SaslServerFactory.SRP-SHA160", "SRP-SHA-160");
-          put("Alg.Alias.SaslServerFactory.SRP-RIPEMD-128", "SRP-RIPEMD128");
-          put("Alg.Alias.SaslServerFactory.SRP-RIPEMD-160", "SRP-RIPEMD160");
-
-          return null;
-        }
-      });
+        // SASL Client and Server mechanisms
+        put("SaslClientFactory.ANONYMOUS",
+            gnu.javax.crypto.sasl.ClientFactory.class.getName());
+        put("SaslClientFactory.PLAIN",
+            gnu.javax.crypto.sasl.ClientFactory.class.getName());
+        put("SaslClientFactory.CRAM-MD5",
+            gnu.javax.crypto.sasl.ClientFactory.class.getName());
+        put("SaslClientFactory.SRP",
+            gnu.javax.crypto.sasl.ClientFactory.class.getName());
+
+        put("SaslServerFactory.ANONYMOUS",
+            gnu.javax.crypto.sasl.ServerFactory.class.getName());
+        put("SaslServerFactory.PLAIN",
+            gnu.javax.crypto.sasl.ServerFactory.class.getName());
+        put("SaslServerFactory.CRAM-MD5",
+            gnu.javax.crypto.sasl.ServerFactory.class.getName());
+        put("SaslServerFactory.SRP-MD5",
+            gnu.javax.crypto.sasl.ServerFactory.class.getName());
+        put("SaslServerFactory.SRP-SHA-160",
+            gnu.javax.crypto.sasl.ServerFactory.class.getName());
+        put("SaslServerFactory.SRP-RIPEMD128",
+            gnu.javax.crypto.sasl.ServerFactory.class.getName());
+        put("SaslServerFactory.SRP-RIPEMD160",
+            gnu.javax.crypto.sasl.ServerFactory.class.getName());
+        put("SaslServerFactory.SRP-TIGER",
+            gnu.javax.crypto.sasl.ServerFactory.class.getName());
+        put("SaslServerFactory.SRP-WHIRLPOOL",
+            gnu.javax.crypto.sasl.ServerFactory.class.getName());
+
+        put("Alg.Alias.SaslServerFactory.SRP-SHS", "SRP-SHA-160");
+        put("Alg.Alias.SaslServerFactory.SRP-SHA", "SRP-SHA-160");
+        put("Alg.Alias.SaslServerFactory.SRP-SHA1", "SRP-SHA-160");
+        put("Alg.Alias.SaslServerFactory.SRP-SHA-1", "SRP-SHA-160");
+        put("Alg.Alias.SaslServerFactory.SRP-SHA160", "SRP-SHA-160");
+        put("Alg.Alias.SaslServerFactory.SRP-RIPEMD-128", "SRP-RIPEMD128");
+        put("Alg.Alias.SaslServerFactory.SRP-RIPEMD-160", "SRP-RIPEMD160");
+
+        return null;
+      }
+    });
   }
 
   /**
-   * <p>Returns a {@link Set} of names of SASL Client mechanisms available from
-   * this {@link Provider}.</p>
-   *
+   * Returns a {@link Set} of names of SASL Client mechanisms available from
+   * this {@link Provider}.
+   * 
    * @return a {@link Set} of SASL Client mechanisms (Strings).
    */
   public static final Set getSaslClientMechanismNames()
@@ -102,9 +112,9 @@ public final class GnuSasl extends Provider
   }
 
   /**
-   * <p>Returns a {@link Set} of names of SASL Server mechanisms available from
-   * this {@link Provider}.</p>
-   *
+   * Returns a {@link Set} of names of SASL Server mechanisms available from
+   * this {@link Provider}.
+   * 
    * @return a {@link Set} of SASL Server mechanisms (Strings).
    */
   public static final Set getSaslServerMechanismNames()
diff --git a/libjava/classpath/gnu/javax/crypto/jce/PBKDF2SecretKeyFactory.java b/libjava/classpath/gnu/javax/crypto/jce/PBKDF2SecretKeyFactory.java
index 59231c6c71d..be7fb18b0d5 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/PBKDF2SecretKeyFactory.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/PBKDF2SecretKeyFactory.java
@@ -53,57 +53,38 @@ import gnu.java.security.prng.IRandom;
 import gnu.java.security.prng.LimitReachedException;
 import gnu.javax.crypto.prng.PRNGFactory;
 
-public abstract class PBKDF2SecretKeyFactory extends SecretKeyFactorySpi
+public abstract class PBKDF2SecretKeyFactory
+    extends SecretKeyFactorySpi
 {
-
-  // Constants and fields.
-  // ------------------------------------------------------------------------
-
   protected String macName;
-
   private static final int DEFAULT_ITERATION_COUNT = 1000;
-
   private static final int DEFAULT_KEY_LEN = 32;
 
-  // Constructor.
-  // ------------------------------------------------------------------------
-
   protected PBKDF2SecretKeyFactory(String macName)
   {
     this.macName = macName;
   }
 
-  // Instance methods.
-  // ------------------------------------------------------------------------
-
   protected SecretKey engineGenerateSecret(KeySpec spec)
       throws InvalidKeySpecException
   {
-    if (!(spec instanceof PBEKeySpec))
-      {
-        throw new InvalidKeySpecException("not a PBEKeySpec");
-      }
+    if (! (spec instanceof PBEKeySpec))
+      throw new InvalidKeySpecException("not a PBEKeySpec");
     IRandom kdf = PRNGFactory.getInstance("PBKDF2-" + macName);
     HashMap attr = new HashMap();
     attr.put(IPBE.PASSWORD, ((PBEKeySpec) spec).getPassword());
     byte[] salt = ((PBEKeySpec) spec).getSalt();
     if (salt == null)
-      {
-        salt = new byte[0];
-      }
+      salt = new byte[0];
     attr.put(IPBE.SALT, salt);
     int ic = ((PBEKeySpec) spec).getIterationCount();
     if (ic <= 0)
-      {
-        ic = DEFAULT_ITERATION_COUNT;
-      }
-    attr.put(IPBE.ITERATION_COUNT, new Integer(ic));
+      ic = DEFAULT_ITERATION_COUNT;
+    attr.put(IPBE.ITERATION_COUNT, Integer.valueOf(ic));
     kdf.init(attr);
     int len = ((PBEKeySpec) spec).getKeyLength();
     if (len <= 0)
-      {
-        len = DEFAULT_KEY_LEN;
-      }
+      len = DEFAULT_KEY_LEN;
     byte[] dk = new byte[len];
     try
       {
@@ -113,7 +94,6 @@ public abstract class PBKDF2SecretKeyFactory extends SecretKeyFactorySpi
       {
         throw new IllegalArgumentException(lre.toString());
       }
-
     return new SecretKeySpec(dk, "PBKDF2");
   }
 
@@ -128,10 +108,8 @@ public abstract class PBKDF2SecretKeyFactory extends SecretKeyFactorySpi
     return new SecretKeySpec(key.getEncoded(), key.getAlgorithm());
   }
 
-  // Inner classes.
-  // ------------------------------------------------------------------------
-
-  public static class HMacHaval extends PBKDF2SecretKeyFactory
+  public static class HMacHaval
+      extends PBKDF2SecretKeyFactory
   {
     public HMacHaval()
     {
@@ -139,7 +117,8 @@ public abstract class PBKDF2SecretKeyFactory extends SecretKeyFactorySpi
     }
   }
 
-  public static class HMacMD2 extends PBKDF2SecretKeyFactory
+  public static class HMacMD2
+      extends PBKDF2SecretKeyFactory
   {
     public HMacMD2()
     {
@@ -147,7 +126,8 @@ public abstract class PBKDF2SecretKeyFactory extends SecretKeyFactorySpi
     }
   }
 
-  public static class HMacMD4 extends PBKDF2SecretKeyFactory
+  public static class HMacMD4
+      extends PBKDF2SecretKeyFactory
   {
     public HMacMD4()
     {
@@ -155,7 +135,8 @@ public abstract class PBKDF2SecretKeyFactory extends SecretKeyFactorySpi
     }
   }
 
-  public static class HMacMD5 extends PBKDF2SecretKeyFactory
+  public static class HMacMD5
+      extends PBKDF2SecretKeyFactory
   {
     public HMacMD5()
     {
@@ -163,7 +144,8 @@ public abstract class PBKDF2SecretKeyFactory extends SecretKeyFactorySpi
     }
   }
 
-  public static class HMacRipeMD128 extends PBKDF2SecretKeyFactory
+  public static class HMacRipeMD128
+      extends PBKDF2SecretKeyFactory
   {
     public HMacRipeMD128()
     {
@@ -171,7 +153,8 @@ public abstract class PBKDF2SecretKeyFactory extends SecretKeyFactorySpi
     }
   }
 
-  public static class HMacRipeMD160 extends PBKDF2SecretKeyFactory
+  public static class HMacRipeMD160
+      extends PBKDF2SecretKeyFactory
   {
     public HMacRipeMD160()
     {
@@ -179,7 +162,8 @@ public abstract class PBKDF2SecretKeyFactory extends SecretKeyFactorySpi
     }
   }
 
-  public static class HMacSHA1 extends PBKDF2SecretKeyFactory
+  public static class HMacSHA1
+      extends PBKDF2SecretKeyFactory
   {
     public HMacSHA1()
     {
@@ -187,7 +171,8 @@ public abstract class PBKDF2SecretKeyFactory extends SecretKeyFactorySpi
     }
   }
 
-  public static class HMacSHA256 extends PBKDF2SecretKeyFactory
+  public static class HMacSHA256
+      extends PBKDF2SecretKeyFactory
   {
     public HMacSHA256()
     {
@@ -195,7 +180,8 @@ public abstract class PBKDF2SecretKeyFactory extends SecretKeyFactorySpi
     }
   }
 
-  public static class HMacSHA384 extends PBKDF2SecretKeyFactory
+  public static class HMacSHA384
+      extends PBKDF2SecretKeyFactory
   {
     public HMacSHA384()
     {
@@ -203,7 +189,8 @@ public abstract class PBKDF2SecretKeyFactory extends SecretKeyFactorySpi
     }
   }
 
-  public static class HMacSHA512 extends PBKDF2SecretKeyFactory
+  public static class HMacSHA512
+      extends PBKDF2SecretKeyFactory
   {
     public HMacSHA512()
     {
@@ -211,7 +198,8 @@ public abstract class PBKDF2SecretKeyFactory extends SecretKeyFactorySpi
     }
   }
 
-  public static class HMacTiger extends PBKDF2SecretKeyFactory
+  public static class HMacTiger
+      extends PBKDF2SecretKeyFactory
   {
     public HMacTiger()
     {
@@ -219,11 +207,12 @@ public abstract class PBKDF2SecretKeyFactory extends SecretKeyFactorySpi
     }
   }
 
-  public static class HMacWhirlpool extends PBKDF2SecretKeyFactory
+  public static class HMacWhirlpool
+      extends PBKDF2SecretKeyFactory
   {
     public HMacWhirlpool()
     {
       super("HMAC-WHIRLPOOL");
     }
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/AES128KeyWrapSpi.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/AES128KeyWrapSpi.java
new file mode 100644
index 00000000000..14ce480ae6f
--- /dev/null
+++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/AES128KeyWrapSpi.java
@@ -0,0 +1,54 @@
+/* AESKeyWrapSpi.java -- AES (128-bit key) Key Wrapping Algorithm JCE Adapter
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.javax.crypto.jce.cipher;
+
+import gnu.java.security.Registry;
+
+/**
+ * The JCE Cipher Adapter implementation over the GNU AES Key Wrapping
+ * Algorithm with a 128-bit key-size.
+ */
+public final class AES128KeyWrapSpi
+    extends AESKeyWrapSpi
+{
+  public AES128KeyWrapSpi()
+  {
+    super(Registry.AES128_KWA, 128 / 8, Registry.ECB_MODE);
+  }
+}
diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/AES192KeyWrapSpi.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/AES192KeyWrapSpi.java
new file mode 100644
index 00000000000..784fc5a1516
--- /dev/null
+++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/AES192KeyWrapSpi.java
@@ -0,0 +1,54 @@
+/* AES192KeyWrapSpi.java -- AES (192-bit key) Key Wrapping Algorithm JCE Adapter
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.javax.crypto.jce.cipher;
+
+import gnu.java.security.Registry;
+
+/**
+ * The JCE Cipher Adapter implementation over the GNU AES Key Wrapping
+ * Algorithm with a 192-bit key-size.
+ */
+public final class AES192KeyWrapSpi
+    extends AESKeyWrapSpi
+{
+  public AES192KeyWrapSpi()
+  {
+    super(Registry.AES192_KWA, 192 / 8, Registry.ECB_MODE);
+  }
+}
diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/AES256KeyWrapSpi.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/AES256KeyWrapSpi.java
new file mode 100644
index 00000000000..dd7357b0e09
--- /dev/null
+++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/AES256KeyWrapSpi.java
@@ -0,0 +1,54 @@
+/* AES256KeyWrapSpi.java -- AES (256-bit key) Key Wrapping Algorithm JCE Adapter
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.javax.crypto.jce.cipher;
+
+import gnu.java.security.Registry;
+
+/**
+ * The JCE Cipher Adapter implementation over the GNU AES Key Wrapping
+ * Algorithm with a 256-bit key-size.
+ */
+public final class AES256KeyWrapSpi
+    extends AESKeyWrapSpi
+{
+  public AES256KeyWrapSpi()
+  {
+    super(Registry.AES256_KWA, 256 / 8, Registry.ECB_MODE);
+  }
+}
diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/AESKeyWrapSpi.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/AESKeyWrapSpi.java
new file mode 100644
index 00000000000..973f5890bb4
--- /dev/null
+++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/AESKeyWrapSpi.java
@@ -0,0 +1,88 @@
+/* AESKeyWrapSpi.java -- Common AES Key Wrapping Algorithm methods
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.javax.crypto.jce.cipher;
+
+/**
+ * Base abstract class to group common AES Key Wrapping Algorithm Adapter
+ * methods.
+ */
+abstract class AESKeyWrapSpi
+    extends KeyWrappingAlgorithmAdapter
+{
+  protected AESKeyWrapSpi(String name, int keySize, String supportedMode)
+  {
+    super(name, 16, keySize, supportedMode);
+  }
+
+  /**
+   * AES Key Wrapping algorithms operate on an 8-byte block; a block half the
+   * size of the AES block itself.
+   * <p>
+   * In wrapping, the number of 8-byte output blocks is ALWAYS one block longer
+   * than the input.
+   * 
+   * @param inputLength the size of the plain text.
+   * @return the size in bytes of <code>n + 1</code> 8-byte blocks where
+   * <code>n</code> is the smallest number of 8-byte blocks that contain the
+   * designated number of input bytes.
+   */
+  protected int getOutputSizeForWrap(int inputLength)
+  {
+    int n = (inputLength + 7) / 8;
+    return 8 * (n + 1);
+  }
+
+  /**
+   * AES Key Wrapping algorithms operate on an 8-byte block; a block half the
+   * size of the AES block itself.
+   * <p>
+   * In unwrapping, the number of 8-byte output blocks is ALWAYS one block
+   * shorter than the input.
+   * 
+   * @param inputLength the size of the cipher text.
+   * @return the size in bytes of <code>n - 1</code> 8-byte blocks where
+   * <code>n</code> is the smallest number of 8-byte blocks that contain the
+   * designated number of input bytes.
+   */
+  protected int getOutputSizeForUnwrap(int inputLength)
+  {
+    int n = (inputLength + 7) / 8;
+    return 8 * (n - 1);
+  }
+}
diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/AESSpi.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/AESSpi.java
index 33de6895613..1322e5e8a1a 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/cipher/AESSpi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/AESSpi.java
@@ -50,23 +50,17 @@ import java.security.spec.AlgorithmParameterSpec;
 import java.security.spec.InvalidParameterSpecException;
 
 /**
- * The implementation of the AES <i>Service Provider Interface</i>
- * (<b>SPI</b>) adapter.
+ * The implementation of the AES <i>Service Provider Interface</i> (<b>SPI</b>)
+ * adapter.
  */
-public final class AESSpi extends CipherAdapter
+public final class AESSpi
+    extends CipherAdapter
 {
-
-  // Constructors.
-  // -----------------------------------------------------------------------
-
   public AESSpi()
   {
     super(Registry.AES_CIPHER, 16);
   }
 
-  // Methods from CipherAdapter
-  // -----------------------------------------------------------------------
-
   protected void engineInit(int opmode, Key key, AlgorithmParameterSpec params,
                             SecureRandom random) throws InvalidKeyException,
       InvalidAlgorithmParameterException
@@ -74,10 +68,8 @@ public final class AESSpi extends CipherAdapter
     if (params instanceof BlockCipherParameterSpec)
       {
         if (((BlockCipherParameterSpec) params).getBlockSize() != 16)
-          {
-            throw new InvalidAlgorithmParameterException(
-                                                         "AES block size must be 16 bytes");
-          }
+          throw new InvalidAlgorithmParameterException(
+              "AES block size must be 16 bytes");
       }
     super.engineInit(opmode, key, params, random);
   }
@@ -90,9 +82,7 @@ public final class AESSpi extends CipherAdapter
     try
       {
         if (params != null)
-          {
-            spec = params.getParameterSpec(BlockCipherParameterSpec.class);
-          }
+          spec = params.getParameterSpec(BlockCipherParameterSpec.class);
       }
     catch (InvalidParameterSpecException ipse)
       {
diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/ARCFourSpi.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/ARCFourSpi.java
index 963fa1c0081..abcb486b59b 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/cipher/ARCFourSpi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/ARCFourSpi.java
@@ -62,29 +62,20 @@ import javax.crypto.NoSuchPaddingException;
 import javax.crypto.ShortBufferException;
 
 /**
- * The <i>Service Provider Interface</i> (<b>SPI</b>) for the ARCFOUR
- * stream cipher.
+ * The <i>Service Provider Interface</i> (<b>SPI</b>) for the ARCFOUR stream
+ * cipher.
  */
-public class ARCFourSpi extends CipherSpi
+public class ARCFourSpi
+    extends CipherSpi
 {
-
-  // Constants and variables.
-  // -----------------------------------------------------------------------
-
   private IRandom keystream;
 
-  // Constructors.
-  // -----------------------------------------------------------------------
-
   public ARCFourSpi()
   {
     super();
     keystream = PRNGFactory.getInstance(Registry.ARCFOUR_PRNG);
   }
 
-  // Methods implementing CipherSpi.
-  // -----------------------------------------------------------------------
-
   protected int engineGetBlockSize()
   {
     return 0; // stream cipher.
@@ -119,14 +110,10 @@ public class ARCFourSpi extends CipherSpi
       throws InvalidKeyException
   {
     if (mode != Cipher.ENCRYPT_MODE && mode != Cipher.DECRYPT_MODE)
-      {
-        throw new IllegalArgumentException(
-                                           "arcfour is for encryption or decryption only");
-      }
-    if (key == null || !key.getFormat().equalsIgnoreCase("RAW"))
-      {
-        throw new InvalidKeyException("key must be non-null raw bytes");
-      }
+      throw new IllegalArgumentException(
+          "arcfour is for encryption or decryption only");
+    if (key == null || ! key.getFormat().equalsIgnoreCase("RAW"))
+      throw new InvalidKeyException("key must be non-null raw bytes");
     HashMap attrib = new HashMap();
     attrib.put(ARCFour.ARCFOUR_KEY_MATERIAL, key.getEncoded());
     keystream.init(attrib);
@@ -149,16 +136,12 @@ public class ARCFourSpi extends CipherSpi
   protected byte[] engineUpdate(byte[] in, int offset, int length)
   {
     if (length < 0 || offset < 0 || length + offset > in.length)
-      {
-        throw new ArrayIndexOutOfBoundsException();
-      }
+      throw new ArrayIndexOutOfBoundsException();
     byte[] result = new byte[length];
     try
       {
         for (int i = 0; i < length; i++)
-          {
-            result[i] = (byte) (in[i + offset] ^ keystream.nextByte());
-          }
+          result[i] = (byte)(in[i + offset] ^ keystream.nextByte());
       }
     catch (LimitReachedException wontHappen)
       {
@@ -171,19 +154,13 @@ public class ARCFourSpi extends CipherSpi
   {
     if (length < 0 || inOffset < 0 || length + inOffset > in.length
         || outOffset < 0)
-      {
-        throw new ArrayIndexOutOfBoundsException();
-      }
+      throw new ArrayIndexOutOfBoundsException();
     if (outOffset + length > out.length)
-      {
-        throw new ShortBufferException();
-      }
+      throw new ShortBufferException();
     try
       {
         for (int i = 0; i < length; i++)
-          {
-            out[i + outOffset] = (byte) (in[i + inOffset] ^ keystream.nextByte());
-          }
+          out[i + outOffset] = (byte)(in[i + inOffset] ^ keystream.nextByte());
       }
     catch (LimitReachedException wontHappen)
       {
diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/AnubisSpi.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/AnubisSpi.java
index 0fca3b49104..e35e4e724ac 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/cipher/AnubisSpi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/AnubisSpi.java
@@ -44,12 +44,9 @@ import gnu.java.security.Registry;
  * The implementation of the Anubis <i>Service Provider Interface</i>
  * (<b>SPI</b>) adapter.
  */
-public final class AnubisSpi extends CipherAdapter
+public final class AnubisSpi
+    extends CipherAdapter
 {
-
-  // Constructors.
-  // --------------------------------------------------------------------
-
   public AnubisSpi()
   {
     super(Registry.ANUBIS_CIPHER);
diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/BlowfishSpi.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/BlowfishSpi.java
index d31d7e19390..fec200ca6c9 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/cipher/BlowfishSpi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/BlowfishSpi.java
@@ -44,12 +44,9 @@ import gnu.java.security.Registry;
  * The implementation of the Blowfish <i>Service Provider Interface</i>
  * (<b>SPI</b>) adapter.
  */
-public final class BlowfishSpi extends CipherAdapter
+public final class BlowfishSpi
+    extends CipherAdapter
 {
-
-  // Constructors.
-  // --------------------------------------------------------------------
-
   public BlowfishSpi()
   {
     super(Registry.BLOWFISH_CIPHER);
diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/Cast5Spi.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/Cast5Spi.java
index b1d4cf70374..bf080340001 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/cipher/Cast5Spi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/Cast5Spi.java
@@ -43,26 +43,12 @@ import gnu.java.security.Registry;
 /**
  * The implementation of the <code>CAST5</code> (a.k.a. CAST-128) <i>Service
  * Provider Interface</i> (<b>SPI</b>) Adapter.
- *
- * @version Revision: $
  */
-public class Cast5Spi extends CipherAdapter
+public class Cast5Spi
+    extends CipherAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public Cast5Spi()
   {
     super(Registry.CAST5_CIPHER);
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/CipherAdapter.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/CipherAdapter.java
index 5eaa31b779b..b7cd755f5b4 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/cipher/CipherAdapter.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/CipherAdapter.java
@@ -38,8 +38,9 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.jce.cipher;
 
-import gnu.javax.crypto.cipher.IBlockCipher;
+import gnu.java.security.Registry;
 import gnu.javax.crypto.cipher.CipherFactory;
+import gnu.javax.crypto.cipher.IBlockCipher;
 import gnu.javax.crypto.jce.spec.BlockCipherParameterSpec;
 import gnu.javax.crypto.mode.IMode;
 import gnu.javax.crypto.mode.ModeFactory;
@@ -56,6 +57,7 @@ import java.security.SecureRandom;
 import java.security.spec.AlgorithmParameterSpec;
 import java.security.spec.InvalidParameterSpecException;
 import java.util.HashMap;
+import java.util.Iterator;
 import java.util.Map;
 
 import javax.crypto.BadPaddingException;
@@ -67,61 +69,48 @@ import javax.crypto.ShortBufferException;
 import javax.crypto.spec.IvParameterSpec;
 
 /**
- * <p>The implementation of a generic {@link Cipher} <i>Adapter</i> class to
- * wrap GNU Crypto cipher instances.</p>
- *
- * <p>This class defines the <i>Service Provider Interface</i> (<b>SPI</b>) for
+ * The implementation of a generic {@link Cipher} <i>Adapter</i> class to wrap
+ * GNU cipher instances.
+ * <p>
+ * This class defines the <i>Service Provider Interface</i> (<b>SPI</b>) for
  * the {@link Cipher} class, which provides the functionality of symmetric-key
- * block ciphers, such as the AES.<p>
- *
- * <p>This base class defines all of the abstract methods in {@link CipherSpi},
+ * block ciphers, such as the AES.
+ * <p>
+ * This base class defines all of the abstract methods in {@link CipherSpi},
  * but does not define the (non-abstract) key wrapping functions that extended
  * the base cipher SPI, and these methods thus immediately throw an
  * {@link UnsupportedOperationException}. If a cipher implementation provides
  * this functionality, or if it in fact accepts parameters other than the key
  * and the initialization vector, the subclass should override those methods.
  * Otherwise a subclass need only call the {@link #CipherAdapter(String)}
- * constructor with the name of the cipher.</p>
+ * constructor with the name of the cipher.
  */
-class CipherAdapter extends CipherSpi
+class CipherAdapter
+    extends CipherSpi
 {
-
-  // Constants and variables.
-  // -------------------------------------------------------------------------
-
   /** Our cipher instance. */
   protected IBlockCipher cipher;
-
   /** Our mode instance. */
   protected IMode mode;
-
   /** Our padding instance. */
   protected IPad pad;
-
   /** The current key size. */
   protected int keyLen;
-
   /** Our attributes map. */
   protected Map attributes;
-
   /** An incomplete block. */
   protected byte[] partBlock;
-
   /** The number of bytes in {@link #partBlock}. */
   protected int partLen;
-
   /** The length of blocks we are processing. */
   protected int blockLen;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Protected constructor to be called by subclasses. The cipher name
-   * argument should be the appropriate one listed in {@link gnu.crypto.Registry}.
-   * The basic cipher instance is created, along with an instance of the
-   * {@link gnu.crypto.mode.ECB} mode and no padding.</p>
-   *
+   * Protected constructor to be called by subclasses. The cipher name argument
+   * should be the appropriate one listed in {@link Registry}. The basic cipher
+   * instance is created, along with an instance of the
+   * {@link gnu.javax.crypto.mode.ECB} mode and no padding.
+   * 
    * @param cipherName The cipher to instantiate.
    * @param blockLen The block length to use.
    */
@@ -131,12 +120,12 @@ class CipherAdapter extends CipherSpi
     attributes = new HashMap();
     this.blockLen = blockLen;
     mode = ModeFactory.getInstance("ECB", cipher, blockLen);
-    attributes.put(IBlockCipher.CIPHER_BLOCK_SIZE, new Integer(blockLen));
+    attributes.put(IBlockCipher.CIPHER_BLOCK_SIZE, Integer.valueOf(blockLen));
   }
 
   /**
-   * <p>Creates a new cipher adapter with the default block size.</p>
-   *
+   * Creates a new cipher adapter with the default block size.
+   * 
    * @param cipherName The cipher to instantiate.
    */
   protected CipherAdapter(String cipherName)
@@ -145,12 +134,9 @@ class CipherAdapter extends CipherSpi
     blockLen = cipher.defaultBlockSize();
     attributes = new HashMap();
     mode = ModeFactory.getInstance("ECB", cipher, blockLen);
-    attributes.put(IBlockCipher.CIPHER_BLOCK_SIZE, new Integer(blockLen));
+    attributes.put(IBlockCipher.CIPHER_BLOCK_SIZE, Integer.valueOf(blockLen));
   }
 
-  // Instance methods implementing javax.crypto.CipherSpi.
-  // -------------------------------------------------------------------------
-
   protected void engineSetMode(String modeName) throws NoSuchAlgorithmException
   {
     if (modeName.length() >= 3
@@ -161,7 +147,7 @@ class CipherAdapter extends CipherSpi
             try
               {
                 int bs = Integer.parseInt(modeName.substring(3));
-                attributes.put(IMode.MODE_BLOCK_SIZE, new Integer(bs / 8));
+                attributes.put(IMode.MODE_BLOCK_SIZE, Integer.valueOf(bs / 8));
               }
             catch (NumberFormatException nfe)
               {
@@ -171,14 +157,10 @@ class CipherAdapter extends CipherSpi
           }
       }
     else
-      {
-        attributes.remove(IMode.MODE_BLOCK_SIZE);
-      }
+      attributes.remove(IMode.MODE_BLOCK_SIZE);
     mode = ModeFactory.getInstance(modeName, cipher, blockLen);
     if (mode == null)
-      {
-        throw new NoSuchAlgorithmException(modeName);
-      }
+      throw new NoSuchAlgorithmException(modeName);
   }
 
   protected void engineSetPadding(String padName) throws NoSuchPaddingException
@@ -190,17 +172,13 @@ class CipherAdapter extends CipherSpi
       }
     pad = PadFactory.getInstance(padName);
     if (pad == null)
-      {
-        throw new NoSuchPaddingException(padName);
-      }
+      throw new NoSuchPaddingException(padName);
   }
 
   protected int engineGetBlockSize()
   {
     if (cipher != null)
-      {
-        return blockLen;
-      }
+      return blockLen;
     return 0;
   }
 
@@ -214,17 +192,16 @@ class CipherAdapter extends CipherSpi
   {
     byte[] iv = (byte[]) attributes.get(IMode.IV);
     if (iv == null)
-      {
-        return null;
-      }
+      return null;
     return (byte[]) iv.clone();
   }
 
   protected AlgorithmParameters engineGetParameters()
   {
-    BlockCipherParameterSpec spec = new BlockCipherParameterSpec(
-                                                                 (byte[]) attributes.get(IMode.IV),
-                                                                 cipher.currentBlockSize(),
+    byte[] iv = (byte[]) attributes.get(IMode.IV);
+    int cipherBlockSize = cipher.currentBlockSize();
+    BlockCipherParameterSpec spec = new BlockCipherParameterSpec(iv,
+                                                                 cipherBlockSize,
                                                                  keyLen);
     AlgorithmParameters params;
     try
@@ -246,25 +223,75 @@ class CipherAdapter extends CipherSpi
   protected void engineInit(int opmode, Key key, SecureRandom random)
       throws InvalidKeyException
   {
+    try
+      {
+        engineInit(opmode, key, (AlgorithmParameterSpec) null, random);
+      }
+    catch (InvalidAlgorithmParameterException e)
+      {
+        throw new InvalidKeyException(e.getMessage(), e);
+      }
+  }
+
+  /**
+   * Executes initialization logic after all parameters have been handled by the
+   * engineInit()s.
+   * 
+   * @param opmode the desired mode of operation for this instance.
+   * @param key the key material to use for initialization.
+   * @param random a source of randmoness to use if/when needed.
+   * @throws InvalidKeyException if <code>key</code> is invalid or the cipher
+   *           needs extra parameters which can not be derived from
+   *           <code>key</code>; e.g. an IV.
+   */
+  private void engineInitHandler(int opmode, Key key, SecureRandom random)
+      throws InvalidKeyException
+  {
     switch (opmode)
       {
       case Cipher.ENCRYPT_MODE:
-        attributes.put(IMode.STATE, new Integer(IMode.ENCRYPTION));
+        attributes.put(IMode.STATE, Integer.valueOf(IMode.ENCRYPTION));
         break;
       case Cipher.DECRYPT_MODE:
-        attributes.put(IMode.STATE, new Integer(IMode.DECRYPTION));
+        attributes.put(IMode.STATE, Integer.valueOf(IMode.DECRYPTION));
         break;
       }
-    if (!key.getFormat().equalsIgnoreCase("RAW"))
-      {
-        throw new InvalidKeyException("bad key format " + key.getFormat());
-      }
+    if (! key.getFormat().equalsIgnoreCase("RAW"))
+      throw new InvalidKeyException("bad key format " + key.getFormat());
     byte[] kb = key.getEncoded();
+    int kbLength = kb.length;
     if (keyLen == 0)
       {
-        keyLen = kb.length;
+        // no key-size given; instead key-material is provided in kb --which
+        // can be more than what we need.  if we don't cull this down to what
+        // the cipher likes/wants we may get an InvalidKeyException.
+        //
+        // try to find the largest key-size value that is less than or equal
+        // to kbLength
+        for (Iterator it = cipher.keySizes(); it.hasNext();)
+          {
+            int aKeySize = ((Integer) it.next()).intValue();
+            if (aKeySize == kbLength)
+              {
+                keyLen = aKeySize;
+                break;
+              }
+            else if (aKeySize < kbLength)
+              keyLen = aKeySize;
+            else // all remaining key-sizes are longer than kb.length
+              break;
+          }
       }
-    else if (keyLen < kb.length)
+    if (keyLen == 0)
+      {
+        // we were unable to find a key-size, among those advertised by the
+        // cipher, that is less than or equal to the length of the kb array.
+        // set keyLen to kbLength.  either the cipher implementation will throw
+        // an InvalidKeyException, or it is implemented in a way which can deal
+        // with an unsupported key-size. 
+        keyLen = kbLength;
+      }
+    if (keyLen < kbLength)
       {
         byte[] kbb = kb;
         kb = new byte[keyLen];
@@ -280,31 +307,54 @@ class CipherAdapter extends CipherSpi
   {
     if (params == null)
       {
-        byte[] iv = new byte[blockLen];
-        random.nextBytes(iv);
-        attributes.put(IMode.IV, iv);
+        // All cipher modes require parameters (like an IV) except ECB. When
+        // these cant be derived from the given key then it must be generated
+        // randomly if in ENCRYPT or WRAP mode. Parameters that have defaults
+        // for our cipher must be set to these defaults.
+        if (! mode.name().toLowerCase().startsWith(Registry.ECB_MODE + "("))
+          {
+            switch (opmode)
+              {
+              case Cipher.ENCRYPT_MODE:
+              case Cipher.WRAP_MODE:
+                byte[] iv = new byte[blockLen];
+                random.nextBytes(iv);
+                attributes.put(IMode.IV, iv);
+                break;
+              default:
+                throw new InvalidAlgorithmParameterException(
+                    "Required algorithm parameters are missing for mode: "
+                    + mode.name());
+              }
+          }
+        // Add default for block length etc.
         blockLen = cipher.defaultBlockSize();
-        attributes.put(IBlockCipher.CIPHER_BLOCK_SIZE, new Integer(blockLen));
+        attributes.put(IBlockCipher.CIPHER_BLOCK_SIZE,
+                       Integer.valueOf(blockLen));
         keyLen = 0;
       }
     else if (params instanceof BlockCipherParameterSpec)
       {
-        attributes.put(
-                       IBlockCipher.CIPHER_BLOCK_SIZE,
-                       new Integer(
-                                   ((BlockCipherParameterSpec) params).getBlockSize()));
-        attributes.put(IMode.IV, ((BlockCipherParameterSpec) params).getIV());
-        keyLen = ((BlockCipherParameterSpec) params).getKeySize();
-        blockLen = ((BlockCipherParameterSpec) params).getBlockSize();
+        BlockCipherParameterSpec bcps = (BlockCipherParameterSpec) params;
+        blockLen = bcps.getBlockSize();
+        attributes.put(IBlockCipher.CIPHER_BLOCK_SIZE, Integer.valueOf(blockLen));
+        attributes.put(IMode.IV, bcps.getIV());
+        keyLen = bcps.getKeySize();
       }
     else if (params instanceof IvParameterSpec)
       {
+        // The size of the IV must match the block size
+        if (((IvParameterSpec) params).getIV().length != cipher.defaultBlockSize())
+          {
+            throw new InvalidAlgorithmParameterException();
+          }
+        
         attributes.put(IMode.IV, ((IvParameterSpec) params).getIV());
         blockLen = cipher.defaultBlockSize();
-        attributes.put(IBlockCipher.CIPHER_BLOCK_SIZE, new Integer(blockLen));
+        attributes.put(IBlockCipher.CIPHER_BLOCK_SIZE, Integer.valueOf(blockLen));
         keyLen = 0;
       }
-    engineInit(opmode, key, random);
+    engineInitHandler(opmode, key, random);
   }
 
   protected void engineInit(int opmode, Key key, AlgorithmParameters params,
@@ -315,9 +365,7 @@ class CipherAdapter extends CipherSpi
     try
       {
         if (params != null)
-          {
-            spec = params.getParameterSpec(BlockCipherParameterSpec.class);
-          }
+          spec = params.getParameterSpec(BlockCipherParameterSpec.class);
       }
     catch (InvalidParameterSpecException ignored)
       {
@@ -334,91 +382,50 @@ class CipherAdapter extends CipherSpi
       {
         engineUpdate(input, off, len, out, 0);
       }
-    catch (ShortBufferException x)
-      { // should not happen
+    catch (ShortBufferException x) // should not happen
+      {
         x.printStackTrace(System.err);
       }
     return out;
   }
 
-  //   protected int
-  //   engineUpdate(byte[] in, int inOff, int inLen, byte[] out, int outOff)
-  //   throws ShortBufferException
-  //   {
-  //      int blockSize = mode.currentBlockSize();
-  //      int count = (partLen + inLen) / blockSize;
-  //      if (count * blockSize > out.length - outOff) {
-  //         throw new ShortBufferException();
-  //      }
-  //      byte[] buf;
-  //      if (partLen > 0 && count > 0) {
-  //         buf = new byte[partLen + inLen];
-  //         System.arraycopy(partBlock, 0, buf, 0, partLen);
-  //         if (in != null && inLen > 0) {
-  //            System.arraycopy(in, inOff, buf, partLen, inLen);
-  //         }
-  //         partLen = 0;
-  //         inOff = 0;
-  //      } else {
-  //         buf = in;
-  //      }
-  //      for (int i = 0; i < count; i++) {
-  //         mode.update(buf, i * blockSize + inOff, out, i * blockSize + outOff);
-  //      }
-  //      if (inOff + inLen > count * blockSize) {
-  //         partLen = (inOff + inLen) - (count * blockSize);
-  //         System.arraycopy(in, count * blockSize, partBlock, 0, partLen);
-  //      }
-  //      return count * blockSize;
-  //   }
-
   protected int engineUpdate(byte[] in, int inOff, int inLen, byte[] out,
                              int outOff) throws ShortBufferException
   {
-    if (inLen == 0)
-      { // nothing to process
-        return 0;
-      }
+    if (inLen == 0) // nothing to process
+      return 0;
     final int blockSize = mode.currentBlockSize();
     final int blockCount = (partLen + inLen) / blockSize;
     final int result = blockCount * blockSize;
     if (result > out.length - outOff)
+      throw new ShortBufferException();
+    if (blockCount == 0) // not enough bytes for even 1 block
       {
-        throw new ShortBufferException();
-      }
-    if (blockCount == 0)
-      { // not enough bytes for even 1 block
         System.arraycopy(in, inOff, partBlock, partLen, inLen);
         partLen += inLen;
         return 0;
       }
     final byte[] buf;
     // we have enough bytes for at least 1 block
-    if (partLen == 0)
-      { // if no cached bytes use input
-        buf = in;
-      }
-    else
-      { // prefix input with cached bytes
+    if (partLen == 0) // if no cached bytes use input
+      buf = in;
+    else // prefix input with cached bytes
+      {
         buf = new byte[partLen + inLen];
         System.arraycopy(partBlock, 0, buf, 0, partLen);
         if (in != null && inLen > 0)
-          {
-            System.arraycopy(in, inOff, buf, partLen, inLen);
-          }
+          System.arraycopy(in, inOff, buf, partLen, inLen);
         inOff = 0;
       }
-    for (int i = 0; i < blockCount; i++)
-      { // update blockCount * blockSize
+    for (int i = 0; i < blockCount; i++) // update blockCount * blockSize
+      {
         mode.update(buf, inOff, out, outOff);
         inOff += blockSize;
         outOff += blockSize;
       }
     partLen += inLen - result;
-    if (partLen > 0)
-      { // cache remaining bytes from buf
-        System.arraycopy(buf, inOff, partBlock, 0, partLen);
-      }
+    if (partLen > 0) // cache remaining bytes from buf
+      System.arraycopy(buf, inOff, partBlock, 0, partLen);
     return result;
   }
 
@@ -458,9 +465,7 @@ class CipherAdapter extends CipherSpi
     else
       {
         if (partLen > 0)
-          {
-            throw new IllegalBlockSizeException(partLen + " trailing bytes");
-          }
+          throw new IllegalBlockSizeException(partLen + " trailing bytes");
         result = buf;
       }
 
@@ -483,9 +488,7 @@ class CipherAdapter extends CipherSpi
   {
     byte[] buf = engineDoFinal(in, inOff, inLen);
     if (out.length + outOff < buf.length)
-      {
-        throw new ShortBufferException();
-      }
+      throw new ShortBufferException();
     System.arraycopy(buf, 0, out, outOff, buf.length);
     return buf.length;
   }
diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/DESSpi.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/DESSpi.java
index ff86071c4ee..21f62b4f046 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/cipher/DESSpi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/DESSpi.java
@@ -41,15 +41,12 @@ package gnu.javax.crypto.jce.cipher;
 import gnu.java.security.Registry;
 
 /**
- * The implementation of the DES <i>Service Provider Interface</i>
- * (<b>SPI</b>) adapter.
+ * The implementation of the DES <i>Service Provider Interface</i> (<b>SPI</b>)
+ * adapter.
  */
-public final class DESSpi extends CipherAdapter
+public final class DESSpi
+    extends CipherAdapter
 {
-
-  // Constructors.
-  // --------------------------------------------------------------------
-
   public DESSpi()
   {
     super(Registry.DES_CIPHER);
diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/KeyWrappingAlgorithmAdapter.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/KeyWrappingAlgorithmAdapter.java
new file mode 100644
index 00000000000..03356a236f7
--- /dev/null
+++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/KeyWrappingAlgorithmAdapter.java
@@ -0,0 +1,423 @@
+/* KeyWrappingAlgorithmAdapter.java -- Base Adapter for Key Wrapping algorithms
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.javax.crypto.jce.cipher;
+
+import gnu.java.security.Configuration;
+import gnu.java.security.Registry;
+import gnu.javax.crypto.jce.spec.BlockCipherParameterSpec;
+import gnu.javax.crypto.kwa.IKeyWrappingAlgorithm;
+import gnu.javax.crypto.kwa.KeyUnwrappingException;
+import gnu.javax.crypto.kwa.KeyWrappingAlgorithmFactory;
+
+import java.security.AlgorithmParameters;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.Key;
+import java.security.KeyFactory;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.security.spec.AlgorithmParameterSpec;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.InvalidParameterSpecException;
+import java.security.spec.X509EncodedKeySpec;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.logging.Logger;
+
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.CipherSpi;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.ShortBufferException;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+
+/**
+ * An abstract base class to facilitate implementations of JCE Adapters for
+ * symmetric key block ciphers capable of providing key-wrapping functionality.
+ */
+abstract class KeyWrappingAlgorithmAdapter
+    extends CipherSpi
+{
+  private static final Logger log = Logger.getLogger(KeyWrappingAlgorithmAdapter.class.getName());
+  /** JCE canonical name of a null-padder. */
+  private static final String NO_PADDING = "nopadding";
+  /** Concrete Key Wrapping Algorithm SPI. */
+  protected IKeyWrappingAlgorithm kwAlgorithm;
+  /** Size in bytes of the padding block to be provided by external padders. */
+  protected int kwaBlockSize;
+  /** KEK size in bytes. */
+  protected int kwaKeySize;
+  /** Name of the supported mode. */
+  protected String supportedMode;
+  /** Operational mode in which this instance was initialised. */
+  protected int opmode = -1;
+  /** Initialisation Vector if/when user wants to override default one. */
+  byte[] iv;
+
+  /**
+   * Creates a new JCE Adapter for the designated Key Wrapping Algorithm name.
+   * 
+   * @param name the canonical name of the key-wrapping algorithm.
+   * @param blockSize the block size in bytes of the underlying symmetric-key
+   *          block cipher algorithm.
+   * @param keySize the allowed size in bytes of the KEK bytes to initialise the
+   *          underlying symmetric-key block cipher algorithm with.
+   * @param supportedMode canonical name of the block mode the underlying cipher
+   *          is supporting.
+   */
+  protected KeyWrappingAlgorithmAdapter(String name, int blockSize, int keySize,
+                                        String supportedMode)
+  {
+    super();
+
+    this.kwAlgorithm = KeyWrappingAlgorithmFactory.getInstance(name);
+    this.kwaBlockSize = blockSize;
+    this.kwaKeySize = keySize;
+    this.supportedMode = supportedMode;
+  }
+
+  /**
+   * Wraps the encoded form of a designated {@link Key}.
+   * 
+   * @param key the key-material to wrap.
+   * @return the wrapped key.
+   * @throws InvalidKeyException If the key cannot be wrapped.
+   */
+  protected byte[] engineWrap(Key key)
+      throws InvalidKeyException, IllegalBlockSizeException
+  {
+    byte[] keyMaterial = key.getEncoded();
+    byte[] result = kwAlgorithm.wrap(keyMaterial, 0, keyMaterial.length);
+    return result;
+  }
+
+  /**
+   * Unwraps a previously-wrapped key-material.
+   * 
+   * @param wrappedKey the wrapped key-material to unwrap.
+   * @param wrappedKeyAlgorithm the canonical name of the algorithm, which the
+   *          unwrapped key-material represents. This name is used to
+   *          instantiate a concrete instance of a {@link Key} for that
+   *          algorithm. For example, if the value of this parameter is
+   *          <code>DSS</code> and the type (the next parameter) is
+   *          {@link Cipher#PUBLIC_KEY} then an attempt to construct a concrete
+   *          instance of a {@link java.security.interfaces.DSAPublicKey},
+   *          using the unwrapped key material, shall be made.
+   * @param wrappedKeyType the type of wrapped key-material. MUST be one of
+   *          {@link Cipher#PRIVATE_KEY}, {@link Cipher#PUBLIC_KEY}, or
+   *          {@link Cipher#SECRET_KEY}.
+   * @return the unwrapped key-material as an instance of {@link Key} or one of
+   *         its subclasses.
+   * @throws InvalidKeyException If the key cannot be unwrapped, or if
+   *           <code>wrappedKeyType</code> is an inappropriate type for the
+   *           unwrapped key.
+   * @throws NoSuchAlgorithmException If the <code>wrappedKeyAlgorithm</code>
+   *           is unknown to every currently installed Security Provider.
+   */
+  protected Key engineUnwrap(byte[] wrappedKey, String wrappedKeyAlgorithm,
+                             int wrappedKeyType)
+      throws InvalidKeyException, NoSuchAlgorithmException
+  {
+    byte[] keyBytes;
+    try
+      {
+        keyBytes = kwAlgorithm.unwrap(wrappedKey, 0, wrappedKey.length);
+      }
+    catch (KeyUnwrappingException x)
+      {
+        InvalidKeyException y = new InvalidKeyException("engineUnwrap()");
+        y.initCause(x);
+        throw y;
+      }
+    Key result;
+    switch (wrappedKeyType)
+      {
+      case Cipher.SECRET_KEY:
+        result = new SecretKeySpec(keyBytes, wrappedKeyAlgorithm);
+        break;
+      case Cipher.PRIVATE_KEY:
+      case Cipher.PUBLIC_KEY:
+        X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);
+        KeyFactory keyFactory = KeyFactory.getInstance(wrappedKeyAlgorithm);
+        try
+          {
+            if (wrappedKeyType == Cipher.PRIVATE_KEY)
+              result = keyFactory.generatePrivate(keySpec);
+            else
+              result = keyFactory.generatePublic(keySpec);
+          }
+        catch (InvalidKeySpecException x)
+          {
+            InvalidKeyException y = new InvalidKeyException("engineUnwrap()");
+            y.initCause(x);
+            throw y;
+          }
+        break;
+      default:
+        IllegalArgumentException x = new IllegalArgumentException("Invalid 'wrappedKeyType': "
+                                                                  + wrappedKeyType);
+        InvalidKeyException y = new InvalidKeyException("engineUnwrap()");
+        y.initCause(x);
+        throw y;
+      }
+    return result;
+  }
+
+  protected int engineGetBlockSize()
+  {
+    return kwaBlockSize;
+  }
+
+  protected byte[] engineGetIV()
+  {
+    return iv == null ? null : (byte[]) iv.clone();
+  }
+
+  protected int engineGetOutputSize(int inputLength)
+  {
+    switch (opmode)
+    {
+      case Cipher.WRAP_MODE:
+        return getOutputSizeForWrap(inputLength);
+      case Cipher.UNWRAP_MODE:
+        return getOutputSizeForUnwrap(inputLength);
+      default:
+        throw new IllegalStateException();
+    }
+  }
+
+  protected AlgorithmParameters engineGetParameters()
+  {
+    BlockCipherParameterSpec spec = new BlockCipherParameterSpec(iv,
+                                                                 kwaBlockSize,
+                                                                 kwaKeySize);
+    AlgorithmParameters result = null;
+    try
+      {
+        result = AlgorithmParameters.getInstance("BlockCipherParameters");
+        result.init(spec);
+      }
+    catch (NoSuchAlgorithmException x)
+      {
+        if (Configuration.DEBUG)
+          log.fine("Unable to find BlockCipherParameters. Return null");
+      }
+    catch (InvalidParameterSpecException x)
+      {
+        if (Configuration.DEBUG)
+          log.fine("Unable to initialise BlockCipherParameters. Return null");
+      }
+    return result;
+  }
+
+  protected void engineInit(int opmode, Key key, SecureRandom random)
+      throws InvalidKeyException
+  {
+    checkOpMode(opmode);
+    byte[] kekBytes = checkAndGetKekBytes(key);
+    initAlgorithm(opmode, kekBytes, null, random);
+  }
+
+  protected void engineInit(int opmode, Key key, AlgorithmParameters params,
+                            SecureRandom random)
+      throws InvalidAlgorithmParameterException, InvalidKeyException
+  {
+    AlgorithmParameterSpec spec = null;
+    try
+      {
+        if (params != null)
+          spec = params.getParameterSpec(BlockCipherParameterSpec.class);
+      }
+    catch (InvalidParameterSpecException x)
+      {
+        if (Configuration.DEBUG)
+          log.fine("Unable to translate algorithm parameters into an instance "
+                   + "of BlockCipherParameterSpec. Discard");
+      }
+    engineInit(opmode, key, spec, random);
+  }
+
+  protected void engineInit(int opmode, Key key, AlgorithmParameterSpec params,
+                            SecureRandom random)
+      throws InvalidAlgorithmParameterException, InvalidKeyException
+  {
+    checkOpMode(opmode);
+    byte[] kekBytes = checkAndGetKekBytes(key);
+    byte[] ivBytes = null;
+    if (params instanceof BlockCipherParameterSpec)
+      ivBytes = ((BlockCipherParameterSpec) params).getIV();
+    else if (params instanceof IvParameterSpec)
+      ivBytes = ((IvParameterSpec) params).getIV();
+    
+    initAlgorithm(opmode, kekBytes, ivBytes, random);
+  }
+
+  protected void engineSetMode(String mode) throws NoSuchAlgorithmException
+  {
+    if (! supportedMode.equalsIgnoreCase(mode))
+      throw new UnsupportedOperationException("Only " + supportedMode
+                                              + " is supported");
+  }
+
+  /**
+   * NoPadding is the only padding algorithm supported by Key Wrapping Algorithm
+   * implementations in RI.
+   */
+  protected void engineSetPadding(String padding) throws NoSuchPaddingException
+  {
+    if (! NO_PADDING.equalsIgnoreCase(padding))
+      throw new UnsupportedOperationException("Only NoPadding is supported");
+  }
+
+  protected byte[] engineUpdate(byte[] input, int inputOffset, int inputLength)
+  {
+    throw new UnsupportedOperationException();
+  }
+
+  protected int engineUpdate(byte[] input, int inputOffset, int inputLength,
+                             byte[] output, int outputOffset)
+      throws ShortBufferException
+  {
+    throw new UnsupportedOperationException();
+  }
+
+  protected byte[] engineDoFinal(byte[] input, int inputOffset, int inputLength)
+      throws IllegalBlockSizeException, BadPaddingException
+  {
+    throw new UnsupportedOperationException();
+  }
+
+  protected int engineDoFinal(byte[] input, int inputOffset, int inputLength,
+                              byte[] output, int outputOffset)
+      throws IllegalBlockSizeException, BadPaddingException, ShortBufferException
+  {
+    throw new UnsupportedOperationException();
+  }
+
+  /**
+   * Return the minimum size in bytes of a place holder large enough to receive
+   * the cipher text resulting from a wrap method with the designated size of
+   * the plain text.
+   * <p>
+   * This default implementation ALWAYS returns the smallest multiple of the
+   * <code>kwaBlockSize</code> --passed to this method through its
+   * constructor-- greater than or equal to the designated
+   * <code>inputLength</code>.
+   * 
+   * @param inputLength the size of a plain text.
+   * @return an estimate of the size, in bytes, of the place holder to receive
+   * the resulting bytes of a wrap method.
+   */
+  protected int getOutputSizeForWrap(int inputLength)
+  {
+    return kwaBlockSize * (inputLength + kwaBlockSize - 1) / kwaBlockSize;
+  }
+
+  /**
+   * Return the minimum size in bytes of a place holder large enough to receive
+   * the plain text resulting from an unwrap method with the designated size of
+   * the cipher text.
+   * <p>
+   * This default implementation ALWAYS returns the smallest multiple of the
+   * <code>paddingBlockSize</code> --passed to this method through its
+   * constructor-- greater than or equal to the designated
+   * <code>inputLength</code>.
+   * 
+   * @param inputLength the size of a cipher text.
+   * @return an estimate of the size, in bytes, of the place holder to receive
+   *         the resulting bytes of an uwrap method.
+   */
+  protected int getOutputSizeForUnwrap(int inputLength)
+  {
+    return kwaBlockSize * (inputLength + kwaBlockSize - 1) / kwaBlockSize;
+  }
+
+  private void checkOpMode(int opmode)
+  {
+    switch (opmode)
+    {
+      case Cipher.WRAP_MODE:
+      case Cipher.UNWRAP_MODE:
+        return;
+    }
+    throw new IllegalArgumentException("Unsupported operational mode: " + opmode);
+  }
+
+  /**
+   * Returns the key bytes, iff it was in RAW format.
+   * 
+   * @param key the opaque JCE secret key to use as the KEK.
+   * @return the bytes of the encoded form of the designated kek, iff it was in
+   *         RAW format.
+   * @throws InvalidKeyException if the designated key is not in the RAW format.
+   */
+  private byte[] checkAndGetKekBytes(Key key) throws InvalidKeyException
+  {
+    if (! Registry.RAW_ENCODING_SHORT_NAME.equalsIgnoreCase(key.getFormat()))
+      throw new InvalidKeyException("Only RAW key format is supported");
+    byte[] result = key.getEncoded();
+    int kekSize = result.length;
+    if (kekSize != kwaKeySize)
+      throw new InvalidKeyException("Invalid key material size. Expected "
+                                    + kwaKeySize + " but found " + kekSize);
+    return result;
+  }
+
+  private void initAlgorithm(int opmode, byte[] kek, byte[] ivBytes,
+                             SecureRandom rnd)
+      throws InvalidKeyException
+  {
+    this.opmode = opmode;
+    Map attributes = new HashMap();
+    attributes.put(IKeyWrappingAlgorithm.KEY_ENCRYPTION_KEY_MATERIAL, kek);
+    if (ivBytes != null)
+      {
+        this.iv = (byte[]) ivBytes.clone();
+        attributes.put(IKeyWrappingAlgorithm.INITIAL_VALUE, this.iv);
+      }
+    else
+      this.iv = null;
+    if (rnd != null)
+      attributes.put(IKeyWrappingAlgorithm.SOURCE_OF_RANDOMNESS, rnd);
+
+    kwAlgorithm.init(attributes);
+  }
+}
diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/KhazadSpi.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/KhazadSpi.java
index 397c27d2ed7..6e744a2f2d9 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/cipher/KhazadSpi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/KhazadSpi.java
@@ -44,12 +44,9 @@ import gnu.java.security.Registry;
  * The implementation of the Khazad <i>Service Provider Interface</i>
  * (<b>SPI</b>) adapter.
  */
-public final class KhazadSpi extends CipherAdapter
+public final class KhazadSpi
+    extends CipherAdapter
 {
-
-  // Constructors.
-  // --------------------------------------------------------------------
-
   public KhazadSpi()
   {
     super(Registry.KHAZAD_CIPHER);
diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/NullCipherSpi.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/NullCipherSpi.java
index e6d78ef393e..e50e00c8eae 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/cipher/NullCipherSpi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/NullCipherSpi.java
@@ -44,12 +44,9 @@ import gnu.java.security.Registry;
  * The implementation of the Null cipher <i>Service Provider Interface</i>
  * (<b>SPI</b>) adapter.
  */
-public final class NullCipherSpi extends CipherAdapter
+public final class NullCipherSpi
+    extends CipherAdapter
 {
-
-  // Constructors.
-  // -----------------------------------------------------------------------
-
   public NullCipherSpi()
   {
     super(Registry.NULL_CIPHER);
diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/PBES2.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/PBES2.java
index 9889ab9fc86..26a6a2c2db9 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/cipher/PBES2.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/PBES2.java
@@ -55,20 +55,13 @@ import javax.crypto.interfaces.PBEKey;
 import javax.crypto.spec.SecretKeySpec;
 
 /**
- * <p>.</p>
  */
-public abstract class PBES2 extends CipherAdapter
+public abstract class PBES2
+    extends CipherAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** The HMac (PRF) algorithm name. */
   protected String macName;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   protected PBES2(String cipherName, int blockLen, String macName)
   {
     super(cipherName, blockLen);
@@ -81,15 +74,11 @@ public abstract class PBES2 extends CipherAdapter
     this.macName = macName;
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   protected void engineInit(int opmode, Key key, SecureRandom random)
       throws InvalidKeyException
   {
-    if (!(key instanceof PBEKey))
+    if (! (key instanceof PBEKey))
       throw new InvalidKeyException("not a PBE key");
-
     super.engineInit(opmode, genkey((PBEKey) key), random);
   }
 
@@ -97,9 +86,8 @@ public abstract class PBES2 extends CipherAdapter
                             SecureRandom random) throws InvalidKeyException,
       InvalidAlgorithmParameterException
   {
-    if (!(key instanceof PBEKey))
+    if (! (key instanceof PBEKey))
       throw new InvalidKeyException("not a PBE key");
-
     super.engineInit(opmode, genkey((PBEKey) key), params, random);
   }
 
@@ -107,9 +95,8 @@ public abstract class PBES2 extends CipherAdapter
                             SecureRandom random) throws InvalidKeyException,
       InvalidAlgorithmParameterException
   {
-    if (!(key instanceof PBEKey))
+    if (! (key instanceof PBEKey))
       throw new InvalidKeyException("not a PBE key");
-
     super.engineInit(opmode, genkey((PBEKey) key), params, random);
   }
 
@@ -117,11 +104,9 @@ public abstract class PBES2 extends CipherAdapter
   {
     IRandom kdf = PRNGFactory.getInstance("PBKDF2-" + macName);
     if (kdf == null)
-      {
-        throw new IllegalArgumentException("no such KDF: PBKDF2-" + macName);
-      }
+      throw new IllegalArgumentException("no such KDF: PBKDF2-" + macName);
     HashMap attrib = new HashMap();
-    attrib.put(IPBE.ITERATION_COUNT, new Integer(key.getIterationCount()));
+    attrib.put(IPBE.ITERATION_COUNT, Integer.valueOf(key.getIterationCount()));
     attrib.put(IPBE.PASSWORD, key.getPassword());
     attrib.put(IPBE.SALT, key.getSalt());
     try
@@ -139,21 +124,14 @@ public abstract class PBES2 extends CipherAdapter
       }
     catch (LimitReachedException shouldNotHappen)
       {
-        //         throw new Error(shouldNotHappen);
         throw new Error(String.valueOf(shouldNotHappen));
       }
     return new SecretKeySpec(dk, cipher.name());
   }
 
-  // Inner classe(s)
-  // =========================================================================
-
-  public static class HMacSHA1 extends PBES2
+  public static class HMacSHA1
+      extends PBES2
   {
-
-    // Constructor(s)
-    // ---------------------------------------------------------------------
-
     public HMacSHA1(String cipher, int blockLen)
     {
       super(cipher, blockLen, "HMAC-SHA1");
@@ -164,10 +142,8 @@ public abstract class PBES2 extends CipherAdapter
       super(cipher, "HMAC-SHA1");
     }
 
-    // Inner classe(s)
-    // ======================================================================
-
-    public static class AES extends HMacSHA1
+    public static class AES
+        extends HMacSHA1
     {
       public AES()
       {
@@ -175,7 +151,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Anubis extends HMacSHA1
+    public static class Anubis
+        extends HMacSHA1
     {
       public Anubis()
       {
@@ -183,7 +160,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Blowfish extends HMacSHA1
+    public static class Blowfish
+        extends HMacSHA1
     {
       public Blowfish()
       {
@@ -191,7 +169,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Cast5 extends HMacSHA1
+    public static class Cast5
+        extends HMacSHA1
     {
       public Cast5()
       {
@@ -199,7 +178,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class DES extends HMacSHA1
+    public static class DES
+        extends HMacSHA1
     {
       public DES()
       {
@@ -207,7 +187,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Khazad extends HMacSHA1
+    public static class Khazad
+        extends HMacSHA1
     {
       public Khazad()
       {
@@ -215,7 +196,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Serpent extends HMacSHA1
+    public static class Serpent
+        extends HMacSHA1
     {
       public Serpent()
       {
@@ -223,7 +205,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Square extends HMacSHA1
+    public static class Square
+        extends HMacSHA1
     {
       public Square()
       {
@@ -231,7 +214,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class TripleDES extends HMacSHA1
+    public static class TripleDES
+        extends HMacSHA1
     {
       public TripleDES()
       {
@@ -239,7 +223,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Twofish extends HMacSHA1
+    public static class Twofish
+        extends HMacSHA1
     {
       public Twofish()
       {
@@ -248,12 +233,9 @@ public abstract class PBES2 extends CipherAdapter
     }
   }
 
-  public static class HMacMD5 extends PBES2
+  public static class HMacMD5
+      extends PBES2
   {
-
-    // Constructor(s)
-    // ----------------------------------------------------------------------
-
     public HMacMD5(String cipher, int blockLen)
     {
       super(cipher, blockLen, "HMAC-MD5");
@@ -264,10 +246,8 @@ public abstract class PBES2 extends CipherAdapter
       super(cipher, "HMAC-MD5");
     }
 
-    // Inner classe(s)
-    // ======================================================================
-
-    public static class AES extends HMacMD5
+    public static class AES
+        extends HMacMD5
     {
       public AES()
       {
@@ -275,7 +255,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Anubis extends HMacMD5
+    public static class Anubis
+        extends HMacMD5
     {
       public Anubis()
       {
@@ -283,7 +264,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Blowfish extends HMacMD5
+    public static class Blowfish
+        extends HMacMD5
     {
       public Blowfish()
       {
@@ -291,7 +273,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Cast5 extends HMacMD5
+    public static class Cast5
+        extends HMacMD5
     {
       public Cast5()
       {
@@ -299,7 +282,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class DES extends HMacMD5
+    public static class DES
+        extends HMacMD5
     {
       public DES()
       {
@@ -307,7 +291,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Khazad extends HMacMD5
+    public static class Khazad
+        extends HMacMD5
     {
       public Khazad()
       {
@@ -315,7 +300,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Serpent extends HMacMD5
+    public static class Serpent
+        extends HMacMD5
     {
       public Serpent()
       {
@@ -323,7 +309,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Square extends HMacMD5
+    public static class Square
+        extends HMacMD5
     {
       public Square()
       {
@@ -331,7 +318,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class TripleDES extends HMacMD5
+    public static class TripleDES
+        extends HMacMD5
     {
       public TripleDES()
       {
@@ -339,7 +327,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Twofish extends HMacMD5
+    public static class Twofish
+        extends HMacMD5
     {
       public Twofish()
       {
@@ -348,12 +337,9 @@ public abstract class PBES2 extends CipherAdapter
     }
   }
 
-  public static class HMacMD2 extends PBES2
+  public static class HMacMD2
+      extends PBES2
   {
-
-    // Constructor(s)
-    // ----------------------------------------------------------------------
-
     public HMacMD2(String cipher, int blockLen)
     {
       super(cipher, blockLen, "HMAC-MD2");
@@ -364,10 +350,8 @@ public abstract class PBES2 extends CipherAdapter
       super(cipher, "HMAC-MD2");
     }
 
-    // Inner classe(s)
-    // ======================================================================
-
-    public static class AES extends HMacMD2
+    public static class AES
+        extends HMacMD2
     {
       public AES()
       {
@@ -375,7 +359,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Anubis extends HMacMD2
+    public static class Anubis
+        extends HMacMD2
     {
       public Anubis()
       {
@@ -383,7 +368,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Blowfish extends HMacMD2
+    public static class Blowfish
+        extends HMacMD2
     {
       public Blowfish()
       {
@@ -391,7 +377,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Cast5 extends HMacMD2
+    public static class Cast5
+        extends HMacMD2
     {
       public Cast5()
       {
@@ -399,7 +386,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class DES extends HMacMD2
+    public static class DES
+        extends HMacMD2
     {
       public DES()
       {
@@ -407,7 +395,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Khazad extends HMacMD2
+    public static class Khazad
+        extends HMacMD2
     {
       public Khazad()
       {
@@ -415,7 +404,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Serpent extends HMacMD2
+    public static class Serpent
+        extends HMacMD2
     {
       public Serpent()
       {
@@ -423,7 +413,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Square extends HMacMD2
+    public static class Square
+        extends HMacMD2
     {
       public Square()
       {
@@ -431,7 +422,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class TripleDES extends HMacMD2
+    public static class TripleDES
+        extends HMacMD2
     {
       public TripleDES()
       {
@@ -439,7 +431,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Twofish extends HMacMD2
+    public static class Twofish
+        extends HMacMD2
     {
       public Twofish()
       {
@@ -448,12 +441,9 @@ public abstract class PBES2 extends CipherAdapter
     }
   }
 
-  public static class HMacMD4 extends PBES2
+  public static class HMacMD4
+      extends PBES2
   {
-
-    // Constructor(s)
-    // ----------------------------------------------------------------------
-
     public HMacMD4(String cipher, int blockLen)
     {
       super(cipher, blockLen, "HMAC-MD4");
@@ -464,10 +454,8 @@ public abstract class PBES2 extends CipherAdapter
       super(cipher, "HMAC-MD4");
     }
 
-    // Inner classe(s)
-    // ======================================================================
-
-    public static class AES extends HMacMD4
+    public static class AES
+        extends HMacMD4
     {
       public AES()
       {
@@ -475,7 +463,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Anubis extends HMacMD4
+    public static class Anubis
+        extends HMacMD4
     {
       public Anubis()
       {
@@ -483,7 +472,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Blowfish extends HMacMD4
+    public static class Blowfish
+        extends HMacMD4
     {
       public Blowfish()
       {
@@ -491,7 +481,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Cast5 extends HMacMD4
+    public static class Cast5
+        extends HMacMD4
     {
       public Cast5()
       {
@@ -499,7 +490,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class DES extends HMacMD4
+    public static class DES
+        extends HMacMD4
     {
       public DES()
       {
@@ -507,7 +499,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Khazad extends HMacMD4
+    public static class Khazad
+        extends HMacMD4
     {
       public Khazad()
       {
@@ -515,7 +508,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Serpent extends HMacMD4
+    public static class Serpent
+        extends HMacMD4
     {
       public Serpent()
       {
@@ -523,7 +517,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Square extends HMacMD4
+    public static class Square
+        extends HMacMD4
     {
       public Square()
       {
@@ -531,7 +526,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class TripleDES extends HMacMD4
+    public static class TripleDES
+        extends HMacMD4
     {
       public TripleDES()
       {
@@ -539,7 +535,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Twofish extends HMacMD4
+    public static class Twofish
+        extends HMacMD4
     {
       public Twofish()
       {
@@ -548,12 +545,9 @@ public abstract class PBES2 extends CipherAdapter
     }
   }
 
-  public static class HMacHaval extends PBES2
+  public static class HMacHaval
+      extends PBES2
   {
-
-    // Constructor(s)
-    // ---------------------------------------------------------------------
-
     public HMacHaval(String cipher, int blockLen)
     {
       super(cipher, blockLen, "HMAC-HAVAL");
@@ -564,10 +558,8 @@ public abstract class PBES2 extends CipherAdapter
       super(cipher, "HMAC-HAVAL");
     }
 
-    // Inner classe(s)
-    // ======================================================================
-
-    public static class AES extends HMacHaval
+    public static class AES
+        extends HMacHaval
     {
       public AES()
       {
@@ -575,7 +567,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Anubis extends HMacHaval
+    public static class Anubis
+        extends HMacHaval
     {
       public Anubis()
       {
@@ -583,7 +576,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Blowfish extends HMacHaval
+    public static class Blowfish
+        extends HMacHaval
     {
       public Blowfish()
       {
@@ -591,7 +585,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Cast5 extends HMacHaval
+    public static class Cast5
+        extends HMacHaval
     {
       public Cast5()
       {
@@ -599,7 +594,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class DES extends HMacHaval
+    public static class DES
+        extends HMacHaval
     {
       public DES()
       {
@@ -607,7 +603,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Khazad extends HMacHaval
+    public static class Khazad
+        extends HMacHaval
     {
       public Khazad()
       {
@@ -615,7 +612,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Serpent extends HMacHaval
+    public static class Serpent
+        extends HMacHaval
     {
       public Serpent()
       {
@@ -623,7 +621,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Square extends HMacHaval
+    public static class Square
+        extends HMacHaval
     {
       public Square()
       {
@@ -631,7 +630,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class TripleDES extends HMacHaval
+    public static class TripleDES
+        extends HMacHaval
     {
       public TripleDES()
       {
@@ -639,7 +639,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Twofish extends HMacHaval
+    public static class Twofish
+        extends HMacHaval
     {
       public Twofish()
       {
@@ -648,12 +649,9 @@ public abstract class PBES2 extends CipherAdapter
     }
   }
 
-  public static class HMacRipeMD128 extends PBES2
+  public static class HMacRipeMD128
+      extends PBES2
   {
-
-    // Constructor(s)
-    // ----------------------------------------------------------------------
-
     public HMacRipeMD128(String cipher, int blockLen)
     {
       super(cipher, blockLen, "HMAC-RIPEMD128");
@@ -664,10 +662,8 @@ public abstract class PBES2 extends CipherAdapter
       super(cipher, "HMAC-RIPEMD128");
     }
 
-    // Inner classe(s)
-    // ======================================================================
-
-    public static class AES extends HMacRipeMD128
+    public static class AES
+        extends HMacRipeMD128
     {
       public AES()
       {
@@ -675,7 +671,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Anubis extends HMacRipeMD128
+    public static class Anubis
+        extends HMacRipeMD128
     {
       public Anubis()
       {
@@ -683,7 +680,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Blowfish extends HMacRipeMD128
+    public static class Blowfish
+        extends HMacRipeMD128
     {
       public Blowfish()
       {
@@ -691,7 +689,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Cast5 extends HMacRipeMD128
+    public static class Cast5
+        extends HMacRipeMD128
     {
       public Cast5()
       {
@@ -699,7 +698,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class DES extends HMacRipeMD128
+    public static class DES
+        extends HMacRipeMD128
     {
       public DES()
       {
@@ -707,7 +707,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Khazad extends HMacRipeMD128
+    public static class Khazad
+        extends HMacRipeMD128
     {
       public Khazad()
       {
@@ -715,7 +716,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Serpent extends HMacRipeMD128
+    public static class Serpent
+        extends HMacRipeMD128
     {
       public Serpent()
       {
@@ -723,7 +725,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Square extends HMacRipeMD128
+    public static class Square
+        extends HMacRipeMD128
     {
       public Square()
       {
@@ -731,7 +734,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class TripleDES extends HMacRipeMD128
+    public static class TripleDES
+        extends HMacRipeMD128
     {
       public TripleDES()
       {
@@ -739,7 +743,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Twofish extends HMacRipeMD128
+    public static class Twofish
+        extends HMacRipeMD128
     {
       public Twofish()
       {
@@ -748,12 +753,9 @@ public abstract class PBES2 extends CipherAdapter
     }
   }
 
-  public static class HMacRipeMD160 extends PBES2
+  public static class HMacRipeMD160
+      extends PBES2
   {
-
-    // Constructor(s)
-    // ----------------------------------------------------------------------
-
     public HMacRipeMD160(String cipher, int blockLen)
     {
       super(cipher, blockLen, "HMAC-RIPEMD160");
@@ -764,10 +766,8 @@ public abstract class PBES2 extends CipherAdapter
       super(cipher, "HMAC-RIPEMD160");
     }
 
-    // Inner classe(s)
-    // ======================================================================
-
-    public static class AES extends HMacRipeMD160
+    public static class AES
+        extends HMacRipeMD160
     {
       public AES()
       {
@@ -775,7 +775,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Anubis extends HMacRipeMD160
+    public static class Anubis
+        extends HMacRipeMD160
     {
       public Anubis()
       {
@@ -783,7 +784,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Blowfish extends HMacRipeMD160
+    public static class Blowfish
+        extends HMacRipeMD160
     {
       public Blowfish()
       {
@@ -791,7 +793,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Cast5 extends HMacRipeMD160
+    public static class Cast5
+        extends HMacRipeMD160
     {
       public Cast5()
       {
@@ -799,7 +802,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class DES extends HMacRipeMD160
+    public static class DES
+        extends HMacRipeMD160
     {
       public DES()
       {
@@ -807,7 +811,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Khazad extends HMacRipeMD160
+    public static class Khazad
+        extends HMacRipeMD160
     {
       public Khazad()
       {
@@ -815,7 +820,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Serpent extends HMacRipeMD160
+    public static class Serpent
+        extends HMacRipeMD160
     {
       public Serpent()
       {
@@ -823,7 +829,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Square extends HMacRipeMD160
+    public static class Square
+        extends HMacRipeMD160
     {
       public Square()
       {
@@ -831,7 +838,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class TripleDES extends HMacRipeMD160
+    public static class TripleDES
+        extends HMacRipeMD160
     {
       public TripleDES()
       {
@@ -839,7 +847,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Twofish extends HMacRipeMD160
+    public static class Twofish
+        extends HMacRipeMD160
     {
       public Twofish()
       {
@@ -848,12 +857,9 @@ public abstract class PBES2 extends CipherAdapter
     }
   }
 
-  public static class HMacSHA256 extends PBES2
+  public static class HMacSHA256
+      extends PBES2
   {
-
-    // Constructor(s)
-    // ---------------------------------------------------------------------
-
     public HMacSHA256(String cipher, int blockLen)
     {
       super(cipher, blockLen, "HMAC-SHA-256");
@@ -864,10 +870,8 @@ public abstract class PBES2 extends CipherAdapter
       super(cipher, "HMAC-SHA-256");
     }
 
-    // Inner classe(s)
-    // ======================================================================
-
-    public static class AES extends HMacSHA256
+    public static class AES
+        extends HMacSHA256
     {
       public AES()
       {
@@ -875,7 +879,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Anubis extends HMacSHA256
+    public static class Anubis
+        extends HMacSHA256
     {
       public Anubis()
       {
@@ -883,7 +888,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Blowfish extends HMacSHA256
+    public static class Blowfish
+        extends HMacSHA256
     {
       public Blowfish()
       {
@@ -891,7 +897,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Cast5 extends HMacSHA256
+    public static class Cast5
+        extends HMacSHA256
     {
       public Cast5()
       {
@@ -899,7 +906,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class DES extends HMacSHA256
+    public static class DES
+        extends HMacSHA256
     {
       public DES()
       {
@@ -907,7 +915,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Khazad extends HMacSHA256
+    public static class Khazad
+        extends HMacSHA256
     {
       public Khazad()
       {
@@ -915,7 +924,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Serpent extends HMacSHA256
+    public static class Serpent
+        extends HMacSHA256
     {
       public Serpent()
       {
@@ -923,7 +933,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Square extends HMacSHA256
+    public static class Square
+        extends HMacSHA256
     {
       public Square()
       {
@@ -931,7 +942,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class TripleDES extends HMacSHA256
+    public static class TripleDES
+        extends HMacSHA256
     {
       public TripleDES()
       {
@@ -939,7 +951,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Twofish extends HMacSHA256
+    public static class Twofish
+        extends HMacSHA256
     {
       public Twofish()
       {
@@ -948,12 +961,9 @@ public abstract class PBES2 extends CipherAdapter
     }
   }
 
-  public static class HMacSHA384 extends PBES2
+  public static class HMacSHA384
+      extends PBES2
   {
-
-    // Constructor(s)
-    // ---------------------------------------------------------------------
-
     public HMacSHA384(String cipher, int blockLen)
     {
       super(cipher, blockLen, "HMAC-SHA-384");
@@ -964,10 +974,8 @@ public abstract class PBES2 extends CipherAdapter
       super(cipher, "HMAC-SHA-384");
     }
 
-    // Inner classe(s)
-    // ======================================================================
-
-    public static class AES extends HMacSHA384
+    public static class AES
+        extends HMacSHA384
     {
       public AES()
       {
@@ -975,7 +983,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Anubis extends HMacSHA384
+    public static class Anubis
+        extends HMacSHA384
     {
       public Anubis()
       {
@@ -983,7 +992,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Blowfish extends HMacSHA384
+    public static class Blowfish
+        extends HMacSHA384
     {
       public Blowfish()
       {
@@ -991,7 +1001,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Cast5 extends HMacSHA384
+    public static class Cast5
+        extends HMacSHA384
     {
       public Cast5()
       {
@@ -999,7 +1010,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class DES extends HMacSHA384
+    public static class DES
+        extends HMacSHA384
     {
       public DES()
       {
@@ -1007,7 +1019,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Khazad extends HMacSHA384
+    public static class Khazad
+        extends HMacSHA384
     {
       public Khazad()
       {
@@ -1015,7 +1028,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Serpent extends HMacSHA384
+    public static class Serpent
+        extends HMacSHA384
     {
       public Serpent()
       {
@@ -1023,7 +1037,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Square extends HMacSHA384
+    public static class Square
+        extends HMacSHA384
     {
       public Square()
       {
@@ -1031,7 +1046,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class TripleDES extends HMacSHA384
+    public static class TripleDES
+        extends HMacSHA384
     {
       public TripleDES()
       {
@@ -1039,7 +1055,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Twofish extends HMacSHA384
+    public static class Twofish
+        extends HMacSHA384
     {
       public Twofish()
       {
@@ -1048,12 +1065,9 @@ public abstract class PBES2 extends CipherAdapter
     }
   }
 
-  public static class HMacSHA512 extends PBES2
+  public static class HMacSHA512
+      extends PBES2
   {
-
-    // Constructor(s)
-    // ---------------------------------------------------------------------
-
     public HMacSHA512(String cipher, int blockLen)
     {
       super(cipher, blockLen, "HMAC-SHA-512");
@@ -1064,10 +1078,8 @@ public abstract class PBES2 extends CipherAdapter
       super(cipher, "HMAC-SHA-512");
     }
 
-    // Inner classe(s)
-    // ======================================================================
-
-    public static class AES extends HMacSHA512
+    public static class AES
+        extends HMacSHA512
     {
       public AES()
       {
@@ -1075,7 +1087,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Anubis extends HMacSHA512
+    public static class Anubis
+        extends HMacSHA512
     {
       public Anubis()
       {
@@ -1083,7 +1096,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Blowfish extends HMacSHA512
+    public static class Blowfish
+        extends HMacSHA512
     {
       public Blowfish()
       {
@@ -1091,7 +1105,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Cast5 extends HMacSHA512
+    public static class Cast5
+        extends HMacSHA512
     {
       public Cast5()
       {
@@ -1099,7 +1114,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class DES extends HMacSHA512
+    public static class DES
+        extends HMacSHA512
     {
       public DES()
       {
@@ -1107,7 +1123,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Khazad extends HMacSHA512
+    public static class Khazad
+        extends HMacSHA512
     {
       public Khazad()
       {
@@ -1115,7 +1132,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Serpent extends HMacSHA512
+    public static class Serpent
+        extends HMacSHA512
     {
       public Serpent()
       {
@@ -1123,7 +1141,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Square extends HMacSHA512
+    public static class Square
+        extends HMacSHA512
     {
       public Square()
       {
@@ -1131,7 +1150,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class TripleDES extends HMacSHA512
+    public static class TripleDES
+        extends HMacSHA512
     {
       public TripleDES()
       {
@@ -1139,7 +1159,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Twofish extends HMacSHA512
+    public static class Twofish
+        extends HMacSHA512
     {
       public Twofish()
       {
@@ -1148,12 +1169,9 @@ public abstract class PBES2 extends CipherAdapter
     }
   }
 
-  public static class HMacTiger extends PBES2
+  public static class HMacTiger
+      extends PBES2
   {
-
-    // Constructor(s)
-    // ---------------------------------------------------------------------
-
     public HMacTiger(String cipher, int blockLen)
     {
       super(cipher, blockLen, "HMAC-TIGER");
@@ -1164,10 +1182,8 @@ public abstract class PBES2 extends CipherAdapter
       super(cipher, "HMAC-TIGER");
     }
 
-    // Inner classe(s)
-    // ======================================================================
-
-    public static class AES extends HMacTiger
+    public static class AES
+        extends HMacTiger
     {
       public AES()
       {
@@ -1175,7 +1191,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Anubis extends HMacTiger
+    public static class Anubis
+        extends HMacTiger
     {
       public Anubis()
       {
@@ -1183,7 +1200,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Blowfish extends HMacTiger
+    public static class Blowfish
+        extends HMacTiger
     {
       public Blowfish()
       {
@@ -1191,7 +1209,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Cast5 extends HMacTiger
+    public static class Cast5
+        extends HMacTiger
     {
       public Cast5()
       {
@@ -1199,7 +1218,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class DES extends HMacTiger
+    public static class DES
+        extends HMacTiger
     {
       public DES()
       {
@@ -1207,7 +1227,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Khazad extends HMacTiger
+    public static class Khazad
+        extends HMacTiger
     {
       public Khazad()
       {
@@ -1215,7 +1236,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Serpent extends HMacTiger
+    public static class Serpent
+        extends HMacTiger
     {
       public Serpent()
       {
@@ -1223,7 +1245,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Square extends HMacTiger
+    public static class Square
+        extends HMacTiger
     {
       public Square()
       {
@@ -1231,7 +1254,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class TripleDES extends HMacTiger
+    public static class TripleDES
+        extends HMacTiger
     {
       public TripleDES()
       {
@@ -1239,7 +1263,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Twofish extends HMacTiger
+    public static class Twofish
+        extends HMacTiger
     {
       public Twofish()
       {
@@ -1248,12 +1273,9 @@ public abstract class PBES2 extends CipherAdapter
     }
   }
 
-  public static class HMacWhirlpool extends PBES2
+  public static class HMacWhirlpool
+      extends PBES2
   {
-
-    // Constructor(s)
-    // ----------------------------------------------------------------------
-
     public HMacWhirlpool(String cipher, int blockLen)
     {
       super(cipher, blockLen, "HMAC-WHIRLPOOL");
@@ -1264,10 +1286,8 @@ public abstract class PBES2 extends CipherAdapter
       super(cipher, "HMAC-WHIRLPOOL");
     }
 
-    // Inner classe(s)
-    // ======================================================================
-
-    public static class AES extends HMacWhirlpool
+    public static class AES
+        extends HMacWhirlpool
     {
       public AES()
       {
@@ -1275,7 +1295,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Anubis extends HMacWhirlpool
+    public static class Anubis
+        extends HMacWhirlpool
     {
       public Anubis()
       {
@@ -1283,7 +1304,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Blowfish extends HMacWhirlpool
+    public static class Blowfish
+        extends HMacWhirlpool
     {
       public Blowfish()
       {
@@ -1291,7 +1313,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Cast5 extends HMacWhirlpool
+    public static class Cast5
+        extends HMacWhirlpool
     {
       public Cast5()
       {
@@ -1299,7 +1322,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class DES extends HMacWhirlpool
+    public static class DES
+        extends HMacWhirlpool
     {
       public DES()
       {
@@ -1307,7 +1331,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Khazad extends HMacWhirlpool
+    public static class Khazad
+        extends HMacWhirlpool
     {
       public Khazad()
       {
@@ -1315,7 +1340,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Serpent extends HMacWhirlpool
+    public static class Serpent
+        extends HMacWhirlpool
     {
       public Serpent()
       {
@@ -1323,7 +1349,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Square extends HMacWhirlpool
+    public static class Square
+        extends HMacWhirlpool
     {
       public Square()
       {
@@ -1331,7 +1358,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class TripleDES extends HMacWhirlpool
+    public static class TripleDES
+        extends HMacWhirlpool
     {
       public TripleDES()
       {
@@ -1339,7 +1367,8 @@ public abstract class PBES2 extends CipherAdapter
       }
     }
 
-    public static class Twofish extends HMacWhirlpool
+    public static class Twofish
+        extends HMacWhirlpool
     {
       public Twofish()
       {
diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/RijndaelSpi.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/RijndaelSpi.java
index 137db2c3fa4..ad61bca599d 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/cipher/RijndaelSpi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/RijndaelSpi.java
@@ -44,12 +44,9 @@ import gnu.java.security.Registry;
  * The implementation of the Rijndael <i>Service Provider Interface</i>
  * (<b>SPI</b>) adapter.
  */
-public final class RijndaelSpi extends CipherAdapter
+public final class RijndaelSpi
+    extends CipherAdapter
 {
-
-  // Constructors.
-  // --------------------------------------------------------------------
-
   public RijndaelSpi()
   {
     super(Registry.RIJNDAEL_CIPHER, 16);
diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/SerpentSpi.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/SerpentSpi.java
index 9df9685cc38..fa65d34a9be 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/cipher/SerpentSpi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/SerpentSpi.java
@@ -44,12 +44,9 @@ import gnu.java.security.Registry;
  * The implementation of the Serpent <i>Service Provider Interface</i>
  * (<b>SPI</b>) adapter.
  */
-public final class SerpentSpi extends CipherAdapter
+public final class SerpentSpi
+    extends CipherAdapter
 {
-
-  // Constructors.
-  // --------------------------------------------------------------------
-
   public SerpentSpi()
   {
     super(Registry.SERPENT_CIPHER);
diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/SquareSpi.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/SquareSpi.java
index 96e5dee38b1..bdc656eaedb 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/cipher/SquareSpi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/SquareSpi.java
@@ -44,12 +44,9 @@ import gnu.java.security.Registry;
  * The implementation of the Square <i>Service Provider Interface</i>
  * (<b>SPI</b>) adapter.
  */
-public final class SquareSpi extends CipherAdapter
+public final class SquareSpi
+    extends CipherAdapter
 {
-
-  // Constructors.
-  // --------------------------------------------------------------------
-
   public SquareSpi()
   {
     super(Registry.SQUARE_CIPHER);
diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/TripleDESKeyWrapSpi.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/TripleDESKeyWrapSpi.java
new file mode 100644
index 00000000000..55087755e21
--- /dev/null
+++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/TripleDESKeyWrapSpi.java
@@ -0,0 +1,54 @@
+/* TripleDESKeyWrapSpi.java -- DES-EDE Key Wrapping Algorithm JCE Adapter
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.javax.crypto.jce.cipher;
+
+import gnu.java.security.Registry;
+
+/**
+ * The JCE Cipher Adapter implementation over the GNU TripleDES Key Wrapping
+ * Algorithm.
+ */
+public final class TripleDESKeyWrapSpi
+    extends KeyWrappingAlgorithmAdapter
+{
+  public TripleDESKeyWrapSpi()
+  {
+    super(Registry.TRIPLEDES_KWA, 8, 192 / 8, Registry.CBC_MODE);
+  }
+}
diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/TripleDESSpi.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/TripleDESSpi.java
index 5c58ea5515e..b9ec12b5110 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/cipher/TripleDESSpi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/TripleDESSpi.java
@@ -44,12 +44,9 @@ import gnu.java.security.Registry;
  * The implementation of the Triple-DES <i>Service Provider Interface</i>
  * (<b>SPI</b>) adapter.
  */
-public final class TripleDESSpi extends CipherAdapter
+public final class TripleDESSpi
+    extends CipherAdapter
 {
-
-  // Constructors.
-  // --------------------------------------------------------------------
-
   public TripleDESSpi()
   {
     super(Registry.TRIPLEDES_CIPHER);
diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/TwofishSpi.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/TwofishSpi.java
index 31df5ea4068..206e0d9f877 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/cipher/TwofishSpi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/TwofishSpi.java
@@ -44,12 +44,9 @@ import gnu.java.security.Registry;
  * The implementation of the Twofish <i>Service Provider Interface</i>
  * (<b>SPI</b>) adapter.
  */
-public final class TwofishSpi extends CipherAdapter
+public final class TwofishSpi
+    extends CipherAdapter
 {
-
-  // Constructors.
-  // --------------------------------------------------------------------
-
   public TwofishSpi()
   {
     super(Registry.TWOFISH_CIPHER);
diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/AnubisKeyGeneratorImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/AnubisKeyGeneratorImpl.java
index e8d7788e8b7..a1cc8fd7f84 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/key/AnubisKeyGeneratorImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/key/AnubisKeyGeneratorImpl.java
@@ -40,14 +40,11 @@ package gnu.javax.crypto.jce.key;
 
 import gnu.java.security.Registry;
 
-public class AnubisKeyGeneratorImpl extends SecretKeyGeneratorImpl
+public class AnubisKeyGeneratorImpl
+    extends SecretKeyGeneratorImpl
 {
-
-  // Constructors.
-  // -------------------------------------------------------------------------
-
-  public AnubisKeyGeneratorImpl ()
+  public AnubisKeyGeneratorImpl()
   {
-    super (Registry.ANUBIS_CIPHER);
+    super(Registry.ANUBIS_CIPHER);
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/AnubisSecretKeyFactoryImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/AnubisSecretKeyFactoryImpl.java
index f9725eae033..bea65a6c63e 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/key/AnubisSecretKeyFactoryImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/key/AnubisSecretKeyFactoryImpl.java
@@ -38,14 +38,8 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.jce.key;
 
-import java.security.InvalidKeyException;
-import java.security.spec.InvalidKeySpecException;
-
-import javax.crypto.SecretKey;
-import javax.crypto.SecretKeyFactorySpi;
-import javax.crypto.spec.SecretKeySpec;
-
-public class AnubisSecretKeyFactoryImpl extends SecretKeyFactoryImpl
+public class AnubisSecretKeyFactoryImpl
+    extends SecretKeyFactoryImpl
 {
   public AnubisSecretKeyFactoryImpl()
   {
diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/BlowfishKeyGeneratorImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/BlowfishKeyGeneratorImpl.java
index a0e687acdf8..2297980fb47 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/key/BlowfishKeyGeneratorImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/key/BlowfishKeyGeneratorImpl.java
@@ -40,14 +40,11 @@ package gnu.javax.crypto.jce.key;
 
 import gnu.java.security.Registry;
 
-public class BlowfishKeyGeneratorImpl extends SecretKeyGeneratorImpl
+public class BlowfishKeyGeneratorImpl
+    extends SecretKeyGeneratorImpl
 {
-
-  // Constructors.
-  // -------------------------------------------------------------------------
-
-  public BlowfishKeyGeneratorImpl ()
+  public BlowfishKeyGeneratorImpl()
   {
-    super (Registry.BLOWFISH_CIPHER);
+    super(Registry.BLOWFISH_CIPHER);
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/BlowfishSecretKeyFactoryImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/BlowfishSecretKeyFactoryImpl.java
index 4b3620bc17d..53fe8b0b49b 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/key/BlowfishSecretKeyFactoryImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/key/BlowfishSecretKeyFactoryImpl.java
@@ -38,14 +38,8 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.jce.key;
 
-import java.security.InvalidKeyException;
-import java.security.spec.InvalidKeySpecException;
-
-import javax.crypto.SecretKey;
-import javax.crypto.SecretKeyFactorySpi;
-import javax.crypto.spec.SecretKeySpec;
-
-public class BlowfishSecretKeyFactoryImpl extends SecretKeyFactoryImpl
+public class BlowfishSecretKeyFactoryImpl
+    extends SecretKeyFactoryImpl
 {
   public BlowfishSecretKeyFactoryImpl()
   {
diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/Cast5KeyGeneratorImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/Cast5KeyGeneratorImpl.java
index 18d26e67fdb..b328e48b37a 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/key/Cast5KeyGeneratorImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/key/Cast5KeyGeneratorImpl.java
@@ -40,14 +40,11 @@ package gnu.javax.crypto.jce.key;
 
 import gnu.java.security.Registry;
 
-public class Cast5KeyGeneratorImpl extends SecretKeyGeneratorImpl
+public class Cast5KeyGeneratorImpl
+    extends SecretKeyGeneratorImpl
 {
-
-  // Constructors.
-  // -------------------------------------------------------------------------
-
-  public Cast5KeyGeneratorImpl ()
+  public Cast5KeyGeneratorImpl()
   {
-    super (Registry.CAST5_CIPHER);
+    super(Registry.CAST5_CIPHER);
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/Cast5SecretKeyFactoryImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/Cast5SecretKeyFactoryImpl.java
index 4bd31711eea..fcebb528e70 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/key/Cast5SecretKeyFactoryImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/key/Cast5SecretKeyFactoryImpl.java
@@ -38,14 +38,8 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.jce.key;
 
-import java.security.InvalidKeyException;
-import java.security.spec.InvalidKeySpecException;
-
-import javax.crypto.SecretKey;
-import javax.crypto.SecretKeyFactorySpi;
-import javax.crypto.spec.SecretKeySpec;
-
-public class Cast5SecretKeyFactoryImpl extends SecretKeyFactoryImpl
+public class Cast5SecretKeyFactoryImpl
+    extends SecretKeyFactoryImpl
 {
   public Cast5SecretKeyFactoryImpl()
   {
diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/DESKeyGeneratorImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/DESKeyGeneratorImpl.java
index 19c54653a07..2cd29a67f61 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/key/DESKeyGeneratorImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/key/DESKeyGeneratorImpl.java
@@ -35,6 +35,7 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version.  */
 
+
 package gnu.javax.crypto.jce.key;
 
 import gnu.java.security.Registry;
@@ -43,31 +44,25 @@ import gnu.javax.crypto.cipher.DES;
 import javax.crypto.SecretKey;
 import javax.crypto.spec.SecretKeySpec;
 
-public class DESKeyGeneratorImpl extends SecretKeyGeneratorImpl
+public class DESKeyGeneratorImpl
+    extends SecretKeyGeneratorImpl
 {
-
-  // Constructors.
-  // -------------------------------------------------------------------------
-
-  public DESKeyGeneratorImpl ()
+  public DESKeyGeneratorImpl()
   {
-    super (Registry.DES_CIPHER);
+    super(Registry.DES_CIPHER);
   }
 
-  // Instance methods.
-  // -------------------------------------------------------------------------
-
-  protected SecretKey engineGenerateKey ()
+  protected SecretKey engineGenerateKey()
   {
-    if (!init)
-      throw new IllegalStateException ("not initialized");
-    byte[] buf = new byte [currentKeySize];
+    if (! init)
+      throw new IllegalStateException("not initialized");
+    byte[] buf = new byte[currentKeySize];
     do
       {
-        random.nextBytes (buf);
+        random.nextBytes(buf);
       }
-    while (DES.isWeak (buf) || DES.isSemiWeak (buf));
-    DES.adjustParity (buf, 0);
-    return new SecretKeySpec (buf, algorithm);
+    while (DES.isWeak(buf) || DES.isSemiWeak(buf));
+    DES.adjustParity(buf, 0);
+    return new SecretKeySpec(buf, algorithm);
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/DESSecretKeyFactoryImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/DESSecretKeyFactoryImpl.java
index e0f1c586096..a138e290228 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/key/DESSecretKeyFactoryImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/key/DESSecretKeyFactoryImpl.java
@@ -35,6 +35,7 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version.  */
 
+
 package gnu.javax.crypto.jce.key;
 
 import java.security.InvalidKeyException;
@@ -45,36 +46,37 @@ import javax.crypto.SecretKey;
 import javax.crypto.spec.DESKeySpec;
 import javax.crypto.spec.SecretKeySpec;
 
-public class DESSecretKeyFactoryImpl extends SecretKeyFactoryImpl
+public class DESSecretKeyFactoryImpl
+    extends SecretKeyFactoryImpl
 {
 
   public DESSecretKeyFactoryImpl()
   {
   }
 
-  protected SecretKey engineGenerateSecret (KeySpec spec)
-    throws InvalidKeySpecException
+  protected SecretKey engineGenerateSecret(KeySpec spec)
+      throws InvalidKeySpecException
   {
     if (spec instanceof DESKeySpec)
-      return new SecretKeySpec (((DESKeySpec) spec).getKey(), "DES");
-    return super.engineGenerateSecret (spec);
+      return new SecretKeySpec(((DESKeySpec) spec).getKey(), "DES");
+    return super.engineGenerateSecret(spec);
   }
 
-  protected KeySpec engineGetKeySpec (SecretKey key, Class spec)
-    throws InvalidKeySpecException
+  protected KeySpec engineGetKeySpec(SecretKey key, Class spec)
+      throws InvalidKeySpecException
   {
-    if (spec.isAssignableFrom (DESKeySpec.class))
+    if (spec.isAssignableFrom(DESKeySpec.class))
       try
         {
-          return new DESKeySpec (key.getEncoded());
+          return new DESKeySpec(key.getEncoded());
         }
       catch (InvalidKeyException ike)
         {
-          InvalidKeySpecException ikse = new InvalidKeySpecException
-            ("can't create DES key spec");
-          ikse.initCause (ike);
+          InvalidKeySpecException ikse = new InvalidKeySpecException(
+              "can't create DES key spec");
+          ikse.initCause(ike);
           throw ikse;
         }
-    return super.engineGetKeySpec (key, spec);
+    return super.engineGetKeySpec(key, spec);
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/DESedeSecretKeyFactoryImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/DESedeSecretKeyFactoryImpl.java
index 15e10994020..f380603e44e 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/key/DESedeSecretKeyFactoryImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/key/DESedeSecretKeyFactoryImpl.java
@@ -35,6 +35,7 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version.  */
 
+
 package gnu.javax.crypto.jce.key;
 
 import java.security.InvalidKeyException;
@@ -45,36 +46,37 @@ import javax.crypto.SecretKey;
 import javax.crypto.spec.DESedeKeySpec;
 import javax.crypto.spec.SecretKeySpec;
 
-public class DESedeSecretKeyFactoryImpl extends SecretKeyFactoryImpl
+public class DESedeSecretKeyFactoryImpl
+    extends SecretKeyFactoryImpl
 {
 
   public DESedeSecretKeyFactoryImpl()
   {
   }
 
-  protected SecretKey engineGenerateSecret (KeySpec spec)
-    throws InvalidKeySpecException
+  protected SecretKey engineGenerateSecret(KeySpec spec)
+      throws InvalidKeySpecException
   {
     if (spec instanceof DESedeKeySpec)
-      return new SecretKeySpec (((DESedeKeySpec) spec).getKey(), "DESede");
-    return super.engineGenerateSecret (spec);
+      return new SecretKeySpec(((DESedeKeySpec) spec).getKey(), "DESede");
+    return super.engineGenerateSecret(spec);
   }
 
-  protected KeySpec engineGetKeySpec (SecretKey key, Class spec)
-    throws InvalidKeySpecException
+  protected KeySpec engineGetKeySpec(SecretKey key, Class spec)
+      throws InvalidKeySpecException
   {
-    if (spec.equals (DESedeKeySpec.class))
+    if (spec.equals(DESedeKeySpec.class))
       try
         {
-          return new DESedeKeySpec (key.getEncoded());
+          return new DESedeKeySpec(key.getEncoded());
         }
       catch (InvalidKeyException ike)
         {
-          InvalidKeySpecException ikse = new InvalidKeySpecException
-            ("can't create DESede key spec");
-          ikse.initCause (ike);
+          InvalidKeySpecException ikse = new InvalidKeySpecException(
+              "can't create DESede key spec");
+          ikse.initCause(ike);
           throw ikse;
         }
-    return super.engineGetKeySpec (key, spec);
+    return super.engineGetKeySpec(key, spec);
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/KhazadKeyGeneratorImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/KhazadKeyGeneratorImpl.java
index c01391e4486..21ae627ebac 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/key/KhazadKeyGeneratorImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/key/KhazadKeyGeneratorImpl.java
@@ -35,18 +35,16 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version.  */
 
+
 package gnu.javax.crypto.jce.key;
 
 import gnu.java.security.Registry;
 
-public class KhazadKeyGeneratorImpl extends SecretKeyGeneratorImpl
+public class KhazadKeyGeneratorImpl
+    extends SecretKeyGeneratorImpl
 {
-
-  // Constructors.
-  // -------------------------------------------------------------------------
-
-  public KhazadKeyGeneratorImpl ()
+  public KhazadKeyGeneratorImpl()
   {
-    super (Registry.KHAZAD_CIPHER);
+    super(Registry.KHAZAD_CIPHER);
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/KhazadSecretKeyFactoryImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/KhazadSecretKeyFactoryImpl.java
index c86e01110c5..19315d22ec3 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/key/KhazadSecretKeyFactoryImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/key/KhazadSecretKeyFactoryImpl.java
@@ -35,16 +35,11 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version.  */
 
-package gnu.javax.crypto.jce.key;
-
-import java.security.InvalidKeyException;
-import java.security.spec.InvalidKeySpecException;
 
-import javax.crypto.SecretKey;
-import javax.crypto.SecretKeyFactorySpi;
-import javax.crypto.spec.SecretKeySpec;
+package gnu.javax.crypto.jce.key;
 
-public class KhazadSecretKeyFactoryImpl extends SecretKeyFactoryImpl
+public class KhazadSecretKeyFactoryImpl
+    extends SecretKeyFactoryImpl
 {
   public KhazadSecretKeyFactoryImpl()
   {
diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/RijndaelKeyGeneratorImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/RijndaelKeyGeneratorImpl.java
index 535e573ad8e..b60f7d6d02c 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/key/RijndaelKeyGeneratorImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/key/RijndaelKeyGeneratorImpl.java
@@ -35,18 +35,16 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version.  */
 
+
 package gnu.javax.crypto.jce.key;
 
 import gnu.java.security.Registry;
 
-public class RijndaelKeyGeneratorImpl extends SecretKeyGeneratorImpl
+public class RijndaelKeyGeneratorImpl
+    extends SecretKeyGeneratorImpl
 {
-
-  // Constructors.
-  // -------------------------------------------------------------------------
-
-  public RijndaelKeyGeneratorImpl ()
+  public RijndaelKeyGeneratorImpl()
   {
-    super (Registry.RIJNDAEL_CIPHER);
+    super(Registry.RIJNDAEL_CIPHER);
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/RijndaelSecretKeyFactoryImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/RijndaelSecretKeyFactoryImpl.java
index 4aab584a2cc..f88b077520b 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/key/RijndaelSecretKeyFactoryImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/key/RijndaelSecretKeyFactoryImpl.java
@@ -35,16 +35,11 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version.  */
 
-package gnu.javax.crypto.jce.key;
-
-import java.security.InvalidKeyException;
-import java.security.spec.InvalidKeySpecException;
 
-import javax.crypto.SecretKey;
-import javax.crypto.SecretKeyFactorySpi;
-import javax.crypto.spec.SecretKeySpec;
+package gnu.javax.crypto.jce.key;
 
-public class RijndaelSecretKeyFactoryImpl extends SecretKeyFactoryImpl
+public class RijndaelSecretKeyFactoryImpl
+    extends SecretKeyFactoryImpl
 {
   public RijndaelSecretKeyFactoryImpl()
   {
diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/SecretKeyFactoryImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/SecretKeyFactoryImpl.java
index 72defe1d7f2..4bba171f9c1 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/key/SecretKeyFactoryImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/key/SecretKeyFactoryImpl.java
@@ -35,6 +35,7 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version.  */
 
+
 package gnu.javax.crypto.jce.key;
 
 import java.security.InvalidKeyException;
@@ -45,43 +46,42 @@ import javax.crypto.SecretKey;
 import javax.crypto.SecretKeyFactorySpi;
 import javax.crypto.spec.SecretKeySpec;
 
-public abstract class SecretKeyFactoryImpl extends SecretKeyFactorySpi
+public abstract class SecretKeyFactoryImpl
+    extends SecretKeyFactorySpi
 {
 
   protected SecretKeyFactoryImpl()
   {
   }
 
-  protected SecretKey engineGenerateSecret (KeySpec spec)
-    throws InvalidKeySpecException
+  protected SecretKey engineGenerateSecret(KeySpec spec)
+      throws InvalidKeySpecException
   {
     if (spec instanceof SecretKeySpec)
       return (SecretKey) spec;
-    throw new InvalidKeySpecException ("unknown key spec: " +
-                                       spec.getClass().getName());
+    throw new InvalidKeySpecException("unknown key spec: "
+                                      + spec.getClass().getName());
   }
 
-  protected KeySpec engineGetKeySpec (SecretKey key, Class spec)
-    throws InvalidKeySpecException
+  protected KeySpec engineGetKeySpec(SecretKey key, Class spec)
+      throws InvalidKeySpecException
   {
-    if (spec.equals (SecretKeySpec.class))
+    if (spec.equals(SecretKeySpec.class))
       {
         if (key instanceof SecretKeySpec)
           return (KeySpec) key;
         else
-          return new SecretKeySpec (key.getEncoded(), key.getAlgorithm());
+          return new SecretKeySpec(key.getEncoded(), key.getAlgorithm());
       }
-    throw new InvalidKeySpecException ("unsupported key spec: " +
-                                       spec.getName());
+    throw new InvalidKeySpecException("unsupported key spec: " + spec.getName());
   }
 
-  protected SecretKey engineTranslateKey (SecretKey key)
-    throws InvalidKeyException
+  protected SecretKey engineTranslateKey(SecretKey key)
+      throws InvalidKeyException
   {
-    if (!"RAW".equals (key.getFormat()))
-      throw new InvalidKeyException ("only raw keys are supported");
-
+    if (! "RAW".equals(key.getFormat()))
+      throw new InvalidKeyException("only raw keys are supported");
     // SecretKeySpec is good enough for our purposes.
-    return new SecretKeySpec (key.getEncoded(), key.getAlgorithm());
+    return new SecretKeySpec(key.getEncoded(), key.getAlgorithm());
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/SecretKeyGeneratorImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/SecretKeyGeneratorImpl.java
index 0a62655734c..319b0eaebe8 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/key/SecretKeyGeneratorImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/key/SecretKeyGeneratorImpl.java
@@ -35,6 +35,7 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version.  */
 
+
 package gnu.javax.crypto.jce.key;
 
 import gnu.javax.crypto.cipher.CipherFactory;
@@ -53,12 +54,9 @@ import javax.crypto.KeyGeneratorSpi;
 import javax.crypto.SecretKey;
 import javax.crypto.spec.SecretKeySpec;
 
-public class SecretKeyGeneratorImpl extends KeyGeneratorSpi
+public class SecretKeyGeneratorImpl
+    extends KeyGeneratorSpi
 {
-
-  // Fields.
-  // -------------------------------------------------------------------------
-
   protected final int defaultKeySize;
   protected final List keySizes;
   protected final String algorithm;
@@ -66,55 +64,47 @@ public class SecretKeyGeneratorImpl extends KeyGeneratorSpi
   protected int currentKeySize;
   protected SecureRandom random;
 
-  // Constructors.
-  // -------------------------------------------------------------------------
-
-  protected SecretKeyGeneratorImpl (final String algorithm)
+  protected SecretKeyGeneratorImpl(final String algorithm)
   {
     this.algorithm = algorithm;
-    IBlockCipher cipher = CipherFactory.getInstance (algorithm);
+    IBlockCipher cipher = CipherFactory.getInstance(algorithm);
     if (cipher == null)
-      throw new IllegalArgumentException ("no such cipher: "+algorithm);
-    defaultKeySize = cipher.defaultKeySize ();
+      throw new IllegalArgumentException("no such cipher: " + algorithm);
+    defaultKeySize = cipher.defaultKeySize();
     keySizes = new LinkedList();
-    for (Iterator it = cipher.keySizes (); it.hasNext (); )
-      {
-        keySizes.add (it.next ());
-      }
+    for (Iterator it = cipher.keySizes(); it.hasNext();)
+      keySizes.add(it.next());
     init = false;
   }
 
-  // Instance methods.
-  // -------------------------------------------------------------------------
-
-  protected SecretKey engineGenerateKey ()
+  protected SecretKey engineGenerateKey()
   {
-    if (!init)
-      throw new IllegalStateException ("not initialized");
-    byte[] buf = new byte [currentKeySize];
-    random.nextBytes (buf);
-    return new SecretKeySpec (buf, algorithm);
+    if (! init)
+      throw new IllegalStateException("not initialized");
+    byte[] buf = new byte[currentKeySize];
+    random.nextBytes(buf);
+    return new SecretKeySpec(buf, algorithm);
   }
 
-  protected void engineInit (AlgorithmParameterSpec params, SecureRandom random)
-    throws InvalidAlgorithmParameterException
+  protected void engineInit(AlgorithmParameterSpec params, SecureRandom random)
+      throws InvalidAlgorithmParameterException
   {
-    throw new InvalidAlgorithmParameterException (algorithm +
-      " does not support algorithm paramaters");
+    throw new InvalidAlgorithmParameterException(
+        algorithm + " does not support algorithm paramaters");
   }
 
-  protected void engineInit (int keySize, SecureRandom random)
+  protected void engineInit(int keySize, SecureRandom random)
   {
     keySize >>>= 3; // Use bytes.
-    if (!keySizes.contains (new Integer (keySize)))
-      throw new InvalidParameterException ("unsupported key size: " + keySize);
+    if (! keySizes.contains(Integer.valueOf(keySize)))
+      throw new InvalidParameterException("unsupported key size: " + keySize);
     currentKeySize = keySize;
     this.random = random;
     init = true;
   }
 
-  protected void engineInit (SecureRandom random)
+  protected void engineInit(SecureRandom random)
   {
-    engineInit (defaultKeySize << 3, random);
+    engineInit(defaultKeySize << 3, random);
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/SerpentKeyGeneratorImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/SerpentKeyGeneratorImpl.java
index 766860a96b0..c5319051414 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/key/SerpentKeyGeneratorImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/key/SerpentKeyGeneratorImpl.java
@@ -35,18 +35,16 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version.  */
 
+
 package gnu.javax.crypto.jce.key;
 
 import gnu.java.security.Registry;
 
-public class SerpentKeyGeneratorImpl extends SecretKeyGeneratorImpl
+public class SerpentKeyGeneratorImpl
+    extends SecretKeyGeneratorImpl
 {
-
-  // Constructors.
-  // -------------------------------------------------------------------------
-
-  public SerpentKeyGeneratorImpl ()
+  public SerpentKeyGeneratorImpl()
   {
-    super (Registry.SERPENT_CIPHER);
+    super(Registry.SERPENT_CIPHER);
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/SerpentSecretKeyFactoryImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/SerpentSecretKeyFactoryImpl.java
index 6e80671fac7..5d5ac88dfe7 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/key/SerpentSecretKeyFactoryImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/key/SerpentSecretKeyFactoryImpl.java
@@ -35,16 +35,11 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version.  */
 
-package gnu.javax.crypto.jce.key;
-
-import java.security.InvalidKeyException;
-import java.security.spec.InvalidKeySpecException;
 
-import javax.crypto.SecretKey;
-import javax.crypto.SecretKeyFactorySpi;
-import javax.crypto.spec.SecretKeySpec;
+package gnu.javax.crypto.jce.key;
 
-public class SerpentSecretKeyFactoryImpl extends SecretKeyFactoryImpl
+public class SerpentSecretKeyFactoryImpl
+    extends SecretKeyFactoryImpl
 {
   public SerpentSecretKeyFactoryImpl()
   {
diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/SquareKeyGeneratorImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/SquareKeyGeneratorImpl.java
index 4bfbeb66833..3d496e8a984 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/key/SquareKeyGeneratorImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/key/SquareKeyGeneratorImpl.java
@@ -35,18 +35,16 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version.  */
 
+
 package gnu.javax.crypto.jce.key;
 
 import gnu.java.security.Registry;
 
-public class SquareKeyGeneratorImpl extends SecretKeyGeneratorImpl
+public class SquareKeyGeneratorImpl
+    extends SecretKeyGeneratorImpl
 {
-
-  // Constructors.
-  // -------------------------------------------------------------------------
-
-  public SquareKeyGeneratorImpl ()
+  public SquareKeyGeneratorImpl()
   {
-    super (Registry.SQUARE_CIPHER);
+    super(Registry.SQUARE_CIPHER);
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/SquareSecretKeyFactoryImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/SquareSecretKeyFactoryImpl.java
index d1d5d551432..f35835912b8 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/key/SquareSecretKeyFactoryImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/key/SquareSecretKeyFactoryImpl.java
@@ -35,16 +35,11 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version.  */
 
-package gnu.javax.crypto.jce.key;
-
-import java.security.InvalidKeyException;
-import java.security.spec.InvalidKeySpecException;
 
-import javax.crypto.SecretKey;
-import javax.crypto.SecretKeyFactorySpi;
-import javax.crypto.spec.SecretKeySpec;
+package gnu.javax.crypto.jce.key;
 
-public class SquareSecretKeyFactoryImpl extends SecretKeyFactoryImpl
+public class SquareSecretKeyFactoryImpl
+    extends SecretKeyFactoryImpl
 {
   public SquareSecretKeyFactoryImpl()
   {
diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/TripleDESKeyGeneratorImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/TripleDESKeyGeneratorImpl.java
index eb423fcd19c..6fd557ccbcf 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/key/TripleDESKeyGeneratorImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/key/TripleDESKeyGeneratorImpl.java
@@ -35,18 +35,16 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version.  */
 
+
 package gnu.javax.crypto.jce.key;
 
 import gnu.java.security.Registry;
 
-public class TripleDESKeyGeneratorImpl extends SecretKeyGeneratorImpl
+public class TripleDESKeyGeneratorImpl
+    extends SecretKeyGeneratorImpl
 {
-
-  // Constructors.
-  // -------------------------------------------------------------------------
-
-  public TripleDESKeyGeneratorImpl ()
+  public TripleDESKeyGeneratorImpl()
   {
-    super (Registry.TRIPLEDES_CIPHER);
+    super(Registry.TRIPLEDES_CIPHER);
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/TwofishKeyGeneratorImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/TwofishKeyGeneratorImpl.java
index ae7e22feec3..9dd5a8f30e6 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/key/TwofishKeyGeneratorImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/key/TwofishKeyGeneratorImpl.java
@@ -35,18 +35,16 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version.  */
 
+
 package gnu.javax.crypto.jce.key;
 
 import gnu.java.security.Registry;
 
-public class TwofishKeyGeneratorImpl extends SecretKeyGeneratorImpl
+public class TwofishKeyGeneratorImpl
+    extends SecretKeyGeneratorImpl
 {
-
-  // Constructors.
-  // -------------------------------------------------------------------------
-
-  public TwofishKeyGeneratorImpl ()
+  public TwofishKeyGeneratorImpl()
   {
-    super (Registry.TWOFISH_CIPHER);
+    super(Registry.TWOFISH_CIPHER);
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/TwofishSecretKeyFactoryImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/TwofishSecretKeyFactoryImpl.java
index e6ca80b6363..0767d4cacdc 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/key/TwofishSecretKeyFactoryImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/key/TwofishSecretKeyFactoryImpl.java
@@ -35,16 +35,11 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version.  */
 
-package gnu.javax.crypto.jce.key;
-
-import java.security.InvalidKeyException;
-import java.security.spec.InvalidKeySpecException;
 
-import javax.crypto.SecretKey;
-import javax.crypto.SecretKeyFactorySpi;
-import javax.crypto.spec.SecretKeySpec;
+package gnu.javax.crypto.jce.key;
 
-public class TwofishSecretKeyFactoryImpl extends SecretKeyFactoryImpl
+public class TwofishSecretKeyFactoryImpl
+    extends SecretKeyFactoryImpl
 {
   public TwofishSecretKeyFactoryImpl()
   {
diff --git a/libjava/classpath/gnu/javax/crypto/jce/keyring/GnuKeyring.java b/libjava/classpath/gnu/javax/crypto/jce/keyring/GnuKeyring.java
index d2501f89374..4fcf2fde78b 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/keyring/GnuKeyring.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/keyring/GnuKeyring.java
@@ -38,6 +38,7 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.jce.keyring;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.Registry;
 import gnu.javax.crypto.keyring.GnuPrivateKeyring;
 import gnu.javax.crypto.keyring.GnuPublicKeyring;
@@ -90,79 +91,100 @@ public class GnuKeyring
 
   public Enumeration engineAliases()
   {
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "engineAliases");
     ensureLoaded();
     Enumeration result;
     if (privateKR == null)
       result = Collections.enumeration(Collections.EMPTY_SET);
-      else
-        {
-          Set aliases = new HashSet();
-          for (Enumeration e = privateKR.aliases(); e.hasMoreElements();)
-            {
-              String alias = (String) e.nextElement();
-              if (alias != null)
-                aliases.add(alias);
-            }
-
-          for (Enumeration e = publicKR.aliases(); e.hasMoreElements();)
-            {
-              String alias = (String) e.nextElement();
-              if (alias != null)
-                aliases.add(alias);
-            }
-
-          result = Collections.enumeration(aliases);
-        }
-
+    else
+      {
+        Set aliases = new HashSet();
+        for (Enumeration e = privateKR.aliases(); e.hasMoreElements();)
+          {
+            String alias = (String) e.nextElement();
+            if (alias != null)
+              {
+                alias = alias.trim();
+                if (alias.length() > 0)
+                  {
+                    if (Configuration.DEBUG)
+                      log.fine("Adding alias (from private keyring): " + alias);
+                    aliases.add(alias);
+                  }
+              }
+          }
+        for (Enumeration e = publicKR.aliases(); e.hasMoreElements();)
+          {
+            String alias = (String) e.nextElement();
+            if (alias != null)
+              {
+                alias = alias.trim();
+                if (alias.length() > 0)
+                  {
+                    if (Configuration.DEBUG)
+                      log.fine("Adding alias (from public keyring): " + alias);
+                    aliases.add(alias);
+                  }
+              }
+          }
+        if (Configuration.DEBUG)
+          log.fine("Will enumerate: " + aliases);
+        result = Collections.enumeration(aliases);
+      }
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "engineAliases");
     return result;
   }
 
   public boolean engineContainsAlias(String alias)
   {
-    log.entering(this.getClass().getName(), "engineContainsAlias", alias);
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "engineContainsAlias", alias);
     ensureLoaded();
     boolean inPrivateKR = privateKR.containsAlias(alias);
-    log.finest("inPrivateKR=" + inPrivateKR);
+    if (Configuration.DEBUG)
+      log.fine("inPrivateKR=" + inPrivateKR);
     boolean inPublicKR = publicKR.containsAlias(alias);
-    log.finest("inPublicKR=" + inPublicKR);
+    if (Configuration.DEBUG)
+      log.fine("inPublicKR=" + inPublicKR);
     boolean result = inPrivateKR || inPublicKR;
-
-    log.exiting(this.getClass().getName(), "engineContainsAlias",
-                Boolean.valueOf(result));
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "engineContainsAlias",
+                  Boolean.valueOf(result));
     return result;
   }
 
   public void engineDeleteEntry(String alias)
   {
-    log.entering(this.getClass().getName(), "engineDeleteEntry", alias);
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "engineDeleteEntry", alias);
     ensureLoaded();
     if (privateKR.containsAlias(alias))
       privateKR.remove(alias);
     else if (publicKR.containsAlias(alias))
       publicKR.remove(alias);
-    else
-      log.finer("Unknwon alias: " + alias);
-
-    log.exiting(this.getClass().getName(), "engineDeleteEntry");
+    else if (Configuration.DEBUG)
+      log.fine("Unknwon alias: " + alias);
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "engineDeleteEntry");
   }
 
   public Certificate engineGetCertificate(String alias)
   {
-    log.entering(this.getClass().getName(), "engineGetCertificate", alias);
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "engineGetCertificate", alias);
     ensureLoaded();
     Certificate result = publicKR.getCertificate(alias);
-
-    log.exiting(this.getClass().getName(), "engineGetCertificate", result);
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "engineGetCertificate", result);
     return result;
   }
 
   public String engineGetCertificateAlias(Certificate cert)
   {
-    log.entering(this.getClass().getName(), "engineGetCertificateAlias", cert);
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "engineGetCertificateAlias", cert);
     ensureLoaded();
     String result = null;
     for (Enumeration aliases = publicKR.aliases(); aliases.hasMoreElements();)
@@ -175,52 +197,64 @@ public class GnuKeyring
             break;
           }
       }
-
-    log.exiting(this.getClass().getName(), "engineGetCertificateAlias", result);
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "engineGetCertificateAlias", result);
     return result;
   }
 
   public void engineSetCertificateEntry(String alias, Certificate cert)
+      throws KeyStoreException
   {
-    log.entering(this.getClass().getName(), "engineSetCertificateEntry",
-                 new Object[] { alias, cert });
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "engineSetCertificateEntry",
+                   new Object[] { alias, cert });
     ensureLoaded();
+    if (privateKR.containsAlias(alias))
+      throw new KeyStoreException("Alias [" + alias
+                                  + "] already exists and DOES NOT identify a "
+                                  + "Trusted Certificate Entry");
+    if (publicKR.containsCertificate(alias))
+      {
+        if (Configuration.DEBUG)
+          log.fine("Public keyring already contains Alias [" + alias
+                   + "]. Will remove it");
+        publicKR.remove(alias);
+      }
     publicKR.putCertificate(alias, cert);
-
-    log.exiting(this.getClass().getName(), "engineSetCertificateEntry");
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "engineSetCertificateEntry");
   }
 
   public Certificate[] engineGetCertificateChain(String alias)
   {
-    log.entering(this.getClass().getName(), "engineGetCertificateChain", alias);
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "engineGetCertificateChain", alias);
     ensureLoaded();
     Certificate[] result = privateKR.getCertPath(alias);
-
-    log.exiting(this.getClass().getName(), "engineGetCertificateChain", result);
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "engineGetCertificateChain", result);
     return result;
   }
 
   public Date engineGetCreationDate(String alias)
   {
-    log.entering(this.getClass().getName(), "engineGetCreationDate", alias);
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "engineGetCreationDate", alias);
     ensureLoaded();
     Date result = getCreationDate(alias, privateKR);
     if (result == null)
       result = getCreationDate(alias, publicKR);
 
-    log.exiting(this.getClass().getName(), "engineGetCreationDate", result);
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "engineGetCreationDate", result);
     return result;
   }
 
   public Key engineGetKey(String alias, char[] password)
       throws UnrecoverableKeyException
   {
-    log.entering(this.getClass().getName(), "engineGetKey",
-                 String.valueOf(password));
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "engineGetKey", alias);
     ensureLoaded();
     Key result = null;
     if (password == null)
@@ -231,7 +265,9 @@ public class GnuKeyring
     else if (privateKR.containsPrivateKey(alias))
       result = privateKR.getPrivateKey(alias, password); 
 
-    log.exiting(this.getClass().getName(), "engineGetKey", result);
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "engineGetKey",
+                  result == null ? "null" : result.getClass().getName());
     return result;
   }
 
@@ -239,60 +275,73 @@ public class GnuKeyring
                                 Certificate[] chain)
       throws KeyStoreException
   {
-    log.entering(this.getClass().getName(), "engineSetKeyEntry",
-                 new Object[] { alias, key, password, chain });
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "engineSetKeyEntry",
+                   new Object[] { alias, key.getClass().getName(), chain });
     ensureLoaded();
+    if (publicKR.containsAlias(alias))
+      throw new KeyStoreException("Alias [" + alias
+                                  + "] already exists and DOES NOT identify a "
+                                  + "Key Entry");
     if (key instanceof PublicKey)
-      privateKR.putPublicKey(alias, (PublicKey) key);
+      {
+        privateKR.remove(alias);
+        PublicKey pk = (PublicKey) key;
+        privateKR.putPublicKey(alias, pk);
+      }
     else
       {
         if (! (key instanceof PrivateKey) && ! (key instanceof SecretKey))
           throw new KeyStoreException("cannot store keys of type "
                                       + key.getClass().getName());
+        privateKR.remove(alias);
         privateKR.putCertPath(alias, chain);
-        log.finest("About to put private key in keyring...");
+        if (Configuration.DEBUG)
+          log.fine("About to put private key in keyring...");
         privateKR.putPrivateKey(alias, key, password);
       }
-
-    log.exiting(this.getClass().getName(), "engineSetKeyEntry");
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "engineSetKeyEntry");
   }
 
   public void engineSetKeyEntry(String alias, byte[] key, Certificate[] chain)
       throws KeyStoreException
   {
     KeyStoreException x = new KeyStoreException("method not supported");
-    log.throwing(this.getClass().getName(), "engineSetKeyEntry(3)", x);
+    if (Configuration.DEBUG)
+      log.throwing(this.getClass().getName(), "engineSetKeyEntry(3)", x);
     throw x;
   }
 
   public boolean engineIsCertificateEntry(String alias)
   {
-    log.entering(this.getClass().getName(), "engineIsCertificateEntry", alias);
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "engineIsCertificateEntry", alias);
     ensureLoaded();
     boolean result = publicKR.containsCertificate(alias);
-
-    log.exiting(this.getClass().getName(), "engineIsCertificateEntry",
-                Boolean.valueOf(result));
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "engineIsCertificateEntry",
+                  Boolean.valueOf(result));
     return result;
   }
 
   public boolean engineIsKeyEntry(String alias)
   {
-    log.entering(this.getClass().getName(), "engineIsKeyEntry", alias);
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "engineIsKeyEntry", alias);
     ensureLoaded();
     boolean result = privateKR.containsPublicKey(alias)
                   || privateKR.containsPrivateKey(alias);
-
-    log.exiting(this.getClass().getName(), "engineIsKeyEntry",
-                Boolean.valueOf(result));
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "engineIsKeyEntry",
+                  Boolean.valueOf(result));
     return result;
   }
 
   public void engineLoad(InputStream in, char[] password) throws IOException
   {
-    log.entering(this.getClass().getName(), "engineLoad", String.valueOf(password));
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "engineLoad");
     if (in != null)
       {
         if (! in.markSupported())
@@ -305,14 +354,14 @@ public class GnuKeyring
       createNewKeyrings();
 
     loaded = true;
-
-    log.exiting(this.getClass().getName(), "engineLoad");
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "engineLoad");
   }
 
   public void engineStore(OutputStream out, char[] password) throws IOException
   {
-    log.entering(this.getClass().getName(), "engineStore", String.valueOf(password));
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "engineStore");
     ensureLoaded();
     HashMap attr = new HashMap();
     attr.put(IKeyring.KEYRING_DATA_OUT, out);
@@ -320,14 +369,21 @@ public class GnuKeyring
 
     privateKR.store(attr);
     publicKR.store(attr);
-
-    log.exiting(this.getClass().getName(), "engineStore");
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "engineStore");
   }
 
   public int engineSize()
   {
-    ensureLoaded();
-    return privateKR.size() + publicKR.size();
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "engineSize");
+    int result = 0;
+    for (Enumeration e = engineAliases(); e.hasMoreElements(); result++)
+      e.nextElement();
+
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "engineSize", Integer.valueOf(result));
+    return result;
   }
 
   /**
@@ -353,8 +409,8 @@ public class GnuKeyring
   private void loadPrivateKeyring(InputStream in, char[] password)
       throws MalformedKeyringException, IOException
   {
-    log.entering(this.getClass().getName(), "loadPrivateKeyring");
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "loadPrivateKeyring");
     in.mark(5);
     for (int i = 0; i < 4; i++)
       if (in.read() != Registry.GKR_MAGIC[i])
@@ -363,15 +419,16 @@ public class GnuKeyring
     int usage = in.read();
     in.reset();
     if (usage != GnuPrivateKeyring.USAGE)
-      throw new MalformedKeyringException("Was expecting a private keyring but got a wrong USAGE: "
-                                          + Integer.toBinaryString(usage));
+      throw new MalformedKeyringException(
+          "Was expecting a private keyring but got a wrong USAGE: "
+          + Integer.toBinaryString(usage));
     HashMap attr = new HashMap();
     attr.put(IKeyring.KEYRING_DATA_IN, in);
     attr.put(IKeyring.KEYRING_PASSWORD, password);
     privateKR = new GnuPrivateKeyring();
     privateKR.load(attr);
-
-    log.exiting(this.getClass().getName(), "loadPrivateKeyring");
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "loadPrivateKeyring");
   }
 
   /**
@@ -385,8 +442,8 @@ public class GnuKeyring
   private void loadPublicKeyring(InputStream in, char[] password)
       throws MalformedKeyringException, IOException
   {
-    log.entering(this.getClass().getName(), "loadPublicKeyring");
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "loadPublicKeyring");
     in.mark(5);
     for (int i = 0; i < 4; i++)
       if (in.read() != Registry.GKR_MAGIC[i])
@@ -395,15 +452,16 @@ public class GnuKeyring
     int usage = in.read();
     in.reset();
     if (usage != GnuPublicKeyring.USAGE)
-      throw new MalformedKeyringException("Was expecting a public keyring but got a wrong USAGE: "
-                                          + Integer.toBinaryString(usage));
+      throw new MalformedKeyringException(
+          "Was expecting a public keyring but got a wrong USAGE: "
+          + Integer.toBinaryString(usage));
     HashMap attr = new HashMap();
     attr.put(IKeyring.KEYRING_DATA_IN, in);
     attr.put(IKeyring.KEYRING_PASSWORD, password);
     publicKR = new GnuPublicKeyring();
     publicKR.load(attr);
-
-    log.exiting(this.getClass().getName(), "loadPublicKeyring");
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "loadPublicKeyring");
   }
 
   /**
@@ -417,9 +475,9 @@ public class GnuKeyring
    */
   private Date getCreationDate(String alias, IKeyring keyring)
   {
-    log.entering(this.getClass().getName(), "getCreationDate",
-                 new Object[] { alias, keyring });
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "getCreationDate",
+                   new Object[] { alias, keyring });
     Date result = null;
     if (keyring != null)
       for (Iterator it = keyring.get(alias).iterator(); it.hasNext();)
@@ -431,19 +489,19 @@ public class GnuKeyring
               break;
             }
         }
-
-    log.exiting(this.getClass().getName(), "getCreationDate", result);
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "getCreationDate", result);
     return result;
   }
 
   /** Create empty keyrings. */
   private void createNewKeyrings()
   {
-    log.entering(this.getClass().getName(), "createNewKeyrings");
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "createNewKeyrings");
     privateKR = new GnuPrivateKeyring("HMAC-SHA-1", 20, "AES", "OFB", 16);
     publicKR = new GnuPublicKeyring("HMAC-SHA-1", 20);
-
-    log.exiting(this.getClass().getName(), "createNewKeyrings");
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "createNewKeyrings");
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacHavalSpi.java b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacHavalSpi.java
index df1319cbfdb..2967ee900ce 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacHavalSpi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacHavalSpi.java
@@ -37,31 +37,18 @@ exception statement from your version.  */
 
 
 package gnu.javax.crypto.jce.mac;
+
 import gnu.java.security.Registry;
 
 /**
  * The implementation of the HMAC-HAVAL <i>Service Provider Interface</i>
  * (<b>SPI</b>) Adapter.
- *
- * @version Revision: $
  */
-public class HMacHavalSpi extends MacAdapter
+public class HMacHavalSpi
+    extends MacAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public HMacHavalSpi()
   {
     super(Registry.HMAC_NAME_PREFIX + Registry.HAVAL_HASH);
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacMD2Spi.java b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacMD2Spi.java
index dd489639f29..dd648586657 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacMD2Spi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacMD2Spi.java
@@ -44,12 +44,9 @@ import gnu.java.security.Registry;
  * The implementation of the HMAC-MD2 <i>Service Provider Interface</i>
  * (<b>SPI</b>) adapter.
  */
-public final class HMacMD2Spi extends MacAdapter
+public final class HMacMD2Spi
+    extends MacAdapter
 {
-
-  // Constructors.
-  // -----------------------------------------------------------------------
-
   public HMacMD2Spi()
   {
     super(Registry.HMAC_NAME_PREFIX + Registry.MD2_HASH);
diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacMD4Spi.java b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacMD4Spi.java
index 6fadf02621b..939851ff537 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacMD4Spi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacMD4Spi.java
@@ -44,12 +44,9 @@ import gnu.java.security.Registry;
  * The implementation of the HMAC-MD4 <i>Service Provider Interface</i>
  * (<b>SPI</b>) adapter.
  */
-public final class HMacMD4Spi extends MacAdapter
+public final class HMacMD4Spi
+    extends MacAdapter
 {
-
-  // Constructors.
-  // -----------------------------------------------------------------------
-
   public HMacMD4Spi()
   {
     super(Registry.HMAC_NAME_PREFIX + Registry.MD4_HASH);
diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacMD5Spi.java b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacMD5Spi.java
index 2ef43974f82..e89fbfdbac9 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacMD5Spi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacMD5Spi.java
@@ -44,12 +44,9 @@ import gnu.java.security.Registry;
  * The implementation of the HMAC-MD5 <i>Service Provider Interface</i>
  * (<b>SPI</b>) adapter.
  */
-public final class HMacMD5Spi extends MacAdapter
+public final class HMacMD5Spi
+    extends MacAdapter
 {
-
-  // Constructors.
-  // -----------------------------------------------------------------------
-
   public HMacMD5Spi()
   {
     super(Registry.HMAC_NAME_PREFIX + Registry.MD5_HASH);
diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacRipeMD128Spi.java b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacRipeMD128Spi.java
index ad7a2340eed..834ec849a71 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacRipeMD128Spi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacRipeMD128Spi.java
@@ -44,12 +44,9 @@ import gnu.java.security.Registry;
  * The implementation of the HMAC-RIPEMD-128 <i>Service Provider Interface</i>
  * (<b>SPI</b>) adapter.
  */
-public final class HMacRipeMD128Spi extends MacAdapter
+public final class HMacRipeMD128Spi
+    extends MacAdapter
 {
-
-  // Constructors.
-  // -----------------------------------------------------------------------
-
   public HMacRipeMD128Spi()
   {
     super(Registry.HMAC_NAME_PREFIX + Registry.RIPEMD128_HASH);
diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacRipeMD160Spi.java b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacRipeMD160Spi.java
index c14e3b3bf24..b973ea18678 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacRipeMD160Spi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacRipeMD160Spi.java
@@ -44,12 +44,9 @@ import gnu.java.security.Registry;
  * The implementation of the HMAC-RIPEMD-160 <i>Service Provider Interface</i>
  * (<b>SPI</b>) adapter.
  */
-public final class HMacRipeMD160Spi extends MacAdapter
+public final class HMacRipeMD160Spi
+    extends MacAdapter
 {
-
-  // Constructors.
-  // -----------------------------------------------------------------------
-
   public HMacRipeMD160Spi()
   {
     super(Registry.HMAC_NAME_PREFIX + Registry.RIPEMD160_HASH);
diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacSHA160Spi.java b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacSHA160Spi.java
index f102c9ebcde..524aa823386 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacSHA160Spi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacSHA160Spi.java
@@ -44,12 +44,9 @@ import gnu.java.security.Registry;
  * The implementation of the HMAC-SHA-160 <i>Service Provider Interface</i>
  * (<b>SPI</b>) adapter.
  */
-public final class HMacSHA160Spi extends MacAdapter
+public final class HMacSHA160Spi
+    extends MacAdapter
 {
-
-  // Constructors.
-  // -----------------------------------------------------------------------
-
   public HMacSHA160Spi()
   {
     super(Registry.HMAC_NAME_PREFIX + Registry.SHA160_HASH);
diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacSHA256Spi.java b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacSHA256Spi.java
index cadad1cf5fa..4b0493bc63b 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacSHA256Spi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacSHA256Spi.java
@@ -37,29 +37,18 @@ exception statement from your version.  */
 
 
 package gnu.javax.crypto.jce.mac;
+
 import gnu.java.security.Registry;
 
 /**
- * <p>The implementation of the HMAC-SHA-256 <i>Service Provider Interface</i>
- * (<b>SPI</b>) adapter.</p>
+ * The implementation of the HMAC-SHA-256 <i>Service Provider Interface</i>
+ * (<b>SPI</b>) adapter.
  */
-public final class HMacSHA256Spi extends MacAdapter
+public final class HMacSHA256Spi
+    extends MacAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -----------------------------------------------------------------------
-
   public HMacSHA256Spi()
   {
     super(Registry.HMAC_NAME_PREFIX + Registry.SHA256_HASH);
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacSHA384Spi.java b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacSHA384Spi.java
index 69ef38e50f6..92a5c9d2c69 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacSHA384Spi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacSHA384Spi.java
@@ -37,29 +37,18 @@ exception statement from your version.  */
 
 
 package gnu.javax.crypto.jce.mac;
+
 import gnu.java.security.Registry;
 
 /**
- * <p>The implementation of the HMAC-SHA-384 <i>Service Provider Interface</i>
- * (<b>SPI</b>) adapter.</p>
+ * The implementation of the HMAC-SHA-384 <i>Service Provider Interface</i>
+ * (<b>SPI</b>) adapter.
  */
-public class HMacSHA384Spi extends MacAdapter
+public class HMacSHA384Spi
+    extends MacAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -----------------------------------------------------------------------
-
   public HMacSHA384Spi()
   {
     super(Registry.HMAC_NAME_PREFIX + Registry.SHA384_HASH);
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacSHA512Spi.java b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacSHA512Spi.java
index abceb4a92c9..f1ecd02e5a7 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacSHA512Spi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacSHA512Spi.java
@@ -37,29 +37,18 @@ exception statement from your version.  */
 
 
 package gnu.javax.crypto.jce.mac;
+
 import gnu.java.security.Registry;
 
 /**
- * <p>The implementation of the HMAC-SHA-512 <i>Service Provider Interface</i>
- * (<b>SPI</b>) adapter.</p>
+ * The implementation of the HMAC-SHA-512 <i>Service Provider Interface</i>
+ * (<b>SPI</b>) adapter.
  */
-public class HMacSHA512Spi extends MacAdapter
+public class HMacSHA512Spi
+    extends MacAdapter
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -----------------------------------------------------------------------
-
   public HMacSHA512Spi()
   {
     super(Registry.HMAC_NAME_PREFIX + Registry.SHA512_HASH);
   }
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacTigerSpi.java b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacTigerSpi.java
index 511993ea413..2d417ef4c58 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacTigerSpi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacTigerSpi.java
@@ -44,12 +44,9 @@ import gnu.java.security.Registry;
  * The implementation of the Tiger <i>Service Provider Interface</i>
  * (<b>SPI</b>) adapter.
  */
-public final class HMacTigerSpi extends MacAdapter
+public final class HMacTigerSpi
+    extends MacAdapter
 {
-
-  // Constructors.
-  // -----------------------------------------------------------------------
-
   public HMacTigerSpi()
   {
     super(Registry.HMAC_NAME_PREFIX + Registry.TIGER_HASH);
diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacWhirlpoolSpi.java b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacWhirlpoolSpi.java
index 706e0cd5a6b..1b936d71a2e 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacWhirlpoolSpi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacWhirlpoolSpi.java
@@ -44,12 +44,9 @@ import gnu.java.security.Registry;
  * The implementation of the HMAC-Whirlpool <i>Service Provider Interface</i>
  * (<b>SPI</b>) adapter.
  */
-public final class HMacWhirlpoolSpi extends MacAdapter
+public final class HMacWhirlpoolSpi
+    extends MacAdapter
 {
-
-  // Constructors.
-  // -----------------------------------------------------------------------
-
   public HMacWhirlpoolSpi()
   {
     super(Registry.HMAC_NAME_PREFIX + Registry.WHIRLPOOL_HASH);
diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/MacAdapter.java b/libjava/classpath/gnu/javax/crypto/jce/mac/MacAdapter.java
index dc019ca20f4..d8c800ac728 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/mac/MacAdapter.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/mac/MacAdapter.java
@@ -50,32 +50,26 @@ import java.util.Map;
 import javax.crypto.MacSpi;
 
 /**
- * <p>The implementation of a generic {@link javax.crypto.Mac} adapter class
- * to wrap GNU Crypto MAC instances.</p>
- *
- * <p>This class defines the <i>Service Provider Interface</i> (<b>SPI</b>) for
+ * The implementation of a generic {@link javax.crypto.Mac} adapter class to
+ * wrap GNU MAC instances.
+ * <p>
+ * This class defines the <i>Service Provider Interface</i> (<b>SPI</b>) for
  * the {@link javax.crypto.Mac} class, which provides the functionality of a
  * message authentication code algorithm, such as the <i>Hashed Message
- * Authentication Code</i> (<b>HMAC</b>) algorithms.</p>
+ * Authentication Code</i> (<b>HMAC</b>) algorithms.
  */
-class MacAdapter extends MacSpi implements Cloneable
+class MacAdapter
+    extends MacSpi
+    implements Cloneable
 {
-
-  // Constants and variables
-  // -----------------------------------------------------------------------
-
   /** Our MAC instance. */
   protected IMac mac;
-
   /** Our MAC attributes. */
   protected Map attributes;
 
-  // Constructor(s)
-  // -----------------------------------------------------------------------
-
   /**
-   * <p>Creates a new Mac instance for the given name.</p>
-   *
+   * Creates a new Mac instance for the given name.
+   * 
    * @param name The name of the mac to create.
    */
   protected MacAdapter(String name)
@@ -88,7 +82,7 @@ class MacAdapter extends MacSpi implements Cloneable
    * Private constructor for cloning purposes.
    * 
    * @param mac a clone of the internal {@link IMac} instance.
-   * @param attributes a clone of the current {@link Map} of attributes. 
+   * @param attributes a clone of the current {@link Map} of attributes.
    */
   private MacAdapter(IMac mac, Map attributes)
   {
@@ -98,21 +92,11 @@ class MacAdapter extends MacSpi implements Cloneable
     this.attributes = attributes;
   }
 
-  // Class methods
-  // -----------------------------------------------------------------------
-
-  // Instance methods
-  // -----------------------------------------------------------------------
-
-  // Cloneable interface implementation ------------------------------------
-
   public Object clone() throws CloneNotSupportedException
   {
     return new MacAdapter((IMac) mac.clone(), new HashMap(attributes));
   }
 
-  // Instance methods implementing javax.crypto.MacSpi ---------------------
-
   protected byte[] engineDoFinal()
   {
     byte[] result = mac.digest();
@@ -128,10 +112,8 @@ class MacAdapter extends MacSpi implements Cloneable
   protected void engineInit(Key key, AlgorithmParameterSpec params)
       throws InvalidKeyException, InvalidAlgorithmParameterException
   {
-    if (!key.getFormat().equalsIgnoreCase("RAW"))
-      {
-        throw new InvalidKeyException("unknown key format " + key.getFormat());
-      }
+    if (! key.getFormat().equalsIgnoreCase("RAW"))
+      throw new InvalidKeyException("unknown key format " + key.getFormat());
     attributes.put(IMac.MAC_KEY_MATERIAL, key.getEncoded());
     mac.reset();
     mac.init(attributes);
diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacAnubisImpl.java b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacAnubisImpl.java
index 4bfda4fd6cc..566e56fd1d1 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacAnubisImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacAnubisImpl.java
@@ -40,14 +40,11 @@ package gnu.javax.crypto.jce.mac;
 
 import gnu.java.security.Registry;
 
-public class OMacAnubisImpl extends MacAdapter
+public class OMacAnubisImpl
+    extends MacAdapter
 {
-
-  // Constructor.
-  // -------------------------------------------------------------------------
-
   public OMacAnubisImpl()
   {
     super(Registry.OMAC_PREFIX + Registry.ANUBIS_CIPHER);
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacBlowfishImpl.java b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacBlowfishImpl.java
index 8d168e57be5..55768166f8a 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacBlowfishImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacBlowfishImpl.java
@@ -40,14 +40,11 @@ package gnu.javax.crypto.jce.mac;
 
 import gnu.java.security.Registry;
 
-public class OMacBlowfishImpl extends MacAdapter
+public class OMacBlowfishImpl
+    extends MacAdapter
 {
-
-  // Constructor.
-  // -------------------------------------------------------------------------
-
   public OMacBlowfishImpl()
   {
     super(Registry.OMAC_PREFIX + Registry.BLOWFISH_CIPHER);
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacCast5Impl.java b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacCast5Impl.java
index 3385d116bc4..535352c3908 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacCast5Impl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacCast5Impl.java
@@ -40,14 +40,11 @@ package gnu.javax.crypto.jce.mac;
 
 import gnu.java.security.Registry;
 
-public class OMacCast5Impl extends MacAdapter
+public class OMacCast5Impl
+    extends MacAdapter
 {
-
-  // Constructor.
-  // -------------------------------------------------------------------------
-
   public OMacCast5Impl()
   {
     super(Registry.OMAC_PREFIX + Registry.CAST5_CIPHER);
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacDESImpl.java b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacDESImpl.java
index 3fb23bdefde..a01c0ac872a 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacDESImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacDESImpl.java
@@ -40,14 +40,11 @@ package gnu.javax.crypto.jce.mac;
 
 import gnu.java.security.Registry;
 
-public class OMacDESImpl extends MacAdapter
+public class OMacDESImpl
+    extends MacAdapter
 {
-
-  // Constructor.
-  // -------------------------------------------------------------------------
-
   public OMacDESImpl()
   {
     super(Registry.OMAC_PREFIX + Registry.DES_CIPHER);
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacImpl.java b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacImpl.java
index f91902ae543..960c68aaf07 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacImpl.java
@@ -39,23 +39,17 @@ exception statement from your version.  */
 package gnu.javax.crypto.jce.mac;
 
 import gnu.java.security.Registry;
-import javax.crypto.MacSpi;
 
-public abstract class OMacImpl extends MacAdapter
+public abstract class OMacImpl
+    extends MacAdapter
 {
-
-  // Constructor.
-  // -------------------------------------------------------------------------
-
   protected OMacImpl(String name)
   {
     super(Registry.OMAC_PREFIX + name);
   }
 
-  // Inner classes.
-  // -------------------------------------------------------------------------
-
-  public class Anubis extends OMacImpl
+  public class Anubis
+      extends OMacImpl
   {
     public Anubis()
     {
@@ -63,7 +57,8 @@ public abstract class OMacImpl extends MacAdapter
     }
   }
 
-  public class Blowfish extends OMacImpl
+  public class Blowfish
+      extends OMacImpl
   {
     public Blowfish()
     {
@@ -71,7 +66,8 @@ public abstract class OMacImpl extends MacAdapter
     }
   }
 
-  public class Cast5 extends OMacImpl
+  public class Cast5
+      extends OMacImpl
   {
     public Cast5()
     {
@@ -79,7 +75,8 @@ public abstract class OMacImpl extends MacAdapter
     }
   }
 
-  public class DES extends OMacImpl
+  public class DES
+      extends OMacImpl
   {
     public DES()
     {
@@ -87,7 +84,8 @@ public abstract class OMacImpl extends MacAdapter
     }
   }
 
-  public class Khazad extends OMacImpl
+  public class Khazad
+      extends OMacImpl
   {
     public Khazad()
     {
@@ -95,7 +93,8 @@ public abstract class OMacImpl extends MacAdapter
     }
   }
 
-  public class Rijndael extends OMacImpl
+  public class Rijndael
+      extends OMacImpl
   {
     public Rijndael()
     {
@@ -103,7 +102,8 @@ public abstract class OMacImpl extends MacAdapter
     }
   }
 
-  public class Serpent extends OMacImpl
+  public class Serpent
+      extends OMacImpl
   {
     public Serpent()
     {
@@ -111,7 +111,8 @@ public abstract class OMacImpl extends MacAdapter
     }
   }
 
-  public class Square extends OMacImpl
+  public class Square
+      extends OMacImpl
   {
     public Square()
     {
@@ -119,7 +120,8 @@ public abstract class OMacImpl extends MacAdapter
     }
   }
 
-  public class TripleDES extends OMacImpl
+  public class TripleDES
+      extends OMacImpl
   {
     public TripleDES()
     {
@@ -127,11 +129,12 @@ public abstract class OMacImpl extends MacAdapter
     }
   }
 
-  public class Twofish extends OMacImpl
+  public class Twofish
+      extends OMacImpl
   {
     public Twofish()
     {
       super(Registry.TWOFISH_CIPHER);
     }
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacKhazadImpl.java b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacKhazadImpl.java
index 82c047c25a3..c349f9f5e0d 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacKhazadImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacKhazadImpl.java
@@ -40,14 +40,11 @@ package gnu.javax.crypto.jce.mac;
 
 import gnu.java.security.Registry;
 
-public class OMacKhazadImpl extends MacAdapter
+public class OMacKhazadImpl
+    extends MacAdapter
 {
-
-  // Constructor.
-  // -------------------------------------------------------------------------
-
   public OMacKhazadImpl()
   {
     super(Registry.OMAC_PREFIX + Registry.KHAZAD_CIPHER);
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacRijndaelImpl.java b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacRijndaelImpl.java
index 47d3f6aae70..d63b777a32a 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacRijndaelImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacRijndaelImpl.java
@@ -40,14 +40,11 @@ package gnu.javax.crypto.jce.mac;
 
 import gnu.java.security.Registry;
 
-public class OMacRijndaelImpl extends MacAdapter
+public class OMacRijndaelImpl
+    extends MacAdapter
 {
-
-  // Constructor.
-  // -------------------------------------------------------------------------
-
   public OMacRijndaelImpl()
   {
     super(Registry.OMAC_PREFIX + Registry.RIJNDAEL_CIPHER);
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacSerpentImpl.java b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacSerpentImpl.java
index bec2c1f5c74..5c1b8a9b99e 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacSerpentImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacSerpentImpl.java
@@ -40,14 +40,11 @@ package gnu.javax.crypto.jce.mac;
 
 import gnu.java.security.Registry;
 
-public class OMacSerpentImpl extends MacAdapter
+public class OMacSerpentImpl
+    extends MacAdapter
 {
-
-  // Constructor.
-  // -------------------------------------------------------------------------
-
   public OMacSerpentImpl()
   {
     super(Registry.OMAC_PREFIX + Registry.SERPENT_CIPHER);
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacSquareImpl.java b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacSquareImpl.java
index 0442b7caf25..c9d1b1aca07 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacSquareImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacSquareImpl.java
@@ -40,14 +40,11 @@ package gnu.javax.crypto.jce.mac;
 
 import gnu.java.security.Registry;
 
-public class OMacSquareImpl extends MacAdapter
+public class OMacSquareImpl
+    extends MacAdapter
 {
-
-  // Constructor.
-  // -------------------------------------------------------------------------
-
   public OMacSquareImpl()
   {
     super(Registry.OMAC_PREFIX + Registry.SQUARE_CIPHER);
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacTripleDESImpl.java b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacTripleDESImpl.java
index 0defdd1fd36..4f58723d3f7 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacTripleDESImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacTripleDESImpl.java
@@ -40,14 +40,11 @@ package gnu.javax.crypto.jce.mac;
 
 import gnu.java.security.Registry;
 
-public class OMacTripleDESImpl extends MacAdapter
+public class OMacTripleDESImpl
+    extends MacAdapter
 {
-
-  // Constructor.
-  // -------------------------------------------------------------------------
-
   public OMacTripleDESImpl()
   {
     super(Registry.OMAC_PREFIX + Registry.TRIPLEDES_CIPHER);
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacTwofishImpl.java b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacTwofishImpl.java
index a12f9f30e85..4c816a09658 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacTwofishImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacTwofishImpl.java
@@ -40,14 +40,11 @@ package gnu.javax.crypto.jce.mac;
 
 import gnu.java.security.Registry;
 
-public class OMacTwofishImpl extends MacAdapter
+public class OMacTwofishImpl
+    extends MacAdapter
 {
-
-  // Constructor.
-  // -------------------------------------------------------------------------
-
   public OMacTwofishImpl()
   {
     super(Registry.OMAC_PREFIX + Registry.TWOFISH_CIPHER);
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/TMMH16Spi.java b/libjava/classpath/gnu/javax/crypto/jce/mac/TMMH16Spi.java
index 1734e1e695b..8a40f6e7082 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/mac/TMMH16Spi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/mac/TMMH16Spi.java
@@ -51,27 +51,19 @@ import java.security.spec.AlgorithmParameterSpec;
  * The implementation of the TMMH16 <i>Service Provider Interface</i>
  * (<b>SPI</b>) adapter.
  */
-public final class TMMH16Spi extends MacAdapter
+public final class TMMH16Spi
+    extends MacAdapter
 {
-
-  // Constructors.
-  // -----------------------------------------------------------------------
-
   public TMMH16Spi()
   {
     super(Registry.TMMH16);
   }
 
-  // Instance methods overriding MacAdapter.
-  // -----------------------------------------------------------------------
-
   protected void engineInit(Key key, AlgorithmParameterSpec params)
       throws InvalidKeyException, InvalidAlgorithmParameterException
   {
-    if (!(params instanceof TMMHParameterSpec))
-      {
-        throw new InvalidAlgorithmParameterException();
-      }
+    if (! (params instanceof TMMHParameterSpec))
+      throw new InvalidAlgorithmParameterException();
     TMMHParameterSpec spec = (TMMHParameterSpec) params;
     attributes.put(TMMH16.TAG_LENGTH, spec.getTagLength());
     attributes.put(TMMH16.KEYSTREAM, spec.getKeystream());
diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/UHash32Spi.java b/libjava/classpath/gnu/javax/crypto/jce/mac/UHash32Spi.java
index af678c0fa8a..825edc1739c 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/mac/UHash32Spi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/mac/UHash32Spi.java
@@ -44,12 +44,9 @@ import gnu.java.security.Registry;
  * The implementation of the UHash-32 <i>Service Provider Interface</i>
  * (<b>SPI</b>) adapter.
  */
-public final class UHash32Spi extends MacAdapter
+public final class UHash32Spi
+    extends MacAdapter
 {
-
-  // Constructors.
-  // -----------------------------------------------------------------------
-
   public UHash32Spi()
   {
     super(Registry.UHASH32);
diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/UMac32Spi.java b/libjava/classpath/gnu/javax/crypto/jce/mac/UMac32Spi.java
index 4e90468b10c..fc05e532106 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/mac/UMac32Spi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/mac/UMac32Spi.java
@@ -51,32 +51,22 @@ import java.security.spec.AlgorithmParameterSpec;
  * The implementation of the UMAC-32 <i>Service Provider Interface</i>
  * (<b>SPI</b>) adapter.
  */
-public final class UMac32Spi extends MacAdapter
+public final class UMac32Spi
+    extends MacAdapter
 {
-
-  // Constructors.
-  // -----------------------------------------------------------------------
-
   public UMac32Spi()
   {
     super(Registry.UMAC32);
   }
 
-  // Instance methods overriding MacAdapter.
-  // -----------------------------------------------------------------------
-
   protected void engineInit(Key key, AlgorithmParameterSpec params)
       throws InvalidKeyException, InvalidAlgorithmParameterException
   {
-    if (!(params instanceof UMac32ParameterSpec))
-      {
-        throw new InvalidAlgorithmParameterException();
-      }
+    if (! (params instanceof UMac32ParameterSpec))
+      throw new InvalidAlgorithmParameterException();
     if (params != null)
-      {
-        attributes.put(UMac32.NONCE_MATERIAL,
-                       ((UMac32ParameterSpec) params).getNonce());
-      }
+      attributes.put(UMac32.NONCE_MATERIAL,
+                     ((UMac32ParameterSpec) params).getNonce());
     try
       {
         super.engineInit(key, null);
diff --git a/libjava/classpath/gnu/javax/crypto/jce/params/BlockCipherParameters.java b/libjava/classpath/gnu/javax/crypto/jce/params/BlockCipherParameters.java
index bae7cbf88f4..a85c962235e 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/params/BlockCipherParameters.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/params/BlockCipherParameters.java
@@ -38,6 +38,7 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.jce.params;
 
+import gnu.java.security.Configuration;
 import gnu.javax.crypto.jce.spec.BlockCipherParameterSpec;
 
 import java.io.IOException;
@@ -46,40 +47,34 @@ import java.math.BigInteger;
 import java.security.AlgorithmParametersSpi;
 import java.security.spec.AlgorithmParameterSpec;
 import java.security.spec.InvalidParameterSpecException;
+import java.util.logging.Logger;
+
+import javax.crypto.spec.IvParameterSpec;
 
 /**
- * An implementation of algorithm parameters for the GNU Crypto block
- * ciphers. This encompasses the cipher's block size, its key size, and
- * an optional initialization vector (IV).
+ * An implementation of algorithm parameters for the GNU block ciphers. This
+ * encompasses the cipher's block size, its key size, and an optional
+ * initialization vector (IV).
  */
-public class BlockCipherParameters extends AlgorithmParametersSpi
+public class BlockCipherParameters
+    extends AlgorithmParametersSpi
 {
-
-  // Constants and variables.
-  // -----------------------------------------------------------------------
-
-  /**
-   * The underlying block cipher specification.
-   */
+  private static final Logger log = Logger.getLogger(BlockCipherParameters.class.getName());
+  /** The underlying block cipher specification. */
   protected BlockCipherParameterSpec cipherSpec;
-
   private static final String DEFAULT_FORMAT = "ASN.1";
 
-  // Instance methods implementing AlgorithmParametersSpi.
-  // -----------------------------------------------------------------------
-
   /**
    * Return these parameters encoded in ASN.1 (DER).
-   *
-   * <p>For GNU Crypto block ciphers we will define these parameters as
-   *
-   * <blockquote>
-   * <pre>BlockCipherParameters ::= SEQUENCE {
-   *   blockSize            INTEGER,
-   *   keySize              INTEGER,
-   *   initializationVector OCTET STRING OPTIONAL }</pre>
-   * </blockquote>
-   *
+   * <p>
+   * For GNU block ciphers we will define these parameters as
+   * <pre>
+   * BlockCipherParameters ::= SEQUENCE {
+   *    blockSize            INTEGER,
+   *    keySize              INTEGER,
+   *    initializationVector OCTET STRING OPTIONAL }
+   * </pre>
+   * 
    * @return The parameters, encoded an an ASN.1 DER sequence.
    * @throws java.io.IOException If encoding these parameters fails.
    */
@@ -90,114 +85,59 @@ public class BlockCipherParameters extends AlgorithmParametersSpi
 
   protected byte[] engineGetEncoded(String format) throws IOException
   {
-    if (!format.equalsIgnoreCase(DEFAULT_FORMAT)
-        && !format.equalsIgnoreCase("asn1"))
-      {
-        throw new IOException("unknown format \"" + format + "\"");
-      }
-    // This is probably a bad idea.
-    /*
-     int len = 12 + ((cipherSpec.getIV() != null)
-     ? cipherSpec.getIV().length + 2 : 0);
-     ByteArrayOutputStream out = new ByteArrayOutputStream();
-     out.write(0x30);
-     out.write(len);
-     out.write(0x02);
-     out.write(4);
-     out.write(cipherSpec.getBlockSize() >>> 24 & 0xff);
-     out.write(cipherSpec.getBlockSize() >>> 16 & 0xff);
-     out.write(cipherSpec.getBlockSize() >>>  8 & 0xff);
-     out.write(cipherSpec.getBlockSize() & 0xff);
-     out.write(0x02);
-     out.write(4);
-     out.write(cipherSpec.getKeySize() >>> 24 & 0xff);
-     out.write(cipherSpec.getKeySize() >>> 16 & 0xff);
-     out.write(cipherSpec.getKeySize() >>>  8 & 0xff);
-     out.write(cipherSpec.getKeySize() & 0xff);
-     if (cipherSpec.getIV() != null) {
-     out.write(0x04);
-     len = cipherSpec.getIV().length;
-     out.write(len & 0xff);
-     out.write(cipherSpec.getIV());
-     }
-     out.write(0); out.write(0);
-     return out.toByteArray();*/
+    if (! format.equalsIgnoreCase(DEFAULT_FORMAT)
+        && ! format.equalsIgnoreCase("asn1"))
+      throw new IOException("unknown format \"" + format + "\"");
     DERWriter writer = new DERWriter();
+    int cipherBlockSize = cipherSpec.getBlockSize();
+    int cipherKeySize = cipherSpec.getKeySize();
+    byte[] iv = cipherSpec.getIV();
     return writer.joinarrays(
-                             writer.writeBigInteger(BigInteger.valueOf(cipherSpec.getBlockSize())),
-                             writer.writeBigInteger(BigInteger.valueOf(cipherSpec.getKeySize())),
-                             (cipherSpec.getIV() != null) ? writer.writeBigInteger(new BigInteger(
-                                                                                                  cipherSpec.getIV()))
-                                                         : new byte[0]);
+        writer.writeBigInteger(BigInteger.valueOf(cipherBlockSize)),
+        writer.writeBigInteger(BigInteger.valueOf(cipherKeySize)),
+        (iv != null) ? writer.writeBigInteger(new BigInteger(iv))
+                     : new byte[0]);
   }
 
   protected void engineInit(AlgorithmParameterSpec spec)
       throws InvalidParameterSpecException
   {
     if (spec instanceof BlockCipherParameterSpec)
-      {
-        cipherSpec = (BlockCipherParameterSpec) spec;
-      }
+      cipherSpec = (BlockCipherParameterSpec) spec;
     else
-      {
-        throw new InvalidParameterSpecException();
-      }
+      throw new InvalidParameterSpecException();
   }
 
   protected void engineInit(byte[] encoded, String format) throws IOException
   {
-    if (!format.equalsIgnoreCase(DEFAULT_FORMAT)
-        && !format.equalsIgnoreCase("ASN1"))
-      {
-        throw new IOException("invalid format: only accepts ASN.1");
-      }
+    if (! format.equalsIgnoreCase(DEFAULT_FORMAT)
+        && ! format.equalsIgnoreCase("ASN1"))
+      throw new IOException("invalid format: only accepts ASN.1");
     engineInit(encoded);
   }
 
   protected void engineInit(byte[] encoded) throws IOException
   {
-    // This is probably an equally bad idea.
-    /*if (encoded[0] != 0x30) {
-     throw new IOException("malformed ASN.1 sequence");
-     }
-     if (encoded[2] != 0x02 || encoded[3] != 4) {
-     throw new IOException("malformed ASN.1 sequence");
-     }
-     int blockSize = encoded[4] << 24 | encoded[5] << 16
-     | encoded[6] <<  8 | encoded[7];
-     if (encoded[8] != 0x02 || encoded[9] != 4) {
-     throw new IOException("malformed ASN.1 sequence");
-     }
-     int keySize = encoded[10] << 24 | encoded[11] << 16
-     | encoded[12] <<  8 | encoded[13];
-     if (encoded[14] == 0x04) {
-     int len = encoded[15] & 0xff;
-     byte[] iv = new byte[len];
-     System.arraycopy(encoded, 16, iv, 0, len);
-     cipherSpec = new BlockCipherParameterSpec(iv, blockSize, keySize);
-     } else if (encoded[14] == 0) {
-     cipherSpec = new BlockCipherParameterSpec(blockSize, keySize);
-     } else {
-     throw new IOException("malformed ASN.1 sequence");
-     }*/
     DERReader reader = new DERReader(encoded);
     int bs = reader.getBigInteger().intValue();
     int ks = reader.getBigInteger().intValue();
     byte[] iv = null;
     if (reader.hasMorePrimitives())
-      {
-        iv = reader.getBigInteger().toByteArray();
-      }
+      iv = reader.getBigInteger().toByteArray();
     cipherSpec = new BlockCipherParameterSpec(iv, bs, ks);
-    System.out.println(cipherSpec);
+    if (Configuration.DEBUG)
+      log.fine("cipherSpec: " + cipherSpec);
   }
 
   protected AlgorithmParameterSpec engineGetParameterSpec(Class c)
       throws InvalidParameterSpecException
   {
     if (c.isInstance(cipherSpec))
+      return cipherSpec;
+    if (IvParameterSpec.class.isAssignableFrom(c))
       {
-        return cipherSpec;
+        IvParameterSpec result = new IvParameterSpec(cipherSpec.getIV());
+        return result;
       }
     throw new InvalidParameterSpecException();
   }
@@ -206,4 +146,4 @@ public class BlockCipherParameters extends AlgorithmParametersSpi
   {
     return cipherSpec.toString();
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/jce/params/DEREncodingException.java b/libjava/classpath/gnu/javax/crypto/jce/params/DEREncodingException.java
index ddfa6e1dee7..b89ceda9fa2 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/params/DEREncodingException.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/params/DEREncodingException.java
@@ -38,7 +38,8 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.jce.params;
 
-class DEREncodingException extends java.io.IOException
+class DEREncodingException
+    extends java.io.IOException
 {
 
   public DEREncodingException()
@@ -50,4 +51,4 @@ class DEREncodingException extends java.io.IOException
   {
     super(msg);
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/jce/params/DERReader.java b/libjava/classpath/gnu/javax/crypto/jce/params/DERReader.java
index f61423255fc..68c68027966 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/params/DERReader.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/params/DERReader.java
@@ -43,15 +43,10 @@ import java.math.BigInteger;
 class DERReader
 {
   byte source[];
-
   int pos;
-
   static final int UNIVERSAL = 1;
-
   static final int APPLICATION = 2;
-
   static final int CONTEXT_SPECIFIC = 3;
-
   static final int PRIVATE = 4;
 
   public DERReader()
@@ -86,53 +81,37 @@ class DERReader
     return new BigInteger(getPrimitive());
   }
 
-  //Reads Primitive, definite-length method
+  // Reads Primitive, definite-length method
   private byte[] getPrimitive() throws DEREncodingException
   {
     int tmp = pos;
-
-    //Read Identifier
+    // Read Identifier
     byte identifier = source[tmp++];
     if ((0x20 & identifier) != 0)
       throw new DEREncodingException();
     int type = translateLeadIdentifierByte(identifier);
-    //System.out.println("Type: " + type);
-
-    //get tag
+    // get tag
     int tag = (0x1f & identifier);
-    //if( tag == 0x1f)
-    //	tag = getIdentifier(tmp);
-    //System.out.println("Tag: " + tag);
-
-    //get length
-    byte len = source[tmp]; //may be length of length parameter
+    // get length
+    byte len = source[tmp]; // may be length of length parameter
     long length = 0x7f & len;
     int i;
     if ((0x80 & len) != 0)
       {
-        //System.out.println("Extra Long Length");
         len &= 0x7f;
-        //System.out.println("Length of Length: " + len);
-        //get length here
+        // get length here
         length = 0;
         for (i = 0; i < len; i++)
           {
             tmp++;
             length <<= 8;
             length += (source[tmp] < 0) ? (256 + source[tmp]) : source[tmp];
-            //System.out.println("Length of Length: " + length);
           }
         tmp++;
       }
     else
       tmp++;
 
-    /*System.out.println("Position: " + tmp);
-     System.out.println("Length: " + length);
-     for( i = 0; i < 10; i++)
-     System.out.print(source[tmp + i] + " ");
-     System.out.println();*/
-
     byte tmpb[] = new byte[(int) length];
     System.arraycopy(source, tmp, tmpb, 0, (int) length);
     pos = (int) (tmp + length);
@@ -157,4 +136,4 @@ class DERReader
       tpos++;
     return tpos;
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/jce/params/DERWriter.java b/libjava/classpath/gnu/javax/crypto/jce/params/DERWriter.java
index 876c2cd6caa..7bdea10c5f4 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/params/DERWriter.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/params/DERWriter.java
@@ -43,11 +43,8 @@ import java.math.BigInteger;
 class DERWriter
 {
   static final int UNIVERSAL = 1;
-
   static final int APPLICATION = 2;
-
   static final int CONTEXT_SPECIFIC = 3;
-
   static final int PRIVATE = 4;
 
   public DERWriter()
@@ -56,7 +53,8 @@ class DERWriter
 
   public byte[] writeBigInteger(BigInteger i)
   {
-    return writePrimitive(0x02, UNIVERSAL,
+    return writePrimitive(0x02,
+                          UNIVERSAL,
                           (int) Math.ceil((double) i.bitLength() / 8),
                           i.toByteArray());
   }
@@ -71,7 +69,7 @@ class DERWriter
   public byte[] joinarrays(byte a[], byte b[])
   {
     byte d[] = new byte[a.length + b.length];
-    System.arraycopy(a, 0, d, 0, a.length);
+    System.arraycopy(a, 0, d, 0,        a.length);
     System.arraycopy(b, 0, d, a.length, b.length);
     return d;
   }
@@ -92,7 +90,7 @@ class DERWriter
       {
         int count = (int) (Math.log(identifier) / Math.log(256));
         b = new byte[count + 1];
-        b[0] = (byte) (translateLeadIdentifierByte(identifierencoding) | 0x1f);
+        b[0] = (byte)(translateLeadIdentifierByte(identifierencoding) | 0x1f);
         int i;
         for (i = 1; i < (count + 1); i++)
           {
@@ -100,14 +98,13 @@ class DERWriter
             b[i] |= 0x80;
           }
         b[i - 1] ^= 0x80;
-        //System.out.println("Identifier1: " + b[0]);
         return b;
       }
     else
       {
         b = new byte[1];
-        b[0] = (byte) ((translateLeadIdentifierByte(identifierencoding) | (byte) (identifier & 0x1f)) & 0xdf);
-        //System.out.println("Identifier2: " + b[0]);
+        b[0] = (byte)((translateLeadIdentifierByte(identifierencoding)
+             | (byte)(identifier & 0x1f)) & 0xdf);
         return b;
       }
   }
@@ -130,25 +127,17 @@ class DERWriter
     if (length > 127)
       {
         int count = (int) Math.ceil(Math.log(length) / Math.log(256));
-        //System.out.println("Length byte count: " + count);
         b = new byte[count + 1];
-        b[0] = (byte) ((count & 0x7f) | 0x80);
+        b[0] = (byte)((count & 0x7f) | 0x80);
         for (int i = 1; i < (count + 1); i++)
-          {
-            b[i] = (byte) (length >>> (8 * (count - i)));
-            //System.out.println("Length1 byte1: " + (length >>> (8 * ( count - i) )));
-            //System.out.println("Length1 byte2: " + b[i]);
-          }
-
-        //System.out.println("Length1: " + length);
+          b[i] = (byte) (length >>> (8 * (count - i)));
         return b;
       }
     else
       {
         b = new byte[1];
         b[0] = (byte) (length & 0x7f);
-        //System.out.println("Length2: " + length);
         return b;
       }
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/jce/prng/ARCFourRandomSpi.java b/libjava/classpath/gnu/javax/crypto/jce/prng/ARCFourRandomSpi.java
index 0c071561b6f..652793b04ff 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/prng/ARCFourRandomSpi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/prng/ARCFourRandomSpi.java
@@ -48,24 +48,17 @@ import java.security.SecureRandomSpi;
 import java.util.HashMap;
 
 /**
- * Implementation of the <i>Service Provider Interface</i> (<b>SPI</b>)
- * for the ARCFOUR keystream generator.
+ * Implementation of the <i>Service Provider Interface</i> (<b>SPI</b>) for
+ * the ARCFOUR keystream generator.
  */
-public class ARCFourRandomSpi extends SecureRandomSpi
+public class ARCFourRandomSpi
+    extends SecureRandomSpi
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** Our underlying prng instance. */
   private IRandom adaptee;
-
   /** Have we been initialized? */
   private boolean virgin;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
    * Default 0-arguments constructor.
    */
@@ -76,20 +69,10 @@ public class ARCFourRandomSpi extends SecureRandomSpi
     virgin = true;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.security.SecureRandomSpi interface implementation ------------------
-
   public byte[] engineGenerateSeed(int numBytes)
   {
     if (numBytes < 1)
-      {
-        return new byte[0];
-      }
+      return new byte[0];
     byte[] result = new byte[numBytes];
     this.engineNextBytes(result);
     return result;
@@ -98,9 +81,7 @@ public class ARCFourRandomSpi extends SecureRandomSpi
   public void engineNextBytes(byte[] bytes)
   {
     if (virgin)
-      {
-        this.engineSetSeed(new byte[0]);
-      }
+      this.engineSetSeed(new byte[0]);
     try
       {
         adaptee.nextBytes(bytes, 0, bytes.length);
@@ -117,4 +98,4 @@ public class ARCFourRandomSpi extends SecureRandomSpi
     adaptee.init(attributes);
     virgin = false;
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/jce/prng/CSPRNGSpi.java b/libjava/classpath/gnu/javax/crypto/jce/prng/CSPRNGSpi.java
index c0aa015b065..6ded636aaf3 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/prng/CSPRNGSpi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/prng/CSPRNGSpi.java
@@ -38,29 +38,22 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.jce.prng;
 
-import gnu.java.security.Registry;
-import gnu.javax.crypto.prng.CSPRNG;
 import gnu.java.security.prng.IRandom;
 import gnu.java.security.prng.LimitReachedException;
+import gnu.javax.crypto.prng.CSPRNG;
 
 import java.net.MalformedURLException;
 import java.security.SecureRandomSpi;
 
 /**
- * The implementation of the continuously-seeded SecureRandom
- * <i>Service Provider Interface</i> (<b>SPI</b>) adapter.<p>
+ * The implementation of the continuously-seeded SecureRandom <i>Service
+ * Provider Interface</i> (<b>SPI</b>) adapter.
  */
-public class CSPRNGSpi extends SecureRandomSpi
+public class CSPRNGSpi
+    extends SecureRandomSpi
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   private final IRandom adaptee;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public CSPRNGSpi() throws ClassNotFoundException, MalformedURLException,
       NumberFormatException
   {
@@ -69,20 +62,13 @@ public class CSPRNGSpi extends SecureRandomSpi
     adaptee = CSPRNG.getSystemInstance();
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   protected byte[] engineGenerateSeed(final int count)
   {
     if (count < 0)
-      {
-        throw new IllegalArgumentException("count must be nonnegative");
-      }
+      throw new IllegalArgumentException("count must be nonnegative");
     byte[] buf = new byte[count];
     if (count == 0)
-      {
-        return buf;
-      }
+      return buf;
     engineNextBytes(buf);
     return buf;
   }
@@ -90,9 +76,7 @@ public class CSPRNGSpi extends SecureRandomSpi
   protected void engineNextBytes(final byte[] buffer)
   {
     if (buffer == null)
-      {
-        throw new NullPointerException();
-      }
+      throw new NullPointerException();
     try
       {
         adaptee.nextBytes(buffer, 0, buffer.length);
@@ -106,9 +90,7 @@ public class CSPRNGSpi extends SecureRandomSpi
   protected void engineSetSeed(final byte[] seed)
   {
     if (seed == null)
-      {
-        throw new NullPointerException();
-      }
+      throw new NullPointerException();
     adaptee.addRandomBytes(seed, 0, seed.length);
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/jce/prng/FortunaImpl.java b/libjava/classpath/gnu/javax/crypto/jce/prng/FortunaImpl.java
index 7006bbbaddc..8e3782ef055 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/prng/FortunaImpl.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/prng/FortunaImpl.java
@@ -40,24 +40,26 @@ package gnu.javax.crypto.jce.prng;
 
 import gnu.java.security.prng.LimitReachedException;
 import gnu.javax.crypto.prng.Fortuna;
+
 import java.security.SecureRandomSpi;
 import java.util.Collections;
 
-public final class FortunaImpl extends SecureRandomSpi
+public final class FortunaImpl
+    extends SecureRandomSpi
 {
   private final Fortuna adaptee;
 
-  public FortunaImpl ()
+  public FortunaImpl()
   {
-    adaptee = new Fortuna ();
-    adaptee.init (Collections.singletonMap (Fortuna.SEED, new byte[0]));
+    adaptee = new Fortuna();
+    adaptee.init(Collections.singletonMap(Fortuna.SEED, new byte[0]));
   }
-  
-  protected void engineSetSeed (byte[] seed)
+
+  protected void engineSetSeed(byte[] seed)
   {
     synchronized (adaptee)
       {
-        adaptee.addRandomBytes (seed);
+        adaptee.addRandomBytes(seed);
       }
   }
 
@@ -67,19 +69,19 @@ public final class FortunaImpl extends SecureRandomSpi
       {
         try
           {
-            adaptee.nextBytes (buffer);
+            adaptee.nextBytes(buffer);
           }
         catch (LimitReachedException shouldNotHappen)
           {
-            throw new Error (shouldNotHappen);
+            throw new Error(shouldNotHappen);
           }
       }
   }
 
-  protected byte[] engineGenerateSeed (int numbytes)
+  protected byte[] engineGenerateSeed(int numbytes)
   {
     byte[] seed = new byte[numbytes];
-    engineNextBytes (seed);
+    engineNextBytes(seed);
     return seed;
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/jce/prng/ICMRandomSpi.java b/libjava/classpath/gnu/javax/crypto/jce/prng/ICMRandomSpi.java
index d04b782f9f5..9855f95bd98 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/prng/ICMRandomSpi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/prng/ICMRandomSpi.java
@@ -38,44 +38,27 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.jce.prng;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.Registry;
+import gnu.java.security.prng.LimitReachedException;
 import gnu.javax.crypto.cipher.IBlockCipher;
 import gnu.javax.crypto.prng.ICMGenerator;
-import gnu.java.security.prng.LimitReachedException;
 
-import java.io.PrintWriter;
 import java.math.BigInteger;
 import java.security.SecureRandomSpi;
 import java.util.HashMap;
 import java.util.Random;
+import java.util.logging.Logger;
 
 /**
- * <p>An <em>Adapter</em> class around {@link ICMGenerator} to allow using this
- * algorithm as a JCE {@link java.security.SecureRandom}.</p>
+ * An <em>Adapter</em> class around {@link ICMGenerator} to allow using this
+ * algorithm as a JCE {@link java.security.SecureRandom}.
  */
-public class ICMRandomSpi extends SecureRandomSpi
+public class ICMRandomSpi
+    extends SecureRandomSpi
 {
-
-  // Debugging methods and variables
-  // -------------------------------------------------------------------------
-
-  private static final String NAME = "ICMRandomSpi";
-
-  private static final boolean DEBUG = false;
-
-  private static final int debuglevel = 0;
-
-  private static final PrintWriter err = new PrintWriter(System.out, true);
-
-  private static void debug(String s)
-  {
-    err.println(">>> " + NAME + ": " + s);
-  }
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  /** Class-wide prng to generate random material for the underlying prng.*/
+  private static final Logger log = Logger.getLogger(ICMRandomSpi.class.getName());
+  /** Class-wide prng to generate random material for the underlying prng. */
   private static final ICMGenerator prng; // blank final
   static
     {
@@ -86,28 +69,18 @@ public class ICMRandomSpi extends SecureRandomSpi
   // error messages
   private static final String MSG = "Exception while setting up an "
                                     + Registry.ICM_PRNG + " SPI: ";
-
   private static final String RETRY = "Retry...";
-
   private static final String LIMIT_REACHED_MSG = "Limit reached: ";
-
   private static final String RESEED = "Re-seed...";
-
   /** Our underlying prng instance. */
   private ICMGenerator adaptee = new ICMGenerator();
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   // default 0-arguments constructor
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   private static void resetLocalPRNG()
   {
-    if (DEBUG && debuglevel > 8)
-      debug(">>> resetLocalPRNG()");
+    if (Configuration.DEBUG)
+      log.entering(ICMRandomSpi.class.getName(), "resetLocalPRNG");
     HashMap attributes = new HashMap();
     attributes.put(ICMGenerator.CIPHER, Registry.AES_CIPHER);
     byte[] key = new byte[128 / 8]; // AES default key size
@@ -122,50 +95,39 @@ public class ICMRandomSpi extends SecureRandomSpi
     // choose a random value between 1 and aesBlockSize / 2
     int limit = aesBlockSize / 2;
     while (ndxLen < 1 || ndxLen > limit)
-      {
-        ndxLen = rand.nextInt(limit + 1);
-      }
-    attributes.put(ICMGenerator.SEGMENT_INDEX_LENGTH, new Integer(ndxLen));
+      ndxLen = rand.nextInt(limit + 1);
+    attributes.put(ICMGenerator.SEGMENT_INDEX_LENGTH, Integer.valueOf(ndxLen));
     byte[] index = new byte[ndxLen];
     rand.nextBytes(index);
     attributes.put(ICMGenerator.SEGMENT_INDEX, new BigInteger(1, index));
-
     prng.setup(attributes);
-    if (DEBUG && debuglevel > 8)
-      debug("<<< resetLocalPRNG()");
+    if (Configuration.DEBUG)
+      log.exiting(ICMRandomSpi.class.getName(), "resetLocalPRNG");
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.security.SecureRandomSpi interface implementation ------------------
-
   public byte[] engineGenerateSeed(int numBytes)
   {
-    if (DEBUG && debuglevel > 8)
-      debug(">>> engineGenerateSeed()");
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "engineGenerateSeed");
     if (numBytes < 1)
       {
-        if (DEBUG && debuglevel > 8)
-          debug("<<< engineGenerateSeed()");
+        if (Configuration.DEBUG)
+          log.exiting(this.getClass().getName(), "engineGenerateSeed");
         return new byte[0];
       }
     byte[] result = new byte[numBytes];
     this.engineNextBytes(result);
-    if (DEBUG && debuglevel > 8)
-      debug("<<< engineGenerateSeed()");
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "engineGenerateSeed");
     return result;
   }
 
   public void engineNextBytes(byte[] bytes)
   {
-    if (DEBUG && debuglevel > 8)
-      debug(">>> engineNextBytes()");
-    if (!adaptee.isInitialised())
-      {
-        this.engineSetSeed(new byte[0]);
-      }
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "engineNextBytes");
+    if (! adaptee.isInitialised())
+      this.engineSetSeed(new byte[0]);
     while (true)
       {
         try
@@ -175,30 +137,28 @@ public class ICMRandomSpi extends SecureRandomSpi
           }
         catch (LimitReachedException x)
           { // reseed the generator
-            if (DEBUG)
+            if (Configuration.DEBUG)
               {
-                debug(LIMIT_REACHED_MSG + String.valueOf(x));
-                x.printStackTrace(err);
-                debug(RESEED);
+                log.fine(LIMIT_REACHED_MSG + String.valueOf(x));
+                log.fine(RESEED);
               }
             resetLocalPRNG();
           }
       }
-    if (DEBUG && debuglevel > 8)
-      debug("<<< engineNextBytes()");
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "engineNextBytes");
   }
 
   public void engineSetSeed(byte[] seed)
   {
-    if (DEBUG && debuglevel > 8)
-      debug(">>> engineSetSeed()");
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "engineSetSeed");
     // compute the total number of random bytes required to setup adaptee
     int materialLength = 0;
     materialLength += 16; // key material size
     materialLength += 16; // offset size
     materialLength += 8; // index size == half of an AES block
     byte[] material = new byte[materialLength];
-
     // use as much as possible bytes from the seed
     int materialOffset = 0;
     int materialLeft = material.length;
@@ -209,8 +169,8 @@ public class ICMRandomSpi extends SecureRandomSpi
         materialOffset += lenToCopy;
         materialLeft -= lenToCopy;
       }
-    if (materialOffset > 0)
-      { // generate the rest
+    if (materialOffset > 0) // generate the rest
+      {
         while (true)
           {
             try
@@ -224,22 +184,20 @@ public class ICMRandomSpi extends SecureRandomSpi
               }
             catch (LimitReachedException x)
               {
-                if (DEBUG)
+                if (Configuration.DEBUG)
                   {
-                    debug(MSG + String.valueOf(x));
-                    debug(RETRY);
+                    log.fine(MSG + String.valueOf(x));
+                    log.fine(RETRY);
                   }
               }
           }
       }
-
     // setup the underlying adaptee instance
     HashMap attributes = new HashMap();
-
     // use AES cipher with 128-bit block size
     attributes.put(ICMGenerator.CIPHER, Registry.AES_CIPHER);
     // use an index the size of quarter of an AES block
-    attributes.put(ICMGenerator.SEGMENT_INDEX_LENGTH, new Integer(4));
+    attributes.put(ICMGenerator.SEGMENT_INDEX_LENGTH, Integer.valueOf(4));
     // specify the key
     byte[] key = new byte[16];
     System.arraycopy(material, 0, key, 0, 16);
@@ -252,9 +210,8 @@ public class ICMRandomSpi extends SecureRandomSpi
     byte[] index = new byte[8];
     System.arraycopy(material, 32, index, 0, 8);
     attributes.put(ICMGenerator.SEGMENT_INDEX, new BigInteger(1, index));
-
     adaptee.init(attributes);
-    if (DEBUG && debuglevel > 8)
-      debug("<<< engineSetSeed()");
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "engineSetSeed");
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/jce/prng/UMacRandomSpi.java b/libjava/classpath/gnu/javax/crypto/jce/prng/UMacRandomSpi.java
index 7dad68b2f95..f6949dd8d71 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/prng/UMacRandomSpi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/prng/UMacRandomSpi.java
@@ -38,65 +38,41 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.jce.prng;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.Registry;
-import gnu.javax.crypto.cipher.IBlockCipher;
 import gnu.java.security.prng.LimitReachedException;
+import gnu.javax.crypto.cipher.IBlockCipher;
 import gnu.javax.crypto.prng.UMacGenerator;
 
-import java.io.PrintWriter;
 import java.security.SecureRandomSpi;
 import java.util.HashMap;
 import java.util.Random;
+import java.util.logging.Logger;
 
 /**
- * <p>An <em>Adapter</em> class around {@link UMacGenerator} to allow using this
- * algorithm as a JCE {@link java.security.SecureRandom}.</p>
+ * An <em>Adapter</em> class around {@link UMacGenerator} to allow using this
+ * algorithm as a JCE {@link java.security.SecureRandom}.
  */
-public class UMacRandomSpi extends SecureRandomSpi
+public class UMacRandomSpi
+    extends SecureRandomSpi
 {
-
-  // Debugging methods and variables
-  // -------------------------------------------------------------------------
-
-  private static final String NAME = "UMacRandomSpi";
-
-  private static final boolean DEBUG = false;
-
-  private static final PrintWriter err = new PrintWriter(System.out, true);
-
-  private static void debug(String s)
-  {
-    err.println(">>> " + NAME + ": " + s);
-  }
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  /** Class-wide prng to generate random material for the underlying prng.*/
+  private static final Logger log = Logger.getLogger(UMacRandomSpi.class.getName());
+  /** Class-wide prng to generate random material for the underlying prng. */
   private static final UMacGenerator prng; // blank final
   static
     {
       prng = new UMacGenerator();
       resetLocalPRNG();
     }
-
   // error messages
   private static final String MSG = "Exception while setting up a "
                                     + Registry.UMAC_PRNG + " SPI: ";
-
   private static final String RETRY = "Retry...";
-
   /** Our underlying prng instance. */
   private UMacGenerator adaptee = new UMacGenerator();
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   // default 0-arguments constructor
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   private static void resetLocalPRNG()
   {
     HashMap attributes = new HashMap();
@@ -106,22 +82,14 @@ public class UMacRandomSpi extends SecureRandomSpi
     rand.nextBytes(key);
     attributes.put(IBlockCipher.KEY_MATERIAL, key);
     int index = rand.nextInt() & 0xFF;
-    attributes.put(UMacGenerator.INDEX, new Integer(index));
-
+    attributes.put(UMacGenerator.INDEX, Integer.valueOf(index));
     prng.setup(attributes);
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.security.SecureRandomSpi interface implementation ------------------
-
   public byte[] engineGenerateSeed(int numBytes)
   {
     if (numBytes < 1)
-      {
-        return new byte[0];
-      }
+      return new byte[0];
     byte[] result = new byte[numBytes];
     this.engineNextBytes(result);
     return result;
@@ -129,11 +97,8 @@ public class UMacRandomSpi extends SecureRandomSpi
 
   public void engineNextBytes(byte[] bytes)
   {
-    if (!adaptee.isInitialised())
-      {
-        this.engineSetSeed(new byte[0]);
-      }
-
+    if (! adaptee.isInitialised())
+      this.engineSetSeed(new byte[0]);
     while (true)
       {
         try
@@ -155,7 +120,6 @@ public class UMacRandomSpi extends SecureRandomSpi
     materialLength += 16; // key material size
     materialLength++; // index size
     byte[] material = new byte[materialLength];
-
     // use as much as possible bytes from the seed
     int materialOffset = 0;
     int materialLeft = material.length;
@@ -166,8 +130,8 @@ public class UMacRandomSpi extends SecureRandomSpi
         materialOffset += lenToCopy;
         materialLeft -= lenToCopy;
       }
-    if (materialOffset > 0)
-      { // generate the rest
+    if (materialOffset > 0) // generate the rest
+      {
         while (true)
           {
             try
@@ -175,24 +139,22 @@ public class UMacRandomSpi extends SecureRandomSpi
                 prng.nextBytes(material, materialOffset, materialLeft);
                 break;
               }
-            catch (IllegalStateException x)
-              { // should not happen
+            catch (IllegalStateException x) // should not happen
+              {
                 throw new InternalError(MSG + String.valueOf(x));
               }
             catch (LimitReachedException x)
               {
-                if (DEBUG)
+                if (Configuration.DEBUG)
                   {
-                    debug(MSG + String.valueOf(x));
-                    debug(RETRY);
+                    log.fine(MSG + String.valueOf(x));
+                    log.fine(RETRY);
                   }
               }
           }
       }
-
     // setup the underlying adaptee instance
     HashMap attributes = new HashMap();
-
     // use AES cipher with 128-bit block size
     attributes.put(UMacGenerator.CIPHER, Registry.AES_CIPHER);
     // specify the key
@@ -200,8 +162,7 @@ public class UMacRandomSpi extends SecureRandomSpi
     System.arraycopy(material, 0, key, 0, 16);
     attributes.put(IBlockCipher.KEY_MATERIAL, key);
     // use a 1-byte index
-    attributes.put(UMacGenerator.INDEX, new Integer(material[16] & 0xFF));
-
+    attributes.put(UMacGenerator.INDEX, Integer.valueOf(material[16] & 0xFF));
     adaptee.init(attributes);
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/jce/sig/DHKeyFactory.java b/libjava/classpath/gnu/javax/crypto/jce/sig/DHKeyFactory.java
index 701191adc34..98b265dd36c 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/sig/DHKeyFactory.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/sig/DHKeyFactory.java
@@ -79,7 +79,6 @@ public class DHKeyFactory
         BigInteger y = spec.getY();
         return new GnuDHPublicKey(Registry.X509_ENCODING_ID, null, p, g, y);
       }
-
     if (keySpec instanceof X509EncodedKeySpec)
       {
         X509EncodedKeySpec spec = (X509EncodedKeySpec) keySpec;
@@ -97,7 +96,6 @@ public class DHKeyFactory
             throw y;
           }
       }
-
     throw new InvalidKeySpecException("Unsupported (public) key specification");
   }
 
@@ -112,7 +110,6 @@ public class DHKeyFactory
         BigInteger x = spec.getX();
         return new GnuDHPrivateKey(Registry.PKCS8_ENCODING_ID, null, p, g, x);
       }
-
     if (keySpec instanceof PKCS8EncodedKeySpec)
       {
         PKCS8EncodedKeySpec spec = (PKCS8EncodedKeySpec) keySpec;
@@ -130,7 +127,6 @@ public class DHKeyFactory
             throw y;
           }
       }
-
     throw new InvalidKeySpecException("Unsupported (private) key specification");
   }
 
@@ -147,7 +143,6 @@ public class DHKeyFactory
             BigInteger y = dssKey.getY();
             return new DHPublicKeySpec(y, p, g);
           }
-
         if (keySpec.isAssignableFrom(X509EncodedKeySpec.class))
           {
             if (key instanceof GnuDHPublicKey)
@@ -156,19 +151,16 @@ public class DHKeyFactory
                 byte[] encoded = dhKey.getEncoded(Registry.X509_ENCODING_ID);
                 return new X509EncodedKeySpec(encoded);
               }
-
             if (Registry.X509_ENCODING_SORT_NAME.equalsIgnoreCase(key.getFormat()))
               {
                 byte[] encoded = key.getEncoded();
                 return new X509EncodedKeySpec(encoded);
               }
-
-            throw new InvalidKeySpecException("Wrong key type or unsupported (public) key specification");
+            throw new InvalidKeySpecException(
+                "Wrong key type or unsupported (public) key specification");
           }
-
         throw new InvalidKeySpecException("Unsupported (public) key specification");
       }
-
     if (key instanceof DHPrivateKey)
       {
         if (keySpec.isAssignableFrom(DHPrivateKeySpec.class))
@@ -179,7 +171,6 @@ public class DHKeyFactory
             BigInteger x = dhKey.getX();
             return new DHPrivateKeySpec(x, p, g);
           }
-
         if (keySpec.isAssignableFrom(PKCS8EncodedKeySpec.class))
           {
             if (key instanceof GnuDHPrivateKey)
@@ -188,27 +179,25 @@ public class DHKeyFactory
                 byte[] encoded = dhKey.getEncoded(Registry.PKCS8_ENCODING_ID);
                 return new PKCS8EncodedKeySpec(encoded);
               }
-
             if (Registry.PKCS8_ENCODING_SHORT_NAME.equalsIgnoreCase(key.getFormat()))
               {
                 byte[] encoded = key.getEncoded();
                 return new PKCS8EncodedKeySpec(encoded);
               }
-
-            throw new InvalidKeySpecException("Wrong key type or unsupported (private) key specification");
+            throw new InvalidKeySpecException(
+                "Wrong key type or unsupported (private) key specification");
           }
-
-        throw new InvalidKeySpecException("Unsupported (private) key specification");
+        throw new InvalidKeySpecException(
+            "Unsupported (private) key specification");
       }
-
-    throw new InvalidKeySpecException("Wrong key type or unsupported key specification");
+    throw new InvalidKeySpecException(
+        "Wrong key type or unsupported key specification");
   }
 
   protected Key engineTranslateKey(Key key) throws InvalidKeyException
   {
     if ((key instanceof GnuDHPublicKey) || (key instanceof GnuDHPrivateKey))
       return key;
-
     if (key instanceof DHPublicKey)
       {
         DHPublicKey dsaKey = (DHPublicKey) key;
@@ -217,7 +206,6 @@ public class DHKeyFactory
         BigInteger y = dsaKey.getY();
         return new GnuDHPublicKey(Registry.X509_ENCODING_ID, null, p, g, y);
       }
-
     if (key instanceof DHPrivateKey)
       {
         DHPrivateKey dsaKey = (DHPrivateKey) key;
@@ -226,7 +214,6 @@ public class DHKeyFactory
         BigInteger x = dsaKey.getX();
         return new GnuDHPrivateKey(Registry.PKCS8_ENCODING_ID, null, p, g, x);
       }
-
     throw new InvalidKeyException("Wrong key type");
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/jce/sig/DHKeyPairGeneratorSpi.java b/libjava/classpath/gnu/javax/crypto/jce/sig/DHKeyPairGeneratorSpi.java
index 0d09d5cef2c..e26f0712479 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/sig/DHKeyPairGeneratorSpi.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/sig/DHKeyPairGeneratorSpi.java
@@ -61,12 +61,12 @@ public class DHKeyPairGeneratorSpi
   public void initialize(int keysize, SecureRandom random)
   {
     HashMap attributes = new HashMap();
-    attributes.put(GnuDHKeyPairGenerator.PRIME_SIZE, new Integer(keysize));
+    attributes.put(GnuDHKeyPairGenerator.PRIME_SIZE, Integer.valueOf(keysize));
     if (random != null)
       attributes.put(GnuDHKeyPairGenerator.SOURCE_OF_RANDOMNESS, random);
 
     attributes.put(GnuDHKeyPairGenerator.PREFERRED_ENCODING_FORMAT,
-                   new Integer(Registry.ASN1_ENCODING_ID));
+                   Integer.valueOf(Registry.ASN1_ENCODING_ID));
     adaptee.setup(attributes);
   }
 
@@ -87,7 +87,7 @@ public class DHKeyPairGeneratorSpi
       attributes.put(GnuDHKeyPairGenerator.SOURCE_OF_RANDOMNESS, random);
 
     attributes.put(GnuDHKeyPairGenerator.PREFERRED_ENCODING_FORMAT,
-                   new Integer(Registry.ASN1_ENCODING_ID));
+                   Integer.valueOf(Registry.ASN1_ENCODING_ID));
     adaptee.setup(attributes);
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/jce/spec/BlockCipherParameterSpec.java b/libjava/classpath/gnu/javax/crypto/jce/spec/BlockCipherParameterSpec.java
index 63e7740ec02..321b4779597 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/spec/BlockCipherParameterSpec.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/spec/BlockCipherParameterSpec.java
@@ -43,40 +43,26 @@ import gnu.java.security.util.Util;
 import java.security.spec.AlgorithmParameterSpec;
 
 /**
- * Block cipher parameters in GNU Crypto are the cipher's name, its block
- * and key sizes, and an optional initialization vector.
+ * Block cipher parameters in GNU are the cipher's name, its block and key
+ * sizes, and an optional initialization vector.
  */
-public class BlockCipherParameterSpec implements AlgorithmParameterSpec
+public class BlockCipherParameterSpec
+    implements AlgorithmParameterSpec
 {
-
-  // Constants and variables.
-  // -----------------------------------------------------------------------
-
-  /**
-   * The initialization vector.
-   */
+  /** The initialization vector. */
   protected byte[] iv;
-
-  /**
-   * The cipher's block size, in bytes.
-   */
+  /** The cipher's block size, in bytes. */
   protected int blockSize;
-
-  /**
-   * The cipher's key size, in bytes.
-   */
+  /** The cipher's key size, in bytes. */
   protected int keySize;
 
-  // Constructors.
-  // -----------------------------------------------------------------------
-
   /**
    * Create a new parameter specification.
-   *
-   * @param iv        The initialization vector, or <code>null</code> if
-   *                  there is no IV.
+   * 
+   * @param iv The initialization vector, or <code>null</code> if there is no
+   *          IV.
    * @param blockSize The cipher's block size, in bytes.
-   * @param keySize   The cipher's key size, in bytes.
+   * @param keySize The cipher's key size, in bytes.
    */
   public BlockCipherParameterSpec(byte[] iv, int blockSize, int keySize)
   {
@@ -87,22 +73,19 @@ public class BlockCipherParameterSpec implements AlgorithmParameterSpec
 
   /**
    * Create a new parameter specification with no IV.
-   *
+   * 
    * @param blockSize The cipher's block size, in bytes.
-   * @param keySize   The cipher's key size, in bytes.
+   * @param keySize The cipher's key size, in bytes.
    */
   public BlockCipherParameterSpec(int blockSize, int keySize)
   {
     this(null, blockSize, keySize);
   }
 
-  // Instance methods.
-  // -----------------------------------------------------------------------
-
   /**
-   * Get the initialization vector for the cipher, or <code>null</code>
-   * if there is no IV.
-   *
+   * Get the initialization vector for the cipher, or <code>null</code> if
+   * there is no IV.
+   * 
    * @return The IV.
    */
   public byte[] getIV()
@@ -112,7 +95,7 @@ public class BlockCipherParameterSpec implements AlgorithmParameterSpec
 
   /**
    * Get the block size of the cipher these parameters are for.
-   *
+   * 
    * @return The block size.
    */
   public int getBlockSize()
@@ -122,7 +105,7 @@ public class BlockCipherParameterSpec implements AlgorithmParameterSpec
 
   /**
    * Get the key size of the cipher these parameters are for.
-   *
+   * 
    * @return The block size.
    */
   public int getKeySize()
@@ -133,7 +116,7 @@ public class BlockCipherParameterSpec implements AlgorithmParameterSpec
   public String toString()
   {
     return getClass().getName() + " { "
-           + ((iv != null) ? ("IV=" + Util.toString(iv)) + ", " : "") + "BS="
-           + blockSize + ", KS=" + keySize + " }";
+           + ((iv != null) ? ("IV=" + Util.toString(iv)) + ", " : "")
+           + "BS=" + blockSize + ", KS=" + keySize + " }";
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/jce/spec/TMMHParameterSpec.java b/libjava/classpath/gnu/javax/crypto/jce/spec/TMMHParameterSpec.java
index 0ebec099107..35643728873 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/spec/TMMHParameterSpec.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/spec/TMMHParameterSpec.java
@@ -45,35 +45,27 @@ import java.security.spec.AlgorithmParameterSpec;
 /**
  * This class represents the algorithm parameters for the Truncated
  * Multi-Modular Hash function for use with JCE-derived instances of
- * {@link gnu.crypto.mac.TMMH16}.
- *
- * <p>This class is little more than a container for the key stream, tag
- * length, and prefix parameters for the TMMH algorithm.
+ * {@link gnu.javax.crypto.mac.TMMH16}.
+ * <p>
+ * This class is little more than a container for the key stream, tag length,
+ * and prefix parameters for the TMMH algorithm.
  */
-public class TMMHParameterSpec implements AlgorithmParameterSpec
+public class TMMHParameterSpec
+    implements AlgorithmParameterSpec
 {
-
-  // Constants and variables.
-  // -----------------------------------------------------------------------
-
   /** The keystream. */
   protected IRandom keystream;
-
   /** The tag length. */
   protected Integer tagLength;
-
   /** The prefix. */
   protected byte[] prefix;
 
-  // Constructors.
-  // -----------------------------------------------------------------------
-
   /**
    * Create a new parameter specification.
-   *
+   * 
    * @param keystream The (PRNG) key stream.
    * @param tagLength The tag length.
-   * @param prefix    The prefix.
+   * @param prefix The prefix.
    */
   public TMMHParameterSpec(IRandom keystream, Integer tagLength, byte[] prefix)
   {
@@ -84,7 +76,7 @@ public class TMMHParameterSpec implements AlgorithmParameterSpec
 
   /**
    * Create a new parameter specification with no prefix.
-   *
+   * 
    * @param keystream The (PRNG) key stream.
    * @param tagLength The tag length.
    */
@@ -93,12 +85,9 @@ public class TMMHParameterSpec implements AlgorithmParameterSpec
     this(keystream, tagLength, null);
   }
 
-  // Instance methods.
-  // -----------------------------------------------------------------------
-
   /**
    * Return the key stream this specification was initialized with.
-   *
+   * 
    * @return The key stream.
    */
   public IRandom getKeystream()
@@ -108,7 +97,7 @@ public class TMMHParameterSpec implements AlgorithmParameterSpec
 
   /**
    * Return the tag length this specification was initialized with.
-   *
+   * 
    * @return The tag length.
    */
   public Integer getTagLength()
@@ -117,13 +106,12 @@ public class TMMHParameterSpec implements AlgorithmParameterSpec
   }
 
   /**
-   * Return the prefix, or <code>null</code> if no prefix was
-   * specified.
-   *
+   * Return the prefix, or <code>null</code> if no prefix was specified.
+   * 
    * @return The prefix.
    */
   public byte[] getPrefix()
   {
     return prefix;
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/jce/spec/UMac32ParameterSpec.java b/libjava/classpath/gnu/javax/crypto/jce/spec/UMac32ParameterSpec.java
index 47d807d4970..0990cc6d477 100644
--- a/libjava/classpath/gnu/javax/crypto/jce/spec/UMac32ParameterSpec.java
+++ b/libjava/classpath/gnu/javax/crypto/jce/spec/UMac32ParameterSpec.java
@@ -41,25 +41,19 @@ package gnu.javax.crypto.jce.spec;
 import java.security.spec.AlgorithmParameterSpec;
 
 /**
- * This class represents the parameters for the UMAC-32 message
- * authentication code algorithm. In practice this means the
- * <i>Nonce</i> material used to initialize the algorithm.
+ * This class represents the parameters for the UMAC-32 message authentication
+ * code algorithm. In practice this means the <i>Nonce</i> material used to
+ * initialize the algorithm.
  */
-public class UMac32ParameterSpec implements AlgorithmParameterSpec
+public class UMac32ParameterSpec
+    implements AlgorithmParameterSpec
 {
-
-  // Constants and variables.
-  // -----------------------------------------------------------------------
-
   /** The <i>Nonce</i> material. */
   protected byte[] nonce;
 
-  // Constructors.
-  // -----------------------------------------------------------------------
-
   /**
    * Create a new parameter instance.
-   *
+   * 
    * @param nonce The nonce material.
    */
   public UMac32ParameterSpec(byte[] nonce)
@@ -67,16 +61,13 @@ public class UMac32ParameterSpec implements AlgorithmParameterSpec
     this.nonce = nonce;
   }
 
-  // Instance methods.
-  // -----------------------------------------------------------------------
-
   /**
    * Return the nonce material.
-   *
+   * 
    * @return The nonce material.
    */
   public byte[] getNonce()
   {
     return nonce;
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/key/BaseKeyAgreementParty.java b/libjava/classpath/gnu/javax/crypto/key/BaseKeyAgreementParty.java
index bfd9378d2fc..fc5ddb7145f 100644
--- a/libjava/classpath/gnu/javax/crypto/key/BaseKeyAgreementParty.java
+++ b/libjava/classpath/gnu/javax/crypto/key/BaseKeyAgreementParty.java
@@ -47,41 +47,28 @@ import java.security.SecureRandom;
 import java.util.Map;
 
 /**
- * <p>A base abstract class to facilitate implementations of concrete key
- * agreement protocol handlers.</p>
+ * A base abstract class to facilitate implementations of concrete key agreement
+ * protocol handlers.
  */
-public abstract class BaseKeyAgreementParty implements IKeyAgreementParty
+public abstract class BaseKeyAgreementParty
+    implements IKeyAgreementParty
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   protected static final BigInteger TWO = BigInteger.valueOf(2L);
-
   /** The canonical name of the protocol. */
   protected String name;
-
   /** Whether the instance is initialised or not. */
   protected boolean initialised = false;
-
   /** The current step index of the protocol exchange. */
   protected int step = -1;
-
   /** Whether the exchange has concluded or not. */
   protected boolean complete = false;
-
   /** The optional {@link SecureRandom} instance to use. */
   protected SecureRandom rnd = null;
-
   /** The optional {@link IRandom} instance to use. */
   protected IRandom irnd = null;
-
   /** Our default source of randomness. */
   private PRNG prng = null;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   protected BaseKeyAgreementParty(String name)
   {
     super();
@@ -89,12 +76,6 @@ public abstract class BaseKeyAgreementParty implements IKeyAgreementParty
     this.name = name;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   public String name()
   {
     return name;
@@ -103,12 +84,8 @@ public abstract class BaseKeyAgreementParty implements IKeyAgreementParty
   public void init(Map attributes) throws KeyAgreementException
   {
     if (initialised)
-      {
-        throw new IllegalStateException("already initialised");
-      }
-
+      throw new IllegalStateException("already initialised");
     this.engineInit(attributes);
-
     initialised = true;
     this.step = -1;
     this.complete = false;
@@ -117,15 +94,10 @@ public abstract class BaseKeyAgreementParty implements IKeyAgreementParty
   public OutgoingMessage processMessage(IncomingMessage in)
       throws KeyAgreementException
   {
-    if (!initialised)
-      {
-        throw new IllegalStateException("not initialised");
-      }
+    if (! initialised)
+      throw new IllegalStateException("not initialised");
     if (complete)
-      {
-        throw new IllegalStateException("exchange has already concluded");
-      }
-
+      throw new IllegalStateException("exchange has already concluded");
     step++;
     return this.engineProcessMessage(in);
   }
@@ -137,14 +109,10 @@ public abstract class BaseKeyAgreementParty implements IKeyAgreementParty
 
   public byte[] getSharedSecret() throws KeyAgreementException
   {
-    if (!initialised)
-      {
-        throw new KeyAgreementException("not yet initialised");
-      }
-    if (!isComplete())
-      {
-        throw new KeyAgreementException("not yet computed");
-      }
+    if (! initialised)
+      throw new KeyAgreementException("not yet initialised");
+    if (! isComplete())
+      throw new KeyAgreementException("not yet computed");
     return engineSharedSecret();
   }
 
@@ -157,8 +125,6 @@ public abstract class BaseKeyAgreementParty implements IKeyAgreementParty
       }
   }
 
-  // abstract methods to be implemented by concrete subclasses ---------------
-
   protected abstract void engineInit(Map attributes)
       throws KeyAgreementException;
 
@@ -169,31 +135,25 @@ public abstract class BaseKeyAgreementParty implements IKeyAgreementParty
 
   protected abstract void engineReset();
 
-  // helper methods ----------------------------------------------------------
-
   /**
    * Fills the designated byte array with random data.
-   *
+   * 
    * @param buffer the byte array to fill with random data.
    */
   protected void nextRandomBytes(byte[] buffer)
   {
     if (rnd != null)
-      {
-        rnd.nextBytes(buffer);
-      }
+      rnd.nextBytes(buffer);
     else if (irnd != null)
-      {
-        try
-          {
-            irnd.nextBytes(buffer, 0, buffer.length);
-          }
-        catch (LimitReachedException lre)
-          {
-            irnd = null;
-            getDefaultPRNG().nextBytes(buffer);
-          }
-      }
+      try
+        {
+          irnd.nextBytes(buffer, 0, buffer.length);
+        }
+      catch (LimitReachedException lre)
+        {
+          irnd = null;
+          getDefaultPRNG().nextBytes(buffer);
+        }
     else
       getDefaultPRNG().nextBytes(buffer);
   }
@@ -205,4 +165,4 @@ public abstract class BaseKeyAgreementParty implements IKeyAgreementParty
 
     return prng;
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/key/GnuSecretKey.java b/libjava/classpath/gnu/javax/crypto/key/GnuSecretKey.java
index 93b21a67cc3..3063fe406d1 100644
--- a/libjava/classpath/gnu/javax/crypto/key/GnuSecretKey.java
+++ b/libjava/classpath/gnu/javax/crypto/key/GnuSecretKey.java
@@ -42,27 +42,20 @@ import gnu.java.security.util.Util;
 import java.security.Key;
 
 /**
- * A secret key composed of a sequence of raw, unformatted octets. This class
- * is analogous to the {@link javax.crypto.spec.SecretKeySpec} class, but is
+ * A secret key composed of a sequence of raw, unformatted octets. This class is
+ * analogous to the {@link javax.crypto.spec.SecretKeySpec} class, but is
  * provided for platforms that do not or cannot contain that class.
  */
-public class GnuSecretKey implements Key
+public class GnuSecretKey
+    implements Key
 {
-
-  // Field.
-  // ------------------------------------------------------------------------
-
   private final byte[] key;
-
   private final String algorithm;
 
-  // Constructors.
-  // ------------------------------------------------------------------------
-
   /**
    * Creates a new secret key. The supplied byte array is copied by this
    * constructor.
-   *
+   * 
    * @param key The raw, secret key.
    * @param algorithm The algorithm name, which can be null or empty.
    */
@@ -73,7 +66,7 @@ public class GnuSecretKey implements Key
 
   /**
    * Creates a new secret key from a portion of a byte array.
-   *
+   * 
    * @param key The raw, secret key.
    * @param offset The offset at which the key begins.
    * @param length The number of bytes that comprise the key.
@@ -86,12 +79,9 @@ public class GnuSecretKey implements Key
     this.algorithm = algorithm;
   }
 
-  // Instance methods.
-  // ------------------------------------------------------------------------
-
   /**
    * Returns the algorithm name, if any.
-   *
+   * 
    * @return The algorithm name.
    */
   public String getAlgorithm()
@@ -103,7 +93,7 @@ public class GnuSecretKey implements Key
    * Returns the encoded key, which is merely the byte array this class was
    * created with. A reference to the internal byte array is returned, so the
    * caller can delete this key from memory by modifying the returned array.
-   *
+   * 
    * @return The raw key.
    */
   public byte[] getEncoded()
@@ -113,7 +103,7 @@ public class GnuSecretKey implements Key
 
   /**
    * Returns the string "RAW".
-   *
+   * 
    * @return The string "RAW".
    */
   public String getFormat()
@@ -123,22 +113,14 @@ public class GnuSecretKey implements Key
 
   public boolean equals(Object o)
   {
-    if (!(o instanceof GnuSecretKey))
-      {
-        return false;
-      }
+    if (! (o instanceof GnuSecretKey))
+      return false;
     if (key.length != ((GnuSecretKey) o).key.length)
-      {
-        return false;
-      }
+      return false;
     byte[] key2 = ((GnuSecretKey) o).key;
     for (int i = 0; i < key.length; i++)
-      {
-        if (key[i] != key2[i])
-          {
-            return false;
-          }
-      }
+      if (key[i] != key2[i])
+        return false;
     return true;
   }
 
@@ -146,4 +128,4 @@ public class GnuSecretKey implements Key
   {
     return "GnuSecretKey [ " + algorithm + " " + Util.toString(key) + " ]";
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/key/IKeyAgreementParty.java b/libjava/classpath/gnu/javax/crypto/key/IKeyAgreementParty.java
index 05aef5e51d7..280f3f33d97 100644
--- a/libjava/classpath/gnu/javax/crypto/key/IKeyAgreementParty.java
+++ b/libjava/classpath/gnu/javax/crypto/key/IKeyAgreementParty.java
@@ -41,65 +41,60 @@ package gnu.javax.crypto.key;
 import java.util.Map;
 
 /**
- * <p>The visible methods of an key agreement protocol participating party.</p>
+ * The visible methods of an key agreement protocol participating party.
  */
 public interface IKeyAgreementParty
 {
-
-  // Constants
-  // -------------------------------------------------------------------------
-
-  // Methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns the canonical name of the key agreement protocol.</p>
-   *
+   * Returns the canonical name of the key agreement protocol.
+   * 
    * @return the canonical name of the key agreement protocol.
    */
   String name();
 
   /**
-   * <p>Sets up the instance to operate with specific attributes.</p>
-   *
+   * Sets up the instance to operate with specific attributes.
+   * 
    * @param attributes a map of name-values used by concrete implementations.
    * @throws KeyAgreementException if an exception occurs during the setup.
    */
   void init(Map attributes) throws KeyAgreementException;
 
   /**
-   * <p>Processes an incoming message at one end, generating a message that
-   * will be processed by the other party(ies).</p>
-   *
+   * Processes an incoming message at one end, generating a message that will be
+   * processed by the other party(ies).
+   * 
    * @param in the incoming message.
    * @return an outgoing message, or <code>null</code> if this is an
-   * intermediary step that does not cause any output.
+   *         intermediary step that does not cause any output.
    * @throws KeyAgreementException if an exception occurs during the processing
-   * of the incoming message, or during the generation of the outgoing message.
+   *           of the incoming message, or during the generation of the outgoing
+   *           message.
    */
   OutgoingMessage processMessage(IncomingMessage in)
       throws KeyAgreementException;
 
   /**
-   * <p>Returns <code>true</code> if the party in the key agreement protocol
+   * Returns <code>true</code> if the party in the key agreement protocol
    * exchange has completed its part of the exchange. If this is the case an
    * {@link IllegalStateException} is thrown for any method invocation except
    * <code>init()</code> or <code>reset()</code>.
+   * 
    * @return <code>true</code> if this party has completed its part of the key
-   * agreement protocol exchange; <code>false</code> otherwise.
+   *         agreement protocol exchange; <code>false</code> otherwise.
    */
   boolean isComplete();
 
   /**
-   * <p>Returns the byte array containing the shared secret as generated by
-   * this party.</p>
-   *
+   * Returns the byte array containing the shared secret as generated by this
+   * party.
+   * 
    * @return the generated shared secret.
    * @throws KeyAgreementException if the key agreement is not yet initialised,
-   * or is initialised but the exchange is still in progress.
+   *           or is initialised but the exchange is still in progress.
    */
   byte[] getSharedSecret() throws KeyAgreementException;
 
   /** Resets this instance for re-use with another set of attributes. */
   void reset();
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/key/IncomingMessage.java b/libjava/classpath/gnu/javax/crypto/key/IncomingMessage.java
index e04c85399fc..9701d80a79d 100644
--- a/libjava/classpath/gnu/javax/crypto/key/IncomingMessage.java
+++ b/libjava/classpath/gnu/javax/crypto/key/IncomingMessage.java
@@ -58,30 +58,22 @@ import java.security.PrivateKey;
 import java.security.PublicKey;
 
 /**
- * <p>An implementation of an incoming message for use with key agreement
- * protocols.</p>
+ * An implementation of an incoming message for use with key agreement
+ * protocols.
  */
 public class IncomingMessage
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** The internal buffer stream containing the message's contents. */
   protected ByteArrayInputStream in;
-
   /** The length of the message contents, according to its 4-byte header. */
   protected int length;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Constructs an incoming message given the message's encoded form,
-   * including its header bytes.</p>
-   *
+   * Constructs an incoming message given the message's encoded form, including
+   * its header bytes.
+   * 
    * @param b the encoded form, including the header bytes, of an incoming
-   * message.
+   *          message.
    * @throws KeyAgreementException if the buffer is malformed.
    */
   public IncomingMessage(byte[] b) throws KeyAgreementException
@@ -89,15 +81,13 @@ public class IncomingMessage
     this();
 
     if (b.length < 4)
-      {
-        throw new KeyAgreementException("message header too short");
-      }
-    length = b[0] << 24 | (b[1] & 0xFF) << 16 | (b[2] & 0xFF) << 8
-             | (b[3] & 0xFF);
+      throw new KeyAgreementException("message header too short");
+    length =  b[0]         << 24
+           | (b[1] & 0xFF) << 16
+           | (b[2] & 0xFF) << 8
+           | (b[3] & 0xFF);
     if (length > Registry.SASL_BUFFER_MAX_LIMIT || length < 0)
-      {
-        throw new KeyAgreementException("message size limit exceeded");
-      }
+      throw new KeyAgreementException("message size limit exceeded");
     in = new ByteArrayInputStream(b, 4, length);
   }
 
@@ -107,16 +97,13 @@ public class IncomingMessage
     super();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns an instance of a message given its encoded contents, excluding
-   * the message's header bytes.</p>
-   *
-   * <p>Calls the method with the same name and three arguments as:
+   * Returns an instance of a message given its encoded contents, excluding the
+   * message's header bytes.
+   * <p>
+   * Calls the method with the same name and three arguments as:
    * <code>getInstance(raw, 0, raw.length)</code>.
-   *
+   * 
    * @param raw the encoded form, excluding the header bytes.
    * @return a new instance of <code>IncomingMessage</code>.
    */
@@ -126,9 +113,9 @@ public class IncomingMessage
   }
 
   /**
-   * <p>Returns an instance of a message given its encoded contents, excluding
-   * the message's header bytes.</p>
-   *
+   * Returns an instance of a message given its encoded contents, excluding the
+   * message's header bytes.
+   * 
    * @param raw the encoded form, excluding the header bytes.
    * @param offset offset where to start using raw bytes from.
    * @param len number of bytes to use.
@@ -142,8 +129,8 @@ public class IncomingMessage
   }
 
   /**
-   * <p>Converts two octets into the number that they represent.</p>
-   *
+   * Converts two octets into the number that they represent.
+   * 
    * @param b the two octets.
    * @return the length.
    */
@@ -151,32 +138,27 @@ public class IncomingMessage
   {
     int result = (b[0] & 0xFF) << 8 | (b[1] & 0xFF);
     if (result > Registry.SASL_TWO_BYTE_MAX_LIMIT)
-      {
-        throw new KeyAgreementException("encoded MPI size limit exceeded");
-      }
+      throw new KeyAgreementException("encoded MPI size limit exceeded");
     return result;
   }
 
   /**
-   * <p>Converts four octets into the number that they represent.</p>
-   *
+   * Converts four octets into the number that they represent.
+   * 
    * @param b the four octets.
    * @return the length.
    */
   public static int fourBytesToLength(byte[] b) throws KeyAgreementException
   {
-    int result = b[0] << 24 | (b[1] & 0xFF) << 16 | (b[2] & 0xFF) << 8
-                 | (b[3] & 0xFF);
+    int result =  b[0]         << 24
+               | (b[1] & 0xFF) << 16
+               | (b[2] & 0xFF) << 8
+               | (b[3] & 0xFF);
     if (result > Registry.SASL_FOUR_BYTE_MAX_LIMIT || result < 0)
-      {
-        throw new KeyAgreementException("encoded entity size limit exceeded");
-      }
+      throw new KeyAgreementException("encoded entity size limit exceeded");
     return result;
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   public boolean hasMoreElements()
   {
     return (in.available() > 0);
@@ -195,18 +177,15 @@ public class IncomingMessage
   {
     if (in.available() < 5)
       throw new KeyAgreementException("not enough bytes for a public key in message");
-
     byte[] elementLengthBytes = new byte[4];
     in.read(elementLengthBytes, 0, 4);
     int elementLength = fourBytesToLength(elementLengthBytes);
     if (in.available() < elementLength)
       throw new KeyAgreementException("illegal public key encoding");
-
     int keyTypeAndFormatID = in.read() & 0xFF;
     elementLength--;
     byte[] kb = new byte[elementLength];
     in.read(kb, 0, elementLength);
-
     // instantiate the right codec and decode
     IKeyPairCodec kpc = getKeyPairCodec(keyTypeAndFormatID);
     return kpc.decodePublicKey(kb);
@@ -225,66 +204,50 @@ public class IncomingMessage
   {
     if (in.available() < 5)
       throw new KeyAgreementException("not enough bytes for a private key in message");
-
     byte[] elementLengthBytes = new byte[4];
     in.read(elementLengthBytes, 0, 4);
     int elementLength = fourBytesToLength(elementLengthBytes);
     if (in.available() < elementLength)
       throw new KeyAgreementException("illegal private key encoding");
-
     int keyTypeAndFormatID = in.read() & 0xFF;
     elementLength--;
     byte[] kb = new byte[elementLength];
     in.read(kb, 0, elementLength);
-
     // instantiate the right codec and decode
     IKeyPairCodec kpc = getKeyPairCodec(keyTypeAndFormatID);
     return kpc.decodePrivateKey(kb);
   }
 
   /**
-   * <p>Decodes an MPI from the current message's contents.</p>
-   *
+   * Decodes an MPI from the current message's contents.
+   * 
    * @return a native representation of an MPI.
    * @throws KeyAgreementException if an encoding exception occurs during the
-   * operation.
+   *           operation.
    */
   public BigInteger readMPI() throws KeyAgreementException
   {
     if (in.available() < 2)
-      {
-        throw new KeyAgreementException(
-                                        "not enough bytes for an MPI in message");
-      }
+      throw new KeyAgreementException("not enough bytes for an MPI in message");
     byte[] elementLengthBytes = new byte[2];
     in.read(elementLengthBytes, 0, 2);
     int elementLength = twoBytesToLength(elementLengthBytes);
     if (in.available() < elementLength)
-      {
-        throw new KeyAgreementException("illegal MPI encoding");
-      }
-
+      throw new KeyAgreementException("illegal MPI encoding");
     byte[] element = new byte[elementLength];
     in.read(element, 0, element.length);
-
     return new BigInteger(1, element);
   }
 
   public String readString() throws KeyAgreementException
   {
     if (in.available() < 2)
-      {
-        throw new KeyAgreementException(
-                                        "not enough bytes for a text in message");
-      }
+      throw new KeyAgreementException("not enough bytes for a text in message");
     byte[] elementLengthBytes = new byte[2];
     in.read(elementLengthBytes, 0, 2);
     int elementLength = twoBytesToLength(elementLengthBytes);
     if (in.available() < elementLength)
-      {
-        throw new KeyAgreementException("illegal text encoding");
-      }
-
+      throw new KeyAgreementException("illegal text encoding");
     byte[] element = new byte[elementLength];
     in.read(element, 0, element.length);
     String result = null;
@@ -296,7 +259,6 @@ public class IncomingMessage
       {
         throw new KeyAgreementException("unxupported UTF8 encoding", x);
       }
-
     return result;
   }
 
@@ -353,4 +315,4 @@ public class IncomingMessage
                                         + formatID);
       }
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/key/KeyAgreementException.java b/libjava/classpath/gnu/javax/crypto/key/KeyAgreementException.java
index c2fa434a224..f0fb1bb83f9 100644
--- a/libjava/classpath/gnu/javax/crypto/key/KeyAgreementException.java
+++ b/libjava/classpath/gnu/javax/crypto/key/KeyAgreementException.java
@@ -44,26 +44,19 @@ import java.io.Serializable;
 import java.security.KeyManagementException;
 
 /**
- * A generic exception indicating that an unexpected condition has
- * been detected during the setup and/or processing of a key agreement
- * protocol exchange.
+ * A generic exception indicating that an unexpected condition has been detected
+ * during the setup and/or processing of a key agreement protocol exchange.
  */
-public class KeyAgreementException extends KeyManagementException implements
-    Serializable
+public class KeyAgreementException
+    extends KeyManagementException
+    implements Serializable
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** @serial The possibly <code>null</code> <i>root</i> cause exception. */
   private Throwable cause = null;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Constructs a new instance of <code>KeyAgreementException</code>. The
-   * root exception and the detailed message are <code>null</code>.</p>
+   * Constructs a new instance of <code>KeyAgreementException</code>. The
+   * root exception and the detailed message are <code>null</code>.
    */
   public KeyAgreementException()
   {
@@ -71,11 +64,11 @@ public class KeyAgreementException extends KeyManagementException implements
   }
 
   /**
-   * <p>Constructs a new instance of <code>KeyAgreementException</code> with a
-   * detailed message. The <i>root</i> exception is <code>null</code>.</p>
-   *
+   * Constructs a new instance of <code>KeyAgreementException</code> with a
+   * detailed message. The <i>root</i> exception is <code>null</code>.
+   * 
    * @param detail a possibly <code>null</code> string containing details of
-   * the exception.
+   *          the exception.
    * @see Throwable#getMessage()
    */
   public KeyAgreementException(String detail)
@@ -84,13 +77,13 @@ public class KeyAgreementException extends KeyManagementException implements
   }
 
   /**
-   * <p>Constructs a new instance of <code>KeyAgreementException</code> with a
-   * detailed message and a <i>root</i> exception.</p>
-   *
+   * Constructs a new instance of <code>KeyAgreementException</code> with a
+   * detailed message and a <i>root</i> exception.
+   * 
    * @param detail a possibly <code>null</code> string containing details of
-   * the exception.
+   *          the exception.
    * @param cause a possibly <code>null</code> root exception that caused this
-   * exception.
+   *          exception.
    * @see Throwable#getMessage()
    * @see #getCause()
    */
@@ -100,17 +93,11 @@ public class KeyAgreementException extends KeyManagementException implements
     this.cause = cause;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns the cause of this throwable or <code>null</code> if the cause
-   * is nonexistent or unknown. The <i>cause</i> is the throwable that caused
-   * this exception to be thrown.</p>
-   *
+   * Returns the cause of this throwable or <code>null</code> if the cause is
+   * nonexistent or unknown. The <i>cause</i> is the throwable that caused this
+   * exception to be thrown.
+   * 
    * @return the possibly <code>null</code> exception that caused this one.
    */
   public Throwable getCause()
@@ -119,69 +106,61 @@ public class KeyAgreementException extends KeyManagementException implements
   }
 
   /**
-   * <p>Prints this exception's stack trace to <code>System.err</code>. If this
+   * Prints this exception's stack trace to <code>System.err</code>. If this
    * exception has a <i>root</i> exception; the stack trace of the <i>root</i>
-   * exception is also printed to <code>System.err</code>.</p>
+   * exception is also printed to <code>System.err</code>.
    */
   public void printStackTrace()
   {
     super.printStackTrace();
     if (cause != null)
-      {
-        cause.printStackTrace();
-      }
+      cause.printStackTrace();
   }
 
   /**
-   * <p>Prints this exception's stack trace to a print stream. If this
-   * exception has a <i>root</i> exception; the stack trace of the <i>root</i>
-   * exception is also printed to the print stream.</p>
-   *
+   * Prints this exception's stack trace to a print stream. If this exception
+   * has a <i>root</i> exception; the stack trace of the <i>root</i> exception
+   * is also printed to the print stream.
+   * 
    * @param ps the non-null print stream to which to print.
    */
   public void printStackTrace(PrintStream ps)
   {
     super.printStackTrace(ps);
     if (cause != null)
-      {
-        cause.printStackTrace(ps);
-      }
+      cause.printStackTrace(ps);
   }
 
   /**
-   * <p>Prints this exception's stack trace to a print writer. If this
-   * exception has a <i>root</i> exception; the stack trace of the <i>root</i>
-   * exception is also printed to the print writer.</p>
-   *
+   * Prints this exception's stack trace to a print writer. If this exception
+   * has a <i>root</i> exception; the stack trace of the <i>root</i> exception
+   * is also printed to the print writer.
+   * 
    * @param pw the non-null print writer to use for output.
    */
   public void printStackTrace(PrintWriter pw)
   {
     super.printStackTrace(pw);
     if (cause != null)
-      {
-        cause.printStackTrace(pw);
-      }
+      cause.printStackTrace(pw);
   }
 
   /**
-   * <p>Returns the string representation of this exception. The string
-   * representation contains this exception's class name, its detailed
-   * messsage, and if it has a <i>root</i> exception, the string representation
-   * of the root exception. This string representation is meant for debugging
-   * and is not meant to be interpreted programmatically.</p>
-   *
+   * Returns the string representation of this exception. The string
+   * representation contains this exception's class name, its detailed messsage,
+   * and if it has a <i>root</i> exception, the string representation of the
+   * root exception. This string representation is meant for debugging and is
+   * not meant to be interpreted programmatically.
+   * 
    * @return the non-null string representation of this exception.
    * @see Throwable#getMessage()
    */
   public String toString()
   {
-    StringBuffer sb = new StringBuffer(this.getClass().getName()).append(": ").append(
-                                                                                      super.toString());
+    StringBuffer sb = new StringBuffer(this.getClass().getName()).append(": ")
+        .append(super.toString());
     if (cause != null)
-      {
-        sb.append("; caused by: ").append(cause.toString());
-      }
+      sb.append("; caused by: ").append(cause.toString());
     return sb.toString();
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/key/KeyAgreementFactory.java b/libjava/classpath/gnu/javax/crypto/key/KeyAgreementFactory.java
index e2a7faba18a..ae9bf36ff3a 100644
--- a/libjava/classpath/gnu/javax/crypto/key/KeyAgreementFactory.java
+++ b/libjava/classpath/gnu/javax/crypto/key/KeyAgreementFactory.java
@@ -56,115 +56,77 @@ import java.util.HashSet;
 import java.util.Set;
 
 /**
- * <p>A <i>Factory</i> class to generate key agreement protocol handlers.</p>
+ * A <i>Factory</i> class to generate key agreement protocol handlers.
  */
 public class KeyAgreementFactory
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial constructor to enforce <i>Singleton</i> pattern. */
   private KeyAgreementFactory()
   {
     super();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns an instance of a key agreeent protocol handler, for party
+   * Returns an instance of a key agreeent protocol handler, for party
    * <code>A</code> in a two-party <code>A..B</code> exchange, given the
    * canonical name of this protocol. Party <code>A</code> is usually the
-   * initiator of the exchange.</p>
-   *
+   * initiator of the exchange.
+   * 
    * @param name the case-insensitive key agreement protocol name.
    * @return an instance of the key agreement protocol handler for party
-   * <code>A</code>, or <code>null</code> if none found.
+   *         <code>A</code>, or <code>null</code> if none found.
    */
   public static IKeyAgreementParty getPartyAInstance(String name)
   {
     if (name == null)
-      {
-        return null;
-      }
-
+      return null;
     name = name.trim();
     IKeyAgreementParty result = null;
     if (name.equalsIgnoreCase(Registry.DH_KA))
-      {
-        result = new DiffieHellmanSender();
-      }
+      result = new DiffieHellmanSender();
     else if (name.equalsIgnoreCase(Registry.ELGAMAL_KA))
-      {
-        result = new ElGamalSender();
-      }
+      result = new ElGamalSender();
     else if (name.equalsIgnoreCase(Registry.SRP6_KA))
-      {
-        result = new SRP6User();
-      }
+      result = new SRP6User();
     else if (name.equalsIgnoreCase(Registry.SRP_SASL_KA))
-      {
-        result = new SRP6SaslClient();
-      }
+      result = new SRP6SaslClient();
     else if (name.equalsIgnoreCase(Registry.SRP_TLS_KA))
-      {
-        result = new SRP6TLSClient();
-      }
-
+      result = new SRP6TLSClient();
     return result;
   }
 
   /**
-   * <p>Returns an instance of a key agreeent protocol handler, for party
+   * Returns an instance of a key agreeent protocol handler, for party
    * <code>B</code> in a two-party <code>A..B</code> exchange, given the
-   * canonical name of this protocol.</p>
-   *
+   * canonical name of this protocol.
+   * 
    * @param name the case-insensitive key agreement protocol name.
    * @return an instance of the key agreement protocol handler for party
-   * <code>B</code>, or <code>null</code> if none found.
+   *         <code>B</code>, or <code>null</code> if none found.
    */
   public static IKeyAgreementParty getPartyBInstance(String name)
   {
     if (name == null)
-      {
-        return null;
-      }
-
+      return null;
     name = name.trim();
     IKeyAgreementParty result = null;
     if (name.equalsIgnoreCase(Registry.DH_KA))
-      {
-        result = new DiffieHellmanReceiver();
-      }
+      result = new DiffieHellmanReceiver();
     else if (name.equalsIgnoreCase(Registry.ELGAMAL_KA))
-      {
-        result = new ElGamalReceiver();
-      }
+      result = new ElGamalReceiver();
     else if (name.equalsIgnoreCase(Registry.SRP6_KA))
-      {
-        result = new SRP6Host();
-      }
+      result = new SRP6Host();
     else if (name.equalsIgnoreCase(Registry.SRP_SASL_KA))
-      {
-        result = new SRP6SaslServer();
-      }
+      result = new SRP6SaslServer();
     else if (name.equalsIgnoreCase(Registry.SRP_TLS_KA))
-      {
-        result = new SRP6TLSServer();
-      }
-
+      result = new SRP6TLSServer();
     return result;
   }
 
   /**
-   * <p>Returns a {@link Set} of key agreement protocol names supported by this
-   * <i>Factory</i>.</p>
-   *
+   * Returns a {@link Set} of key agreement protocol names supported by this
+   * <i>Factory</i>.
+   * 
    * @return a {@link Set} of key agreement protocol names (Strings).
    */
   public static final Set getNames()
@@ -178,4 +140,4 @@ public class KeyAgreementFactory
 
     return Collections.unmodifiableSet(hs);
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/key/OutgoingMessage.java b/libjava/classpath/gnu/javax/crypto/key/OutgoingMessage.java
index 588012120ce..563b3ef5ae6 100644
--- a/libjava/classpath/gnu/javax/crypto/key/OutgoingMessage.java
+++ b/libjava/classpath/gnu/javax/crypto/key/OutgoingMessage.java
@@ -53,21 +53,13 @@ import java.security.PublicKey;
 import java.math.BigInteger;
 
 /**
- * <p>An implementation of outgoing messages for use with key agreement
- * protocols.</p>
+ * An implementation of outgoing messages for use with key agreement protocols.
  */
 public class OutgoingMessage
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** The internal output stream. */
   private ByteArrayOutputStream out;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public OutgoingMessage()
   {
     super();
@@ -75,16 +67,10 @@ public class OutgoingMessage
     out = new ByteArrayOutputStream();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns the encoded form of the current message including the 4-byte
-   * length header.</p>
-   *
+   * Returns the encoded form of the current message including the 4-byte length
+   * header.
+   * 
    * @throws KeyAgreementException if an encoding size constraint is violated.
    */
   public byte[] toByteArray() throws KeyAgreementException
@@ -92,28 +78,25 @@ public class OutgoingMessage
     byte[] buffer = wrap();
     int length = buffer.length;
     byte[] result = new byte[length + 4];
-    result[0] = (byte) (length >>> 24);
-    result[1] = (byte) (length >>> 16);
-    result[2] = (byte) (length >>> 8);
+    result[0] = (byte)(length >>> 24);
+    result[1] = (byte)(length >>> 16);
+    result[2] = (byte)(length >>> 8);
     result[3] = (byte) length;
     System.arraycopy(buffer, 0, result, 4, length);
-
     return result;
   }
 
   /**
-   * <p>Returns the encoded form of the current message excluding the 4-byte
-   * length header.</p>
-   *
+   * Returns the encoded form of the current message excluding the 4-byte length
+   * header.
+   * 
    * @throws KeyAgreementException if an encoding size constraint is violated.
    */
   public byte[] wrap() throws KeyAgreementException
   {
     int length = out.size();
     if (length > Registry.SASL_BUFFER_MAX_LIMIT || length < 0)
-      {
-        throw new KeyAgreementException("message content is too long");
-      }
+      throw new KeyAgreementException("message content is too long");
     return out.toByteArray();
   }
 
@@ -128,9 +111,8 @@ public class OutgoingMessage
    * representing the total length, excluding these 4 bytes, of the bytes
    * representing the encoded key and the one-byte representing the key-type and
    * format; i.e.
-   * 
    * <pre>
-   *    key --&gt; 4-byte-length || 1-byte-type-and-format || encoded-key-bytes
+   * key --&gt; 4-byte-length || 1-byte-type-and-format || encoded-key-bytes
    * </pre>
    * 
    * @param k the public key to encode.
@@ -152,9 +134,8 @@ public class OutgoingMessage
    * representing the total length, excluding these 4 bytes, of the bytes
    * representing the encoded key and the one-byte representing the key-type and
    * format; i.e.
-   * 
    * <pre>
-   *    key --&gt; 4-byte-length || 1-byte-type-and-format || encoded-key-bytes
+   * key --&gt; 4-byte-length || 1-byte-type-and-format || encoded-key-bytes
    * </pre>
    * 
    * @param k the private key to encode.
@@ -166,8 +147,8 @@ public class OutgoingMessage
   }
 
   /**
-   * <p>Encodes an MPI into the message.</p>
-   *
+   * Encodes an MPI into the message.
+   * 
    * @param val the MPI to encode.
    * @throws KeyAgreementException if an encoding size constraint is violated.
    */
@@ -176,20 +157,18 @@ public class OutgoingMessage
     byte[] b = val.toByteArray();
     int length = b.length;
     if (length > Registry.SASL_TWO_BYTE_MAX_LIMIT)
-      {
-        throw new KeyAgreementException("MPI is too long");
-      }
-    byte[] lengthBytes = { (byte) (length >>> 8), (byte) length };
+      throw new KeyAgreementException("MPI is too long");
+    byte[] lengthBytes = { (byte)(length >>> 8), (byte) length };
     out.write(lengthBytes, 0, 2);
     out.write(b, 0, b.length);
   }
 
   /**
-   * <p>Encodes a string into the message.</p>
-   *
+   * Encodes a string into the message.
+   * 
    * @param s the string to encode.
-   * @throws KeyAgreementException if the UTF8 encoding is not supported on
-   * this platform, or if an encoding size constraint is violated.
+   * @throws KeyAgreementException if the UTF8 encoding is not supported on this
+   *           platform, or if an encoding size constraint is violated.
    */
   public void writeString(String s) throws KeyAgreementException
   {
@@ -204,10 +183,8 @@ public class OutgoingMessage
       }
     int length = b.length;
     if (length > Registry.SASL_TWO_BYTE_MAX_LIMIT)
-      {
-        throw new KeyAgreementException("text too long");
-      }
-    byte[] lengthBytes = { (byte) (length >>> 8), (byte) length };
+      throw new KeyAgreementException("text too long");
+    byte[] lengthBytes = { (byte)(length >>> 8), (byte) length };
     out.write(lengthBytes, 0, 2);
     out.write(b, 0, b.length);
   }
@@ -224,9 +201,11 @@ public class OutgoingMessage
     int length = b.length + 1;
     if (length > Registry.SASL_FOUR_BYTE_MAX_LIMIT)
       throw new KeyAgreementException("Encoded key is too long");
-
-    byte[] lengthBytes = { (byte) (length >>> 24), (byte) (length >>> 16),
-                          (byte) (length >>> 8), (byte) length };
+    byte[] lengthBytes = {
+        (byte)(length >>> 24),
+        (byte)(length >>> 16),
+        (byte)(length >>> 8),
+        (byte) length };
     out.write(lengthBytes, 0, 4);
     out.write(((keyType & 0x0F) << 4) | (formatID & 0x0F));
     out.write(b, 0, b.length);
@@ -252,4 +231,4 @@ public class OutgoingMessage
     throw new KeyAgreementException("Unknown or unsupported key type: "
                                     + k.getClass().getName());
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairPKCS8Codec.java b/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairPKCS8Codec.java
index 34fb007066b..98ea4765375 100644
--- a/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairPKCS8Codec.java
+++ b/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairPKCS8Codec.java
@@ -98,6 +98,13 @@ public class DHKeyPairPKCS8Codec
    *     q  INTEGER  -- factor of p-1
    *   }
    * </pre>
+   * <p>
+   * <b>IMPORTANT</b>: with RI's {@link javax.crypto.spec.DHGenParameterSpec}
+   * and {@link javax.crypto.spec.DHParameterSpec} classes, we may end up with
+   * Diffie-Hellman keys that have a <code>null</code> for the <code>q</code>
+   * parameter. RFC-2631 DOES NOT allow for an <i>optional</i> value for that
+   * parameter, hence we replace such null values with <code>0</code>, and do
+   * the reverse in the corresponding decode method.
    * 
    * @return the DER encoded form of the ASN.1 representation of the
    *         <i>PrivateKeyInfo</i> field in an X.509 certificate.
@@ -117,6 +124,8 @@ public class DHKeyPairPKCS8Codec
     BigInteger p = pk.getParams().getP();
     BigInteger g = pk.getParams().getG();
     BigInteger q = pk.getQ();
+    if (q == null)
+      q = BigInteger.ZERO;
     BigInteger x = pk.getX();
 
     ArrayList params = new ArrayList(3);
@@ -212,6 +221,8 @@ public class DHKeyPairPKCS8Codec
         val = der.read();
         DerUtil.checkIsBigInteger(val, "Wrong Q field");
         q = (BigInteger) val.getValue();
+        if (q.compareTo(BigInteger.ZERO) == 0)
+          q = null;
 
         val = der.read();
         byte[] xBytes = (byte[]) val.getValue();
diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairRawCodec.java b/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairRawCodec.java
index c0ff82bea52..aefcd5ff4fb 100644
--- a/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairRawCodec.java
+++ b/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairRawCodec.java
@@ -47,62 +47,49 @@ import java.security.PrivateKey;
 import java.security.PublicKey;
 
 /**
- * <p>An object that implements the {@link IKeyPairCodec} operations for the
- * <i>Raw</i> format to use with Diffie-Hellman keypairs.</p>
+ * An object that implements the {@link IKeyPairCodec} operations for the
+ * <i>Raw</i> format to use with Diffie-Hellman keypairs.
  */
-public class DHKeyPairRawCodec implements IKeyPairCodec
+public class DHKeyPairRawCodec
+    implements IKeyPairCodec
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
-  // implicit 0-arguments ctor
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // gnu.crypto.keys.IKeyPairCodec interface implementation -------------------
-
   public int getFormatID()
   {
     return RAW_FORMAT;
   }
 
   /**
-   * <p>Returns the encoded form of the designated Diffie-Hellman public key
-   * according to the <i>Raw</i> format supported by this library.</p>
-   *
-   * <p>The <i>Raw</i> format for a DH public key, in this implementation, is
-   * a byte sequence consisting of the following:</p>
-   *
+   * Returns the encoded form of the designated Diffie-Hellman public key
+   * according to the <i>Raw</i> format supported by this library.
+   * <p>
+   * The <i>Raw</i> format for a DH public key, in this implementation, is a
+   * byte sequence consisting of the following:
    * <ol>
-   *    <li>4-byte magic consisting of the value of the literal
-   *    {@link Registry#MAGIC_RAW_DH_PUBLIC_KEY},<li>
-   *    <li>1-byte version consisting of the constant: 0x01,</li>
-   *    <li>4-byte count of following bytes representing the DH parameter
-   *    <code>q</code> in internet order,</li>
-   *    <li>n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the <code>toByteArray()</code> method on the DH parameter <code>q</code>,</li>
-   *    <li>4-byte count of following bytes representing the DH parameter
-   *    <code>p</code> in internet order,</li>
-   *    <li>n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the <code>toByteArray()</code> method on the DH parameter <code>p</code>,</li>
-   *    <li>4-byte count of following bytes representing the DH parameter
-   *    <code>g</code>,</li>
-   *    <li>n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the <code>toByteArray()</code> method on the DH parameter <code>g</code>,</li>
-   *    <li>4-byte count of following bytes representing the DH parameter
-   *    <code>y</code>,</li>
-   *    <li>n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the <code>toByteArray()</code> method on the DH parameter <code>y</code>,</li>
+   * <li>4-byte magic consisting of the value of the literal
+   * {@link Registry#MAGIC_RAW_DH_PUBLIC_KEY},</li>
+   * <li>1-byte version consisting of the constant: 0x01,</li>
+   * <li>4-byte count of following bytes representing the DH parameter
+   * <code>q</code> in internet order,</li>
+   * <li>n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the <code>toByteArray()</code> method on the DH parameter <code>q</code>,
+   * </li>
+   * <li>4-byte count of following bytes representing the DH parameter
+   * <code>p</code> in internet order,</li>
+   * <li>n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the <code>toByteArray()</code> method on the DH parameter <code>p</code>,
+   * </li>
+   * <li>4-byte count of following bytes representing the DH parameter
+   * <code>g</code>,</li>
+   * <li>n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the <code>toByteArray()</code> method on the DH parameter <code>g</code>,
+   * </li>
+   * <li>4-byte count of following bytes representing the DH parameter
+   * <code>y</code>,</li>
+   * <li>n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the <code>toByteArray()</code> method on the DH parameter <code>y</code>,
+   * </li>
    * </ol>
-   *
+   * 
    * @param key the key to encode.
    * @return the <i>Raw</i> format encoding of the designated key.
    * @throws IllegalArgumentException if the designated key is not a DH one.
@@ -110,59 +97,49 @@ public class DHKeyPairRawCodec implements IKeyPairCodec
    */
   public byte[] encodePublicKey(PublicKey key)
   {
-    if (!(key instanceof GnuDHPublicKey))
-      {
-        throw new IllegalArgumentException("key");
-      }
-
+    if (! (key instanceof GnuDHPublicKey))
+      throw new IllegalArgumentException("key");
     GnuDHPublicKey dhKey = (GnuDHPublicKey) key;
     ByteArrayOutputStream baos = new ByteArrayOutputStream();
-
     // magic
     baos.write(Registry.MAGIC_RAW_DH_PUBLIC_KEY[0]);
     baos.write(Registry.MAGIC_RAW_DH_PUBLIC_KEY[1]);
     baos.write(Registry.MAGIC_RAW_DH_PUBLIC_KEY[2]);
     baos.write(Registry.MAGIC_RAW_DH_PUBLIC_KEY[3]);
-
     // version
     baos.write(0x01);
-
     // q
     byte[] buffer = dhKey.getQ().toByteArray();
     int length = buffer.length;
-    baos.write(length >>> 24);
+    baos.write( length >>> 24);
     baos.write((length >>> 16) & 0xFF);
-    baos.write((length >>> 8) & 0xFF);
-    baos.write(length & 0xFF);
+    baos.write((length >>>  8) & 0xFF);
+    baos.write( length         & 0xFF);
     baos.write(buffer, 0, length);
-
     // p
     buffer = dhKey.getParams().getP().toByteArray();
     length = buffer.length;
-    baos.write(length >>> 24);
+    baos.write( length >>> 24);
     baos.write((length >>> 16) & 0xFF);
-    baos.write((length >>> 8) & 0xFF);
-    baos.write(length & 0xFF);
+    baos.write((length >>>  8) & 0xFF);
+    baos.write( length         & 0xFF);
     baos.write(buffer, 0, length);
-
     // g
     buffer = dhKey.getParams().getG().toByteArray();
     length = buffer.length;
-    baos.write(length >>> 24);
+    baos.write( length >>> 24);
     baos.write((length >>> 16) & 0xFF);
-    baos.write((length >>> 8) & 0xFF);
-    baos.write(length & 0xFF);
+    baos.write((length >>>  8) & 0xFF);
+    baos.write( length         & 0xFF);
     baos.write(buffer, 0, length);
-
     // y
     buffer = dhKey.getY().toByteArray();
     length = buffer.length;
-    baos.write(length >>> 24);
+    baos.write( length >>> 24);
     baos.write((length >>> 16) & 0xFF);
-    baos.write((length >>> 8) & 0xFF);
-    baos.write(length & 0xFF);
+    baos.write((length >>>  8) & 0xFF);
+    baos.write( length         & 0xFF);
     baos.write(buffer, 0, length);
-
     return baos.toByteArray();
   }
 
@@ -173,83 +150,84 @@ public class DHKeyPairRawCodec implements IKeyPairCodec
         || k[1] != Registry.MAGIC_RAW_DH_PUBLIC_KEY[1]
         || k[2] != Registry.MAGIC_RAW_DH_PUBLIC_KEY[2]
         || k[3] != Registry.MAGIC_RAW_DH_PUBLIC_KEY[3])
-      {
-        throw new IllegalArgumentException("magic");
-      }
-
+      throw new IllegalArgumentException("magic");
     // version
     if (k[4] != 0x01)
-      {
-        throw new IllegalArgumentException("version");
-      }
+      throw new IllegalArgumentException("version");
     int i = 5;
     int l;
     byte[] buffer;
-
     // q
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger q = new BigInteger(1, buffer);
-
     // p
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger p = new BigInteger(1, buffer);
-
     // g
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger g = new BigInteger(1, buffer);
-
     // y
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger y = new BigInteger(1, buffer);
-
     return new GnuDHPublicKey(q, p, g, y);
   }
 
   /**
-   * <p>Returns the encoded form of the designated Diffie-Hellman private key
-   * according to the <i>Raw</i> format supported by this library.</p>
-   *
-   * <p>The <i>Raw</i> format for a DH private key, in this implementation, is
-   * a byte sequence consisting of the following:</p>
-   *
+   * Returns the encoded form of the designated Diffie-Hellman private key
+   * according to the <i>Raw</i> format supported by this library.
+   * <p>
+   * The <i>Raw</i> format for a DH private key, in this implementation, is a
+   * byte sequence consisting of the following:
    * <ol>
-   *    <li>4-byte magic consisting of the value of the literal
-   *    {@link Registry#MAGIC_RAW_DH_PRIVATE_KEY},<li>
-   *    <li>1-byte version consisting of the constant: 0x01,</li>
-   *    <li>4-byte count of following bytes representing the DH parameter
-   *    <code>q</code>,</li>
-   *    <li>n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the <code>toByteArray()</code> method on the DH parameter <code>q</code>,</li>
-   *    <li>4-byte count of following bytes representing the DH parameter
-   *    <code>p</code> in internet order,</li>
-   *    <li>n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the <code>toByteArray()</code> method on the DH parameter <code>p</code>,</li>
-   *    <li>4-byte count of following bytes representing the DH parameter
-   *    <code>g</code>,</li>
-   *    <li>n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the <code>toByteArray()</code> method on the DH parameter <code>g</code>,</li>
-   *    <li>4-byte count of following bytes representing the DH parameter
-   *    <code>x</code>,</li>
-   *    <li>n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the <code>toByteArray()</code> method on the DH parameter <code>x</code>,</li>
+   * <li>4-byte magic consisting of the value of the literal
+   * {@link Registry#MAGIC_RAW_DH_PRIVATE_KEY},</li>
+   * <li>1-byte version consisting of the constant: 0x01,</li>
+   * <li>4-byte count of following bytes representing the DH parameter
+   * <code>q</code>,</li>
+   * <li>n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the <code>toByteArray()</code> method on the DH parameter <code>q</code>,
+   * </li>
+   * <li>4-byte count of following bytes representing the DH parameter
+   * <code>p</code> in internet order,</li>
+   * <li>n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the <code>toByteArray()</code> method on the DH parameter <code>p</code>,
+   * </li>
+   * <li>4-byte count of following bytes representing the DH parameter
+   * <code>g</code>,</li>
+   * <li>n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the <code>toByteArray()</code> method on the DH parameter <code>g</code>,
+   * </li>
+   * <li>4-byte count of following bytes representing the DH parameter
+   * <code>x</code>,</li>
+   * <li>n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the <code>toByteArray()</code> method on the DH parameter <code>x</code>,
+   * </li>
    * </ol>
-   *
+   * 
    * @param key the key to encode.
    * @return the <i>Raw</i> format encoding of the designated key.
    * @throws IllegalArgumentException if the designated key is not a DH one.
@@ -257,59 +235,49 @@ public class DHKeyPairRawCodec implements IKeyPairCodec
    */
   public byte[] encodePrivateKey(PrivateKey key)
   {
-    if (!(key instanceof GnuDHPrivateKey))
-      {
-        throw new IllegalArgumentException("key");
-      }
-
+    if (! (key instanceof GnuDHPrivateKey))
+      throw new IllegalArgumentException("key");
     GnuDHPrivateKey dhKey = (GnuDHPrivateKey) key;
     ByteArrayOutputStream baos = new ByteArrayOutputStream();
-
     // magic
     baos.write(Registry.MAGIC_RAW_DH_PRIVATE_KEY[0]);
     baos.write(Registry.MAGIC_RAW_DH_PRIVATE_KEY[1]);
     baos.write(Registry.MAGIC_RAW_DH_PRIVATE_KEY[2]);
     baos.write(Registry.MAGIC_RAW_DH_PRIVATE_KEY[3]);
-
     // version
     baos.write(0x01);
-
     // q
     byte[] buffer = dhKey.getQ().toByteArray();
     int length = buffer.length;
-    baos.write(length >>> 24);
+    baos.write( length >>> 24);
     baos.write((length >>> 16) & 0xFF);
-    baos.write((length >>> 8) & 0xFF);
-    baos.write(length & 0xFF);
+    baos.write((length >>>  8) & 0xFF);
+    baos.write( length         & 0xFF);
     baos.write(buffer, 0, length);
-
     // p
     buffer = dhKey.getParams().getP().toByteArray();
     length = buffer.length;
-    baos.write(length >>> 24);
+    baos.write( length >>> 24);
     baos.write((length >>> 16) & 0xFF);
-    baos.write((length >>> 8) & 0xFF);
-    baos.write(length & 0xFF);
+    baos.write((length >>>  8) & 0xFF);
+    baos.write( length         & 0xFF);
     baos.write(buffer, 0, length);
-
     // g
     buffer = dhKey.getParams().getG().toByteArray();
     length = buffer.length;
-    baos.write(length >>> 24);
+    baos.write( length >>> 24);
     baos.write((length >>> 16) & 0xFF);
-    baos.write((length >>> 8) & 0xFF);
-    baos.write(length & 0xFF);
+    baos.write((length >>>  8) & 0xFF);
+    baos.write( length         & 0xFF);
     baos.write(buffer, 0, length);
-
     // x
     buffer = dhKey.getX().toByteArray();
     length = buffer.length;
-    baos.write(length >>> 24);
+    baos.write( length >>> 24);
     baos.write((length >>> 16) & 0xFF);
-    baos.write((length >>> 8) & 0xFF);
-    baos.write(length & 0xFF);
+    baos.write((length >>>  8) & 0xFF);
+    baos.write( length         & 0xFF);
     baos.write(buffer, 0, length);
-
     return baos.toByteArray();
   }
 
@@ -320,51 +288,49 @@ public class DHKeyPairRawCodec implements IKeyPairCodec
         || k[1] != Registry.MAGIC_RAW_DH_PRIVATE_KEY[1]
         || k[2] != Registry.MAGIC_RAW_DH_PRIVATE_KEY[2]
         || k[3] != Registry.MAGIC_RAW_DH_PRIVATE_KEY[3])
-      {
-        throw new IllegalArgumentException("magic");
-      }
-
+      throw new IllegalArgumentException("magic");
     // version
     if (k[4] != 0x01)
-      {
-        throw new IllegalArgumentException("version");
-      }
+      throw new IllegalArgumentException("version");
     int i = 5;
     int l;
     byte[] buffer;
-
     // q
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger q = new BigInteger(1, buffer);
-
     // p
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger p = new BigInteger(1, buffer);
-
     // g
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger g = new BigInteger(1, buffer);
-
     // x
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger x = new BigInteger(1, buffer);
-
     return new GnuDHPrivateKey(q, p, g, x);
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairX509Codec.java b/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairX509Codec.java
index 7e8688bd3a4..5da396a1da6 100644
--- a/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairX509Codec.java
+++ b/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairX509Codec.java
@@ -97,6 +97,13 @@ public class DHKeyPairX509Codec
    * <pre>
    *       DHPublicKey ::= INTEGER -- public key, y = g^x mod p
    * </pre>
+   * <p>
+   * <b>IMPORTANT</b>: with RI's {@link javax.crypto.spec.DHGenParameterSpec}
+   * and {@link javax.crypto.spec.DHParameterSpec} classes, we may end up with
+   * Diffie-Hellman keys that have a <code>null</code> for the <code>q</code>
+   * parameter. RFC-2631 DOES NOT allow for an <i>optional</i> value for that
+   * parameter, hence we replace such null values with <code>0</code>, and do
+   * the reverse in the corresponding decode method.
    * 
    * @param key the {@link PublicKey} instance to encode. MUST be an instance of
    *          {@link GnuDHPublicKey}.
@@ -117,6 +124,8 @@ public class DHKeyPairX509Codec
     BigInteger p = dhKey.getParams().getP();
     BigInteger g = dhKey.getParams().getG();
     BigInteger q = dhKey.getQ();
+    if (q == null)
+      q = BigInteger.ZERO;
     BigInteger y = dhKey.getY();
 
     DERValue derP = new DERValue(DER.INTEGER, p);
@@ -212,6 +221,8 @@ public class DHKeyPairX509Codec
         val = der.read();
         DerUtil.checkIsBigInteger(val, "Wrong Q field");
         q = (BigInteger) val.getValue();
+        if (q.compareTo(BigInteger.ZERO) == 0)
+          q = null;
 
         val = der.read();
         if (! (val.getValue() instanceof BitString))
diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanKeyAgreement.java b/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanKeyAgreement.java
index 5b1caa7d1b5..2443950549a 100644
--- a/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanKeyAgreement.java
+++ b/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanKeyAgreement.java
@@ -49,78 +49,63 @@ import java.math.BigInteger;
 import javax.crypto.interfaces.DHPrivateKey;
 
 /**
- * <p>The basic version of the Diffie-Hellman key agreement is described in the
- * Handbook of Applied Cryptography [HAC] as follows:</p>
+ * The basic version of the Diffie-Hellman key agreement is described in the
+ * Handbook of Applied Cryptography [HAC] as follows:
  * <ul>
- *    <li>An appropriate prime p and generator g of Z<sub>p</sub><sup>*</sup>
- *    (2 &lt;= g &lt;= p-2) are selected and published.</li>
- *    <li>A and B each send the other one message over an open channel; as a
- *    result, they both can then compute a shared secret key K which they can
- *    use to protect their future communication.</li>
- *    <li>A chooses a random secret x, 1 &lt;= x &lt;= p-2, and sends B message
- *    (1) which is g^x mod p.</li>
- *    <li>B chooses a random secret y, 1 &lt;= y &lt;= p-2, and sends A message
- *    (2) which is g^y mod p.</li>
- *    <li>B receives message (1) and computes the shared key as K = (g^x)^y mod
- *    p.</li>
- *    <li>A receives message (2) and computes the shared key as K = (g^y)^x mod
- *    p.</li>
+ * <li>An appropriate prime p and generator g of Z<sub>p</sub><sup>*</sup>
+ * (2 &lt;= g &lt;= p-2) are selected and published.</li>
+ * <li>A and B each send the other one message over an open channel; as a
+ * result, they both can then compute a shared secret key K which they can use
+ * to protect their future communication.</li>
+ * <li>A chooses a random secret x, 1 &lt;= x &lt;= p-2, and sends B message
+ * (1) which is g^x mod p.</li>
+ * <li>B chooses a random secret y, 1 &lt;= y &lt;= p-2, and sends A message
+ * (2) which is g^y mod p.</li>
+ * <li>B receives message (1) and computes the shared key as K = (g^x)^y mod p.
+ * </li>
+ * <li>A receives message (2) and computes the shared key as K = (g^y)^x mod p.
+ * </li>
  * </ul>
- *
- * <p>RFC-2631 describes a <i>Static-Static Mode</i> of operations with
- * Diffie-Hellman keypairs as follows:</p>
+ * <p>
+ * RFC-2631 describes a <i>Static-Static Mode</i> of operations with
+ * Diffie-Hellman keypairs as follows:
  * <pre>
- * "In Static-Static mode, both the sender and the recipient have a
- static (and certified) key pair. Since the sender's and recipient's
- keys are therefore the same for each message, ZZ will be the same for
- each message. Thus, partyAInfo MUST be used (and different for each
- message) in order to ensure that different messages use different
- KEKs. Implementations MAY implement Static-Static mode."
+ *  &quot;In Static-Static mode, both the sender and the recipient have a
+ *  static (and certified) key pair. Since the sender's and recipient's
+ *  keys are therefore the same for each message, ZZ will be the same for
+ *  each message. Thus, partyAInfo MUST be used (and different for each
+ *  message) in order to ensure that different messages use different
+ *  KEKs. Implementations MAY implement Static-Static mode.&quot;
  * </pre>
- *
- * <p>Reference:</p>
+ * 
+ * <p>
+ * Reference:
  * <ol>
- *    <li><a href="http://www.ietf.org/rfc/rfc2631.txt">Diffie-Hellman Key
- *    Agreement Method</a><br>
- *    Eric Rescorla.</li>
- *    <li><a href="http://www.cacr.math.uwaterloo.ca/hac">[HAC]</a>: Handbook of
- *    Applied Cryptography.<br>
- *    CRC Press, Inc. ISBN 0-8493-8523-7, 1997<br>
- *    Menezes, A., van Oorschot, P. and S. Vanstone.</li>
+ * <li><a href="http://www.ietf.org/rfc/rfc2631.txt">Diffie-Hellman Key
+ * Agreement Method</a><br>
+ * Eric Rescorla.</li>
+ * <li><a href="http://www.cacr.math.uwaterloo.ca/hac">[HAC]</a>: Handbook of
+ * Applied Cryptography.<br>
+ * CRC Press, Inc. ISBN 0-8493-8523-7, 1997<br>
+ * Menezes, A., van Oorschot, P. and S. Vanstone.</li>
  * </ol>
  */
-public abstract class DiffieHellmanKeyAgreement extends BaseKeyAgreementParty
+public abstract class DiffieHellmanKeyAgreement
+    extends BaseKeyAgreementParty
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   public static final String SOURCE_OF_RANDOMNESS = "gnu.crypto.dh.ka.prng";
-
-  public static final String KA_DIFFIE_HELLMAN_OWNER_PRIVATE_KEY = "gnu.crypto.dh.ka.owner.private.key";
-
+  public static final String KA_DIFFIE_HELLMAN_OWNER_PRIVATE_KEY =
+      "gnu.crypto.dh.ka.owner.private.key";
   /** The key agreement party's private key. */
   protected DHPrivateKey ownerKey;
-
   /** The shared secret key. */
   protected BigInteger ZZ;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   protected DiffieHellmanKeyAgreement()
   {
     super(Registry.DH_KA);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // implementation of common abstract methods in BaseKeyAGreementParty ------
-
   protected byte[] engineSharedSecret() throws KeyAgreementException
   {
     return Util.trim(ZZ);
diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanReceiver.java b/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanReceiver.java
index 4a3664d6a8d..ab1023ad3b5 100644
--- a/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanReceiver.java
+++ b/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanReceiver.java
@@ -51,50 +51,30 @@ import java.util.Map;
 import javax.crypto.interfaces.DHPrivateKey;
 
 /**
- * <p>This implementation is the receiver's part of the basic version of the
- * Diffie-Hellman key agreement exchange (B in [HAC]).</p>
- *
+ * This implementation is the receiver's part of the basic version of the
+ * Diffie-Hellman key agreement exchange (B in [HAC]).
+ * 
  * @see DiffieHellmanKeyAgreement
  */
-public class DiffieHellmanReceiver extends DiffieHellmanKeyAgreement
+public class DiffieHellmanReceiver
+    extends DiffieHellmanKeyAgreement
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   private BigInteger y; // the receiver's random secret
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   // default 0-arguments constructor
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // implementation of abstract methods in base class ------------------------
-
   protected void engineInit(Map attributes) throws KeyAgreementException
   {
     Object random = attributes.get(SOURCE_OF_RANDOMNESS);
     rnd = null;
     irnd = null;
     if (random instanceof SecureRandom)
-      {
-        rnd = (SecureRandom) random;
-      }
+      rnd = (SecureRandom) random;
     else if (random instanceof IRandom)
-      {
-        irnd = (IRandom) random;
-      }
+      irnd = (IRandom) random;
     ownerKey = (DHPrivateKey) attributes.get(KA_DIFFIE_HELLMAN_OWNER_PRIVATE_KEY);
     if (ownerKey == null)
-      {
-        throw new KeyAgreementException("missing owner's private key");
-      }
+      throw new KeyAgreementException("missing owner's private key");
   }
 
   protected OutgoingMessage engineProcessMessage(IncomingMessage in)
@@ -109,20 +89,14 @@ public class DiffieHellmanReceiver extends DiffieHellmanKeyAgreement
       }
   }
 
-  // own methods -------------------------------------------------------------
-
   private OutgoingMessage computeSharedSecret(IncomingMessage in)
       throws KeyAgreementException
   {
     BigInteger m1 = in.readMPI();
     if (m1 == null)
-      {
-        throw new KeyAgreementException("missing message (1)");
-      }
-
+      throw new KeyAgreementException("missing message (1)");
     BigInteger p = ownerKey.getParams().getP();
     BigInteger g = ownerKey.getParams().getG();
-
     // B chooses a random integer y, 1 <= y <= p-2
     // rfc-2631 restricts y to only be in [2, p-1]
     BigInteger p_minus_2 = p.subtract(TWO);
@@ -132,16 +106,12 @@ public class DiffieHellmanReceiver extends DiffieHellmanKeyAgreement
         nextRandomBytes(xBytes);
         y = new BigInteger(1, xBytes);
       }
-    while (!(y.compareTo(TWO) >= 0 && y.compareTo(p_minus_2) <= 0));
-
+    while (! (y.compareTo(TWO) >= 0 && y.compareTo(p_minus_2) <= 0));
     ZZ = m1.modPow(y, p); // ZZ = (yb ^ xa) mod p
-
     complete = true;
-
     // B sends A the message: g^y mod p
     OutgoingMessage result = new OutgoingMessage();
     result.writeMPI(g.modPow(y, p)); // message (2)
-
     return result;
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanSender.java b/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanSender.java
index 0be82bfb492..52a030d678c 100644
--- a/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanSender.java
+++ b/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanSender.java
@@ -51,50 +51,30 @@ import java.util.Map;
 import javax.crypto.interfaces.DHPrivateKey;
 
 /**
- * <p>This implementation is the sender's part of the basic version of the
- * Diffie-Hellman key agreement exchange (A in [HAC]).</p>
- *
+ * This implementation is the sender's part of the basic version of the
+ * Diffie-Hellman key agreement exchange (A in [HAC]).
+ * 
  * @see DiffieHellmanKeyAgreement
  */
-public class DiffieHellmanSender extends DiffieHellmanKeyAgreement
+public class DiffieHellmanSender
+    extends DiffieHellmanKeyAgreement
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   private BigInteger x; // the sender's random secret
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   // default 0-arguments constructor
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // implementation of abstract methods in base class ------------------------
-
   protected void engineInit(Map attributes) throws KeyAgreementException
   {
     Object random = attributes.get(SOURCE_OF_RANDOMNESS);
     rnd = null;
     irnd = null;
     if (random instanceof SecureRandom)
-      {
-        rnd = (SecureRandom) random;
-      }
+      rnd = (SecureRandom) random;
     else if (random instanceof IRandom)
-      {
-        irnd = (IRandom) random;
-      }
+      irnd = (IRandom) random;
     ownerKey = (DHPrivateKey) attributes.get(KA_DIFFIE_HELLMAN_OWNER_PRIVATE_KEY);
     if (ownerKey == null)
-      {
-        throw new KeyAgreementException("missing owner's private key");
-      }
+      throw new KeyAgreementException("missing owner's private key");
   }
 
   protected OutgoingMessage engineProcessMessage(IncomingMessage in)
@@ -111,14 +91,11 @@ public class DiffieHellmanSender extends DiffieHellmanKeyAgreement
       }
   }
 
-  // own methods -------------------------------------------------------------
-
   private OutgoingMessage sendRandomSecret(IncomingMessage in)
       throws KeyAgreementException
   {
     BigInteger p = ownerKey.getParams().getP();
     BigInteger g = ownerKey.getParams().getG();
-
     // A chooses a random integer x, 1 <= x <= p-2
     // rfc-2631 restricts x to only be in [2, p-1]
     BigInteger p_minus_2 = p.subtract(TWO);
@@ -128,12 +105,10 @@ public class DiffieHellmanSender extends DiffieHellmanKeyAgreement
         nextRandomBytes(xBytes);
         x = new BigInteger(1, xBytes);
       }
-    while (!(x.compareTo(TWO) >= 0 && x.compareTo(p_minus_2) <= 0));
-
+    while (! (x.compareTo(TWO) >= 0 && x.compareTo(p_minus_2) <= 0));
     // A sends B the message: g^x mod p
     OutgoingMessage result = new OutgoingMessage();
     result.writeMPI(g.modPow(x, p));
-
     return result;
   }
 
@@ -142,13 +117,9 @@ public class DiffieHellmanSender extends DiffieHellmanKeyAgreement
   {
     BigInteger m1 = in.readMPI();
     if (m1 == null)
-      {
-        throw new KeyAgreementException("missing message (2)");
-      }
-
+      throw new KeyAgreementException("missing message (2)");
     BigInteger p = ownerKey.getParams().getP();
-    ZZ = m1.modPow(x, p); // ZZ = (yb ^ xa)  mod p
-
+    ZZ = m1.modPow(x, p); // ZZ = (yb ^ xa) mod p
     complete = true;
     return null;
   }
diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalKeyAgreement.java b/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalKeyAgreement.java
index 1c4e11ce26b..967eda3f508 100644
--- a/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalKeyAgreement.java
+++ b/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalKeyAgreement.java
@@ -47,77 +47,62 @@ import gnu.javax.crypto.key.KeyAgreementException;
 import java.math.BigInteger;
 
 /**
- * <p>The ElGamal key agreement, also known as the half-certified Diffie-Hellman
+ * The ElGamal key agreement, also known as the half-certified Diffie-Hellman
  * key agreement, is described in the Handbook of Applied Cryptography [HAC] as
- * follows:</p>
+ * follows:
  * <ul>
- *    <li>A sends to B a single message allowing one-pass key agreement.</li>
- *    <li>A obtains an authentic copy of B's public key (p, g, yb), where
- *    yb = g**xb.</li>
- *    <li>A chooses a random integer x, 1 &lt;= x &lt;= p-2, and sends B the
- *    message g**x.  A computes the shared secret key K as yb**x.</li>
- *    <li>B computes the same key K on receipt of the previous message as
- *    (g**x)**xb.</li>
+ * <li>A sends to B a single message allowing one-pass key agreement.</li>
+ * <li>A obtains an authentic copy of B's public key (p, g, yb), where yb =
+ * g**xb.</li>
+ * <li>A chooses a random integer x, 1 &lt;= x &lt;= p-2, and sends B the
+ * message g**x. A computes the shared secret key K as yb**x.</li>
+ * <li>B computes the same key K on receipt of the previous message as
+ * (g**x)**xb.</li>
  * </ul>
- *
- * <p>RFC-2631 describes an <i>Ephemeral-Static Mode</i> of operations with
- * Diffie-Hellman keypairs as follows:</p>
+ * <p>
+ * RFC-2631 describes an <i>Ephemeral-Static Mode</i> of operations with
+ * Diffie-Hellman keypairs as follows:
  * <pre>
- * "In Ephemeral-Static mode, the recipient has a static (and certified)
- * key pair, but the sender generates a new key pair for each message
- * and sends it using the originatorKey production. If the sender's key
- * is freshly generated for each message, the shared secret ZZ will be
- * similarly different for each message and partyAInfo MAY be omitted,
- * since it serves merely to decouple multiple KEKs generated by the
- * same set of pairwise keys. If, however, the same ephemeral sender key
- * is used for multiple messages (e.g. it is cached as a performance
- * optimization) then a separate partyAInfo MUST be used for each
- * message. All implementations of this standard MUST implement
- * Ephemeral-Static mode."
+ *  &quot;In Ephemeral-Static mode, the recipient has a static (and certified)
+ *  key pair, but the sender generates a new key pair for each message
+ *  and sends it using the originatorKey production. If the sender's key
+ *  is freshly generated for each message, the shared secret ZZ will be
+ *  similarly different for each message and partyAInfo MAY be omitted,
+ *  since it serves merely to decouple multiple KEKs generated by the
+ *  same set of pairwise keys. If, however, the same ephemeral sender key
+ *  is used for multiple messages (e.g. it is cached as a performance
+ *  optimization) then a separate partyAInfo MUST be used for each
+ *  message. All implementations of this standard MUST implement
+ *  Ephemeral-Static mode.&quot;
  * </pre>
- *
- * <p>Reference:</p>
+ * <p>
+ * Reference:
  * <ol>
- *    <li><a href="http://www.ietf.org/rfc/rfc2631.txt">Diffie-Hellman Key
- *    Agreement Method</a><br>
- *    Eric Rescorla.</li>
- *    <li><a href="http://www.cacr.math.uwaterloo.ca/hac">[HAC]</a>: Handbook of
- *    Applied Cryptography.<br>
- *    CRC Press, Inc. ISBN 0-8493-8523-7, 1997<br>
- *    Menezes, A., van Oorschot, P. and S. Vanstone.</li>
+ * <li><a href="http://www.ietf.org/rfc/rfc2631.txt">Diffie-Hellman Key
+ * Agreement Method</a><br>
+ * Eric Rescorla.</li>
+ * <li><a href="http://www.cacr.math.uwaterloo.ca/hac">[HAC]</a>: Handbook of
+ * Applied Cryptography.<br>
+ * CRC Press, Inc. ISBN 0-8493-8523-7, 1997<br>
+ * Menezes, A., van Oorschot, P. and S. Vanstone.</li>
  * </ol>
  */
-public abstract class ElGamalKeyAgreement extends BaseKeyAgreementParty
+public abstract class ElGamalKeyAgreement
+    extends BaseKeyAgreementParty
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   public static final String SOURCE_OF_RANDOMNESS = "gnu.crypto.elgamal.ka.prng";
-
-  public static final String KA_ELGAMAL_RECIPIENT_PRIVATE_KEY = "gnu.crypto.elgamal.ka.recipient.private.key";
-
-  public static final String KA_ELGAMAL_RECIPIENT_PUBLIC_KEY = "gnu.crypto.elgamal.ka.recipient.public.key";
-
+  public static final String KA_ELGAMAL_RECIPIENT_PRIVATE_KEY =
+      "gnu.crypto.elgamal.ka.recipient.private.key";
+  public static final String KA_ELGAMAL_RECIPIENT_PUBLIC_KEY =
+      "gnu.crypto.elgamal.ka.recipient.public.key";
   /** The shared secret key. */
   protected BigInteger ZZ;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   protected ElGamalKeyAgreement()
   {
     super(Registry.ELGAMAL_KA);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // implementation of common abstract methods in BaseKeyAGreementParty ------
-
   protected byte[] engineSharedSecret() throws KeyAgreementException
   {
     return Util.trim(ZZ);
diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalReceiver.java b/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalReceiver.java
index 24776cba174..bf9b4fb1f0f 100644
--- a/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalReceiver.java
+++ b/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalReceiver.java
@@ -49,33 +49,19 @@ import java.util.Map;
 import javax.crypto.interfaces.DHPrivateKey;
 
 /**
- * <p>This implementation is the receiver's part of the ElGamal key agreement
- * exchange (B in [HAC]).</p>
- *
+ * This implementation is the receiver's part of the ElGamal key agreement
+ * exchange (B in [HAC]).
+ * 
  * @see ElGamalKeyAgreement
  */
-public class ElGamalReceiver extends ElGamalKeyAgreement
+public class ElGamalReceiver
+    extends ElGamalKeyAgreement
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** The recipient's private key. */
   private DHPrivateKey B;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   // default 0-arguments constructor
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // implementation of abstract methods in base class ------------------------
-
   protected void engineInit(Map attributes) throws KeyAgreementException
   {
     rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS);
@@ -83,9 +69,7 @@ public class ElGamalReceiver extends ElGamalKeyAgreement
     // a keypair and publishes its public key
     B = (DHPrivateKey) attributes.get(KA_ELGAMAL_RECIPIENT_PRIVATE_KEY);
     if (B == null)
-      {
-        throw new KeyAgreementException("missing recipient private key");
-      }
+      throw new KeyAgreementException("missing recipient private key");
   }
 
   protected OutgoingMessage engineProcessMessage(IncomingMessage in)
@@ -100,8 +84,6 @@ public class ElGamalReceiver extends ElGamalKeyAgreement
       }
   }
 
-  // own methods -------------------------------------------------------------
-
   private OutgoingMessage computeSharedSecret(IncomingMessage in)
       throws KeyAgreementException
   {
@@ -109,12 +91,8 @@ public class ElGamalReceiver extends ElGamalKeyAgreement
     // K = (g^x)^xb mod p
     BigInteger m1 = in.readMPI();
     if (m1 == null)
-      {
-        throw new KeyAgreementException("missing message (1)");
-      }
-
+      throw new KeyAgreementException("missing message (1)");
     ZZ = m1.modPow(B.getX(), B.getParams().getP()); // ZZ = (ya ^ xb) mod p
-
     complete = true;
     return null;
   }
diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalSender.java b/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalSender.java
index a2de80a6766..cdd1ef0dac0 100644
--- a/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalSender.java
+++ b/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalSender.java
@@ -49,33 +49,19 @@ import java.util.Map;
 import javax.crypto.interfaces.DHPublicKey;
 
 /**
- * <p>This implementation is the sender's part of the ElGamal key agreement
- * exchange (A in [HAC]).</p>
- *
+ * This implementation is the sender's part of the ElGamal key agreement
+ * exchange (A in [HAC]).
+ * 
  * @see ElGamalKeyAgreement
  */
-public class ElGamalSender extends ElGamalKeyAgreement
+public class ElGamalSender
+    extends ElGamalKeyAgreement
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** The recipient's public key. */
   private DHPublicKey B;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   // default 0-arguments constructor
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // implementation of abstract methods in base class ------------------------
-
   protected void engineInit(Map attributes) throws KeyAgreementException
   {
     rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS);
@@ -83,9 +69,7 @@ public class ElGamalSender extends ElGamalKeyAgreement
     // a keypair and publishes its public key
     B = (DHPublicKey) attributes.get(KA_ELGAMAL_RECIPIENT_PUBLIC_KEY);
     if (B == null)
-      {
-        throw new KeyAgreementException("missing recipient public key");
-      }
+      throw new KeyAgreementException("missing recipient public key");
   }
 
   protected OutgoingMessage engineProcessMessage(IncomingMessage in)
@@ -100,15 +84,12 @@ public class ElGamalSender extends ElGamalKeyAgreement
       }
   }
 
-  // own methods -------------------------------------------------------------
-
   private OutgoingMessage computeSharedSecret(IncomingMessage in)
       throws KeyAgreementException
   {
     BigInteger p = B.getParams().getP();
     BigInteger g = B.getParams().getG();
     BigInteger yb = B.getY();
-
     // A chooses a random integer x, 1 <= x <= p-2
     // rfc-2631 restricts x to only be in [2, p-1]
     BigInteger p_minus_2 = p.subtract(TWO);
@@ -120,14 +101,11 @@ public class ElGamalSender extends ElGamalKeyAgreement
         x = new BigInteger(1, xBytes);
       }
     while (x.compareTo(TWO) >= 0 && x.compareTo(p_minus_2) <= 0);
-
     // A sends B the message: g^x mod p
     OutgoingMessage result = new OutgoingMessage();
     result.writeMPI(g.modPow(x, p));
-
     // A computes the key as K = (yb)^x mod p
     ZZ = yb.modPow(x, p); // ZZ = (yb ^ xa) mod p
-
     complete = true;
     return result;
   }
diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHKey.java b/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHKey.java
index f1e42d93a3e..1066830c322 100644
--- a/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHKey.java
+++ b/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHKey.java
@@ -39,55 +39,50 @@ exception statement from your version.  */
 package gnu.javax.crypto.key.dh;
 
 import gnu.java.security.Registry;
+import gnu.java.security.action.GetPropertyAction;
 import gnu.java.security.util.FormatUtil;
 
 import java.math.BigInteger;
+import java.security.AccessController;
 import java.security.Key;
 
 import javax.crypto.interfaces.DHKey;
 import javax.crypto.spec.DHParameterSpec;
 
 /**
- * <p>A base asbtract class for both public and private Diffie-Hellman keys. It
- * encapsulates the two DH numbers: <code>p</code>, and <code>g</code>.</p>
- *
- * <p>According to the JDK, cryptographic <i>Keys</i> all have a <i>format</i>.
+ * A base asbtract class for both public and private Diffie-Hellman keys. It
+ * encapsulates the two DH numbers: <code>p</code>, and <code>g</code>.
+ * <p>
+ * According to the JDK, cryptographic <i>Keys</i> all have a <i>format</i>.
  * The format used in this implementation is called <i>Raw</i>, and basically
  * consists of the raw byte sequences of algorithm parameters. The exact order
- * of the byte sequences and the implementation details are given in each of
- * the relevant <code>getEncoded()</code> methods of each of the private and
- * public keys.</p>
- *
- * <p>Reference:</p>
+ * of the byte sequences and the implementation details are given in each of the
+ * relevant <code>getEncoded()</code> methods of each of the private and
+ * public keys.
+ * <p>
+ * Reference:
  * <ol>
- *    <li><a href="http://www.ietf.org/rfc/rfc2631.txt">Diffie-Hellman Key
- *    Agreement Method</a><br>
- *    Eric Rescorla.</li>
+ * <li><a href="http://www.ietf.org/rfc/rfc2631.txt">Diffie-Hellman Key
+ * Agreement Method</a><br>
+ * Eric Rescorla.</li>
  * </ol>
  */
-public abstract class GnuDHKey implements Key, DHKey
+public abstract class GnuDHKey
+    implements Key, DHKey
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** The public prime q. A prime divisor of p-1. */
   protected BigInteger q;
-
   /** The public prime p. */
   protected BigInteger p;
-
   /** The generator g. */
   protected BigInteger g;
-
   /**
-   * Identifier of the default encoding format to use when externalizing the
-   * key material.
+   * Identifier of the default encoding format to use when externalizing the key
+   * material.
    */
   protected final int defaultFormat;
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
+  /** String representation of this key. Cached for speed. */
+  private transient String str;
 
   /**
    * Trivial protected constructor.
@@ -109,28 +104,13 @@ public abstract class GnuDHKey implements Key, DHKey
     this.g = g;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // javax.crypto.interfaces.DHKey interface implementation ------------------
-
   public DHParameterSpec getParams()
   {
     if (q == null)
-      {
-        return new DHParameterSpec(p, g);
-      }
-    else
-      {
-        return new DHParameterSpec(p, g, q.bitLength());
-      }
+      return new DHParameterSpec(p, g);
+    return new DHParameterSpec(p, g, q.bitLength());
   }
 
-  // java.security.Key interface implementation ------------------------------
-
   public String getAlgorithm()
   {
     return Registry.DH_KPG;
@@ -147,38 +127,48 @@ public abstract class GnuDHKey implements Key, DHKey
     return FormatUtil.getEncodingShortName(defaultFormat);
   }
 
-  // Other instance methods --------------------------------------------------
-
   public BigInteger getQ()
   {
     return q;
   }
 
   /**
-   * <p>Returns <code>true</code> if the designated object is an instance of
-   * {@link DHKey} and has the same Diffie-Hellman parameter values as this
-   * one.</p>
-   *
+   * Returns <code>true</code> if the designated object is an instance of
+   * {@link DHKey} and has the same Diffie-Hellman parameter values as this one.
+   * 
    * @param obj the other non-null DH key to compare to.
-   * @return <code>true</code> if the designated object is of the same type and
-   * value as this one.
+   * @return <code>true</code> if the designated object is of the same type
+   *         and value as this one.
    */
   public boolean equals(Object obj)
   {
     if (obj == null)
-      {
-        return false;
-      }
-    if (!(obj instanceof DHKey))
-      {
-        return false;
-      }
+      return false;
+    if (! (obj instanceof DHKey))
+      return false;
     DHKey that = (DHKey) obj;
     return p.equals(that.getParams().getP())
            && g.equals(that.getParams().getG());
   }
 
-  // abstract methods to be implemented by subclasses ------------------------
+  public String toString()
+  {
+    if (str == null)
+      {
+        String ls = (String) AccessController.doPrivileged
+            (new GetPropertyAction("line.separator"));
+        StringBuilder sb = new StringBuilder(ls)
+            .append("defaultFormat=").append(defaultFormat).append(",").append(ls);
+        if (q == null)
+          sb.append("q=null,");
+        else
+          sb.append("q=0x").append(q.toString(16)).append(",");
+        sb.append(ls).append("p=0x").append(p.toString(16)).append(",").append(ls)
+            .append("g=0x").append(g.toString(16));
+        str = sb.toString();
+      }
+    return str;
+  }
 
   public abstract byte[] getEncoded(int format);
 }
diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHKeyPairGenerator.java b/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHKeyPairGenerator.java
index 5626a2979a8..13cfd9014a9 100644
--- a/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHKeyPairGenerator.java
+++ b/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHKeyPairGenerator.java
@@ -38,132 +38,84 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.key.dh;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.Registry;
 import gnu.java.security.hash.Sha160;
 import gnu.java.security.key.IKeyPairGenerator;
 import gnu.java.security.util.PRNG;
 
-import java.io.PrintWriter;
 import java.math.BigInteger;
 import java.security.KeyPair;
 import java.security.PrivateKey;
 import java.security.PublicKey;
 import java.security.SecureRandom;
 import java.util.Map;
+import java.util.logging.Logger;
 
 import javax.crypto.spec.DHGenParameterSpec;
 import javax.crypto.spec.DHParameterSpec;
 
 /**
- * <p>An implementation of a Diffie-Hellman keypair generator.</p>
- *
- * <p>Reference:</p>
+ * An implementation of a Diffie-Hellman keypair generator.
+ * <p>
+ * Reference:
  * <ol>
- *    <li><a href="http://www.ietf.org/rfc/rfc2631.txt">Diffie-Hellman Key
- *    Agreement Method</a><br>
- *    Eric Rescorla.</li>
+ * <li><a href="http://www.ietf.org/rfc/rfc2631.txt">Diffie-Hellman Key
+ * Agreement Method</a><br>
+ * Eric Rescorla.</li>
  * </ol>
  */
-public class GnuDHKeyPairGenerator implements IKeyPairGenerator
+public class GnuDHKeyPairGenerator
+    implements IKeyPairGenerator
 {
-
-  // Debugging methods and variables
-  // -------------------------------------------------------------------------
-
-  private static final String NAME = "dh";
-
-  private static final boolean DEBUG = false;
-
-  private static final int debuglevel = 5;
-
-  private static final PrintWriter err = new PrintWriter(System.out, true);
-
-  private static void debug(String s)
-  {
-    err.println(">>> " + NAME + ": " + s);
-  }
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
+  private static final Logger log = Logger.getLogger(GnuDHKeyPairGenerator.class.getName());
   /**
    * Property name of an optional {@link SecureRandom} instance to use. The
    * default is to use a classloader singleton from {@link PRNG}.
    */
   public static final String SOURCE_OF_RANDOMNESS = "gnu.crypto.dh.prng";
-
   /**
    * Property name of an optional {@link DHGenParameterSpec} or
    * {@link DHParameterSpec} instance to use for this generator.
    */
   public static final String DH_PARAMETERS = "gnu.crypto.dh.params";
-
   /** Property name of the size in bits (Integer) of the public prime (p). */
   public static final String PRIME_SIZE = "gnu.crypto.dh.L";
-
   /** Property name of the size in bits (Integer) of the private exponent (x). */
   public static final String EXPONENT_SIZE = "gnu.crypto.dh.m";
-
   /**
    * Property name of the preferred encoding format to use when externalizing
    * generated instance of key-pairs from this generator. The property is taken
    * to be an {@link Integer} that encapsulates an encoding format identifier.
    */
   public static final String PREFERRED_ENCODING_FORMAT = "gnu.crypto.dh.encoding";
-
   /** Default value for the size in bits of the public prime (p). */
-  //   private static final int DEFAULT_PRIME_SIZE = 1024;
   public static final int DEFAULT_PRIME_SIZE = 512;
-
   /** Default value for the size in bits of the private exponent (x). */
   public static final int DEFAULT_EXPONENT_SIZE = 160;
-
   /** Default encoding format to use when none was specified. */
   private static final int DEFAULT_ENCODING_FORMAT = Registry.RAW_ENCODING_ID;
-
   /** The SHA instance to use. */
   private Sha160 sha = new Sha160();
-
   /** The optional {@link SecureRandom} instance to use. */
   private SecureRandom rnd = null;
-
   /** The desired size in bits of the public prime (p). */
   private int l;
-
   /** The desired size in bits of the private exponent (x). */
   private int m;
-
   private BigInteger seed;
-
   private BigInteger counter;
-
   private BigInteger q;
-
   private BigInteger p;
-
   private BigInteger j;
-
   private BigInteger g;
-
   /** Our default source of randomness. */
   private PRNG prng = null;
-
   /** Preferred encoding format of generated keys. */
   private int preferredFormat;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   // default 0-arguments constructor
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // gnu.crypto.keys.IKeyPairGenerator interface implementation ---------------
-
   public String name()
   {
     return Registry.DH_KPG;
@@ -173,11 +125,9 @@ public class GnuDHKeyPairGenerator implements IKeyPairGenerator
   {
     // do we have a SecureRandom, or should we use our own?
     rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS);
-
     // are we given a set of Diffie-Hellman generation parameters or we shall
     // use our own?
     Object params = attributes.get(DH_PARAMETERS);
-
     // find out the desired sizes
     if (params instanceof DHGenParameterSpec)
       {
@@ -195,7 +145,6 @@ public class GnuDHKeyPairGenerator implements IKeyPairGenerator
         g = jceSpec.getG();
         l = p.bitLength();
         m = jceSpec.getL();
-
         // If no exponent size was given, generate an exponent as
         // large as the prime.
         if (m == 0)
@@ -208,21 +157,12 @@ public class GnuDHKeyPairGenerator implements IKeyPairGenerator
         bi = (Integer) attributes.get(EXPONENT_SIZE);
         m = (bi == null ? DEFAULT_EXPONENT_SIZE : bi.intValue());
       }
-
-    //      if ((L % 256) != 0 || L < 1024) {
     if ((l % 256) != 0 || l < DEFAULT_PRIME_SIZE)
-      {
-        throw new IllegalArgumentException("invalid modulus size");
-      }
+      throw new IllegalArgumentException("invalid modulus size");
     if ((m % 8) != 0 || m < DEFAULT_EXPONENT_SIZE)
-      {
-        throw new IllegalArgumentException("invalid exponent size");
-      }
+      throw new IllegalArgumentException("invalid exponent size");
     if (m > l)
-      {
-        throw new IllegalArgumentException("exponent size > modulus size");
-      }
-
+      throw new IllegalArgumentException("exponent size > modulus size");
     // what is the preferred encoding format
     Integer formatID = (Integer) attributes.get(PREFERRED_ENCODING_FORMAT);
     preferredFormat = formatID == null ? DEFAULT_ENCODING_FORMAT
@@ -240,22 +180,20 @@ public class GnuDHKeyPairGenerator implements IKeyPairGenerator
         p = params[RFC2631.DH_PARAMS_P];
         j = params[RFC2631.DH_PARAMS_J];
         g = params[RFC2631.DH_PARAMS_G];
-        if (DEBUG && debuglevel > 0)
+        if (Configuration.DEBUG)
           {
-            debug("seed: 0x" + seed.toString(16));
-            debug("counter: " + counter.intValue());
-            debug("q: 0x" + q.toString(16));
-            debug("p: 0x" + p.toString(16));
-            debug("j: 0x" + j.toString(16));
-            debug("g: 0x" + g.toString(16));
+            log.fine("seed: 0x" + seed.toString(16));
+            log.fine("counter: " + counter.intValue());
+            log.fine("q: 0x" + q.toString(16));
+            log.fine("p: 0x" + p.toString(16));
+            log.fine("j: 0x" + j.toString(16));
+            log.fine("g: 0x" + g.toString(16));
           }
       }
-
     // generate a private number x of length m such as: 1 < x < q - 1
     BigInteger q_minus_1 = null;
     if (q != null)
       q_minus_1 = q.subtract(BigInteger.ONE);
-
     // We already check if m is modulo 8 in `setup.' This could just
     // be m >>> 3.
     byte[] mag = new byte[(m + 7) / 8];
@@ -266,31 +204,23 @@ public class GnuDHKeyPairGenerator implements IKeyPairGenerator
         x = new BigInteger(1, mag);
         if (x.bitLength() == m && x.compareTo(BigInteger.ONE) > 0
             && (q_minus_1 == null || x.compareTo(q_minus_1) < 0))
-          {
-            break;
-          }
+          break;
       }
     BigInteger y = g.modPow(x, p);
-
     PrivateKey secK = new GnuDHPrivateKey(preferredFormat, q, p, g, x);
     PublicKey pubK = new GnuDHPublicKey(preferredFormat, q, p, g, y);
-
     return new KeyPair(pubK, secK);
   }
 
-  // other methods -----------------------------------------------------------
-
   /**
-   * <p>Fills the designated byte array with random data.</p>
-   *
+   * Fills the designated byte array with random data.
+   * 
    * @param buffer the byte array to fill with random data.
    */
   private void nextRandomBytes(byte[] buffer)
   {
     if (rnd != null)
-      {
-        rnd.nextBytes(buffer);
-      }
+      rnd.nextBytes(buffer);
     else
       getDefaultPRNG().nextBytes(buffer);
   }
diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHPrivateKey.java b/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHPrivateKey.java
index 0e71623b9f7..d8150dcdf02 100644
--- a/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHPrivateKey.java
+++ b/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHPrivateKey.java
@@ -38,34 +38,34 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.key.dh;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.Registry;
+import gnu.java.security.action.GetPropertyAction;
 import gnu.java.security.key.IKeyPairCodec;
 
 import java.math.BigInteger;
+import java.security.AccessController;
 
 import javax.crypto.interfaces.DHPrivateKey;
 
 /**
- * <p>An implementation of the Diffie-Hellman private key.</p>
- *
- * <p>Reference:</p>
+ * An implementation of the Diffie-Hellman private key.
+ * <p>
+ * Reference:
  * <ol>
- *    <li><a href="http://www.ietf.org/rfc/rfc2631.txt">Diffie-Hellman Key
- *    Agreement Method</a><br>
- *    Eric Rescorla.</li>
+ * <li><a href="http://www.ietf.org/rfc/rfc2631.txt">Diffie-Hellman Key
+ * Agreement Method</a><br>
+ * Eric Rescorla.</li>
  * </ol>
  */
-public class GnuDHPrivateKey extends GnuDHKey implements DHPrivateKey
+public class GnuDHPrivateKey
+    extends GnuDHKey
+    implements DHPrivateKey
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** The private exponent. */
   private final BigInteger x;
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
+  /** String representation of this key. Cached for speed. */
+  private transient String str;
 
   /**
    * Convenience constructor. Calls the constructor with five arguments passing
@@ -92,31 +92,27 @@ public class GnuDHPrivateKey extends GnuDHKey implements DHPrivateKey
    * @param g the generator of the group.
    * @param x the private value x.
    */
-  public GnuDHPrivateKey(int preferredFormat,
-                         BigInteger q, BigInteger p, BigInteger g, BigInteger x)
+  public GnuDHPrivateKey(int preferredFormat, BigInteger q, BigInteger p,
+                         BigInteger g, BigInteger x)
   {
     super(preferredFormat == Registry.ASN1_ENCODING_ID ? Registry.PKCS8_ENCODING_ID
                                                        : preferredFormat,
           q, p, g);
-
     this.x = x;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>A class method that takes the output of the <code>encodePrivateKey()</code>
+   * A class method that takes the output of the <code>encodePrivateKey()</code>
    * method of a DH keypair codec object (an instance implementing
    * {@link IKeyPairCodec} for DH keys, and re-constructs an instance of this
-   * object.</p>
-   *
+   * object.
+   * 
    * @param k the contents of a previously encoded instance of this object.
-   * @exception ArrayIndexOutOfBoundsException if there is not enough bytes,
-   * in <code>k</code>, to represent a valid encoding of an instance of
-   * this object.
-   * @exception IllegalArgumentException if the byte sequence does not
-   * represent a valid encoding of an instance of this object.
+   * @exception ArrayIndexOutOfBoundsException if there is not enough bytes, in
+   *              <code>k</code>, to represent a valid encoding of an
+   *              instance of this object.
+   * @exception IllegalArgumentException if the byte sequence does not represent
+   *              a valid encoding of an instance of this object.
    */
   public static GnuDHPrivateKey valueOf(byte[] k)
   {
@@ -129,32 +125,24 @@ public class GnuDHPrivateKey extends GnuDHKey implements DHPrivateKey
       catch (IllegalArgumentException ignored)
         {
         }
-
     // try PKCS#8 codec
     return (GnuDHPrivateKey) new DHKeyPairPKCS8Codec().decodePrivateKey(k);
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // javax.crypto.interfaces.DHPrivateKey interface implementation -----------
-
   public BigInteger getX()
   {
     return x;
   }
 
-  // other methods -----------------------------------------------------------
-
   /**
-   * <p>Returns the encoded form of this private key according to the
-   * designated format.</p>
-   *
+   * Returns the encoded form of this private key according to the designated
+   * format.
+   * 
    * @param format the desired format identifier of the resulting encoding.
    * @return the byte sequence encoding this key according to the designated
-   * format.
+   *         format.
    * @exception IllegalArgumentException if the format is not supported.
-   * @see gnu.crypto.key.dh.DHKeyPairRawCodec
+   * @see DHKeyPairRawCodec
    */
   public byte[] getEncoded(int format)
   {
@@ -193,4 +181,20 @@ public class GnuDHPrivateKey extends GnuDHKey implements DHPrivateKey
     DHPrivateKey that = (DHPrivateKey) obj;
     return super.equals(that) && x.equals(that.getX());
   }
+
+  public String toString()
+  {
+    if (str == null)
+      {
+        String ls = (String) AccessController.doPrivileged
+            (new GetPropertyAction("line.separator"));
+        str = new StringBuilder(this.getClass().getName()).append("(")
+            .append(super.toString()).append(",").append(ls)
+            .append("x=0x").append(Configuration.DEBUG ? x.toString(16)
+                                                       : "**...*").append(ls)
+            .append(")")
+            .toString();
+      }
+    return str;
+  }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHPublicKey.java b/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHPublicKey.java
index 56516c9d0ea..5fb31f38364 100644
--- a/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHPublicKey.java
+++ b/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHPublicKey.java
@@ -39,32 +39,31 @@ exception statement from your version.  */
 package gnu.javax.crypto.key.dh;
 
 import gnu.java.security.Registry;
+import gnu.java.security.action.GetPropertyAction;
 import gnu.java.security.key.IKeyPairCodec;
 
 import java.math.BigInteger;
+import java.security.AccessController;
 
 import javax.crypto.interfaces.DHPublicKey;
 
 /**
- * <p>An implementation of the Diffie-Hellman public key.</p>
- *
- * <p>Reference:</p>
+ * An implementation of the Diffie-Hellman public key.
+ * <p>
+ * Reference:
  * <ol>
- *    <li><a href="http://www.ietf.org/rfc/rfc2631.txt">Diffie-Hellman Key
- *    Agreement Method</a><br>
- *    Eric Rescorla.</li>
+ * <li><a href="http://www.ietf.org/rfc/rfc2631.txt">Diffie-Hellman Key
+ * Agreement Method</a><br>
+ * Eric Rescorla.</li>
  * </ol>
  */
-public class GnuDHPublicKey extends GnuDHKey implements DHPublicKey
+public class GnuDHPublicKey
+    extends GnuDHKey
+    implements DHPublicKey
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   private BigInteger y;
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
+  /** String representation of this key. Cached for speed. */
+  private transient String str;
 
   /**
    * Convenience constructor. Calls the constructor with five arguments passing
@@ -91,31 +90,27 @@ public class GnuDHPublicKey extends GnuDHKey implements DHPublicKey
    * @param g the generator of the group.
    * @param y the public value y.
    */
-  public GnuDHPublicKey(int preferredFormat,
-                        BigInteger q, BigInteger p, BigInteger g, BigInteger y)
+  public GnuDHPublicKey(int preferredFormat, BigInteger q, BigInteger p,
+                        BigInteger g, BigInteger y)
   {
     super(preferredFormat == Registry.ASN1_ENCODING_ID ? Registry.X509_ENCODING_ID
                                                        : preferredFormat,
           q, p, g);
-
     this.y = y;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>A class method that takes the output of the <code>encodePublicKey()</code>
+   * A class method that takes the output of the <code>encodePublicKey()</code>
    * method of a DH keypair codec object (an instance implementing
    * {@link IKeyPairCodec} for DSS keys, and re-constructs an instance of this
-   * object.</p>
-   *
-   * @param k the contents of a previously encoded instance of this object.
-   * @exception ArrayIndexOutOfBoundsException if there is not enough bytes,
-   * in <code>k</code>, to represent a valid encoding of an instance of this
    * object.
-   * @exception IllegalArgumentException if the byte sequence does not
-   * represent a valid encoding of an instance of this object.
+   * 
+   * @param k the contents of a previously encoded instance of this object.
+   * @exception ArrayIndexOutOfBoundsException if there is not enough bytes, in
+   *              <code>k</code>, to represent a valid encoding of an
+   *              instance of this object.
+   * @exception IllegalArgumentException if the byte sequence does not represent
+   *              a valid encoding of an instance of this object.
    */
   public static GnuDHPublicKey valueOf(byte[] k)
   {
@@ -128,30 +123,22 @@ public class GnuDHPublicKey extends GnuDHKey implements DHPublicKey
       catch (IllegalArgumentException ignored)
         {
         }
-
     // try X.509 codec
     return (GnuDHPublicKey) new DHKeyPairX509Codec().decodePublicKey(k);
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // javax.crypto.interfaces.DHPublicKey interface implementation ------------
-
   public BigInteger getY()
   {
     return y;
   }
 
-  // other methods -----------------------------------------------------------
-
   /**
-   * <p>Returns the encoded form of this public key according to the designated
-   * format.</p>
-   *
+   * Returns the encoded form of this public key according to the designated
+   * format.
+   * 
    * @param format the desired format identifier of the resulting encoding.
    * @return the byte sequence encoding this key according to the designated
-   * format.
+   *         format.
    * @exception IllegalArgumentException if the format is not supported.
    */
   public byte[] getEncoded(int format)
@@ -191,4 +178,19 @@ public class GnuDHPublicKey extends GnuDHKey implements DHPublicKey
     DHPublicKey that = (DHPublicKey) obj;
     return super.equals(that) && y.equals(that.getY());
   }
+
+  public String toString()
+  {
+    if (str == null)
+      {
+        String ls = (String) AccessController.doPrivileged
+            (new GetPropertyAction("line.separator"));
+        str = new StringBuilder(this.getClass().getName()).append("(")
+            .append(super.toString()).append(",").append(ls)
+            .append("y=0x").append(y.toString(16)).append(ls)
+            .append(")")
+            .toString();
+      }
+    return str;
+  }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/RFC2631.java b/libjava/classpath/gnu/javax/crypto/key/dh/RFC2631.java
index d6e30b4bc52..673e44864b5 100644
--- a/libjava/classpath/gnu/javax/crypto/key/dh/RFC2631.java
+++ b/libjava/classpath/gnu/javax/crypto/key/dh/RFC2631.java
@@ -40,60 +40,41 @@ package gnu.javax.crypto.key.dh;
 
 import gnu.java.security.hash.Sha160;
 import gnu.java.security.util.PRNG;
-import gnu.java.security.util.Prime2;
 
 import java.math.BigInteger;
 import java.security.SecureRandom;
 
 /**
- * <p>An implementation of the Diffie-Hellman parameter generation as defined in
- * RFC-2631.</p>
- *
- * <p>Reference:</p>
+ * An implementation of the Diffie-Hellman parameter generation as defined in
+ * RFC-2631.
+ * <p>
+ * Reference:
  * <ol>
- *    <li><a href="http://www.ietf.org/rfc/rfc2631.txt">Diffie-Hellman Key
- *    Agreement Method</a><br>
- *    Eric Rescorla.</li>
+ * <li><a href="http://www.ietf.org/rfc/rfc2631.txt">Diffie-Hellman Key
+ * Agreement Method</a><br>
+ * Eric Rescorla.</li>
  * </ol>
  */
 public class RFC2631
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   public static final int DH_PARAMS_SEED = 0;
-
   public static final int DH_PARAMS_COUNTER = 1;
-
   public static final int DH_PARAMS_Q = 2;
-
   public static final int DH_PARAMS_P = 3;
-
   public static final int DH_PARAMS_J = 4;
-
   public static final int DH_PARAMS_G = 5;
-
   private static final BigInteger TWO = BigInteger.valueOf(2L);
-
   /** The SHA instance to use. */
   private Sha160 sha = new Sha160();
-
   /** Length of private modulus and of q. */
   private int m;
-
   /** Length of public modulus p. */
   private int L;
-
   /** The optional {@link SecureRandom} instance to use. */
   private SecureRandom rnd = null;
-
   /** Our default source of randomness. */
   private PRNG prng = null;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public RFC2631(int m, int L, SecureRandom rnd)
   {
     super();
@@ -103,12 +84,6 @@ public class RFC2631
     this.rnd = rnd;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   public BigInteger[] generateParameters()
   {
     int i, j, counter;
@@ -127,15 +102,16 @@ public class RFC2631
       {
         step4: while (true)
           {
-            // 4. Select an arbitrary bit string SEED such that length of SEED >= m
+            // 4. Select an arbitrary bit string SEED such that length of
+            //    SEED >= m
             nextRandomBytes(seedBytes);
             SEED = new BigInteger(1, seedBytes).setBit(m - 1).setBit(0);
             // 5. Set U = 0
             U = BigInteger.ZERO;
             // 6. For i = 0 to m' - 1
-            //       U = U + (SHA1[SEED + i] XOR SHA1[(SEED + m' + i)) * 2^(160 * i)
-            //    Note that for m=160, this reduces to the algorithm of [FIPS-186]
-            //       U = SHA1[SEED] XOR SHA1[(SEED+1) mod 2^160 ].
+            //    U = U + (SHA1[SEED + i] XOR SHA1[(SEED + m' + i)) * 2^(160 * i)
+            //    Note that for m=160, this reduces to the algorithm of FIPS-186
+            //    U = SHA1[SEED] XOR SHA1[(SEED+1) mod 2^160 ].
             for (i = 0; i < m_; i++)
               {
                 u1 = SEED.add(BigInteger.valueOf(i)).toByteArray();
@@ -145,31 +121,27 @@ public class RFC2631
                 sha.update(u2, 0, u2.length);
                 u2 = sha.digest();
                 for (j = 0; j < u1.length; j++)
-                  {
-                    u1[j] ^= u2[j];
-                  }
+                  u1[j] ^= u2[j];
                 U = U.add(new BigInteger(1, u1).multiply(TWO.pow(160 * i)));
               }
             // 5. Form q from U by computing U mod (2^m) and setting the most
-            //    significant bit (the 2^(m-1) bit) and the least significant bit to
-            //    1. In terms of boolean operations, q = U OR 2^(m-1) OR 1. Note
-            //    that 2^(m-1) < q < 2^m
+            //    significant bit (the 2^(m-1) bit) and the least significant
+            //    bit to 1. In terms of boolean operations, q = U OR 2^(m-1) OR
+            //    1. Note that 2^(m-1) < q < 2^m
             q = U.setBit(m - 1).setBit(0);
             // 6. Use a robust primality algorithm to test whether q is prime.
             // 7. If q is not prime then go to 4.
-            if (Prime2.isProbablePrime(q))
-              {
-                break step4;
-              }
+            if (q.isProbablePrime(80))
+              break step4;
           }
         // 8. Let counter = 0
         counter = 0;
         step9: while (true)
           {
             // 9. Set R = seed + 2*m' + (L' * counter)
-            R = SEED.add(BigInteger.valueOf(2 * m_)).add(
-                                                         BigInteger.valueOf(L_
-                                                                            * counter));
+            R = SEED
+                .add(BigInteger.valueOf(2 * m_))
+                .add(BigInteger.valueOf(L_ * counter));
             // 10. Set V = 0
             V = BigInteger.ZERO;
             // 12. For i = 0 to L'-1 do: V = V + SHA1(R + i) * 2^(160 * i)
@@ -187,10 +159,10 @@ public class RFC2631
             X = W.setBit(L - 1);
             // 15. Set p = X - (X mod (2*q)) + 1
             p = X.add(BigInteger.ONE).subtract(X.mod(TWO.multiply(q)));
-            // 16. If p > 2^(L-1) use a robust primality test to test whether p is
-            //     prime. Else go to 18.
-            //17. If p is prime output p, q, seed, counter and stop.
-            if (Prime2.isProbablePrime(p))
+            // 16. If p > 2^(L-1) use a robust primality test to test whether p
+            //     is prime. Else go to 18.
+            // 17. If p is prime output p, q, seed, counter and stop.
+            if (p.isProbablePrime(80))
               {
                 break algorithm;
               }
@@ -199,12 +171,9 @@ public class RFC2631
             // 19. If counter < (4096 * N) then go to 8.
             // 20. Output "failure"
             if (counter >= 4096 * N_)
-              {
-                continue algorithm;
-              }
+              continue algorithm;
           }
       }
-
     // compute g. from FIPS-186, Appendix 4:
     // 1. Generate p and q as specified in Appendix 2.
     // 2. Let e = (p - 1) / q
@@ -219,28 +188,21 @@ public class RFC2631
         // 4. Set g = h**e mod p
         g = h.modPow(e, p);
         // 5. If g = 1, go to step 3
-        if (!g.equals(BigInteger.ONE))
-          {
-            break;
-          }
+        if (! g.equals(BigInteger.ONE))
+          break;
       }
-
     return new BigInteger[] { SEED, BigInteger.valueOf(counter), q, p, e, g };
   }
 
-  // helper methods ----------------------------------------------------------
-
   /**
-   * <p>Fills the designated byte array with random data.</p>
+   * Fills the designated byte array with random data.
    *
    * @param buffer the byte array to fill with random data.
    */
   private void nextRandomBytes(byte[] buffer)
   {
     if (rnd != null)
-      {
-        rnd.nextBytes(buffer);
-      }
+      rnd.nextBytes(buffer);
     else
       getDefaultPRNG().nextBytes(buffer);
   }
diff --git a/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6Host.java b/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6Host.java
index 192e877b7ed..44f99467319 100644
--- a/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6Host.java
+++ b/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6Host.java
@@ -56,65 +56,41 @@ import java.util.HashMap;
 import java.util.Map;
 
 /**
- * <p>The implementation of the Host in the SRP-6 key agreement protocol.</p>
- *
- * <p>Reference:</p>
+ * The implementation of the Host in the SRP-6 key agreement protocol.
+ * <p>
+ * Reference:
  * <ol>
- *    <li><a href="http://srp.stanford.edu/design.html">SRP Protocol Design</a><br>
- *    Thomas J. Wu.</li>
+ * <li><a href="http://srp.stanford.edu/design.html">SRP Protocol Design</a><br>
+ * Thomas J. Wu.</li>
  * </ol>
  */
-public class SRP6Host extends SRP6KeyAgreement
+public class SRP6Host
+    extends SRP6KeyAgreement
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** The user's ephemeral key pair. */
   private KeyPair hostKeyPair;
 
   /** The SRP password database. */
   private SRPAuthInfoProvider passwordDB;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   // default 0-arguments constructor
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // implementation of abstract methods in base class ------------------------
-
   protected void engineInit(final Map attributes) throws KeyAgreementException
   {
     rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS);
     N = (BigInteger) attributes.get(SHARED_MODULUS);
     if (N == null)
-      {
-        throw new KeyAgreementException("missing shared modulus");
-      }
+      throw new KeyAgreementException("missing shared modulus");
     g = (BigInteger) attributes.get(GENERATOR);
     if (g == null)
-      {
-        throw new KeyAgreementException("missing generator");
-      }
-
+      throw new KeyAgreementException("missing generator");
     final String md = (String) attributes.get(HASH_FUNCTION);
-    if (md == null || "".equals(md.trim()))
-      {
-        throw new KeyAgreementException("missing hash function");
-      }
+    if (md == null || md.trim().length() == 0)
+      throw new KeyAgreementException("missing hash function");
     srp = SRP.instance(md);
-
     passwordDB = (SRPAuthInfoProvider) attributes.get(HOST_PASSWORD_DB);
     if (passwordDB == null)
-      {
-        throw new KeyAgreementException("missing SRP password database");
-      }
+      throw new KeyAgreementException("missing SRP password database");
   }
 
   protected OutgoingMessage engineProcessMessage(final IncomingMessage in)
@@ -135,14 +111,11 @@ public class SRP6Host extends SRP6KeyAgreement
     super.engineReset();
   }
 
-  // own methods -------------------------------------------------------------
-
   private OutgoingMessage computeSharedSecret(final IncomingMessage in)
       throws KeyAgreementException
   {
     final String I = in.readString();
     final BigInteger A = in.readMPI();
-
     // get s and v for user identified by I
     // ----------------------------------------------------------------------
     final Map credentials;
@@ -157,56 +130,31 @@ public class SRP6Host extends SRP6KeyAgreement
       {
         throw new KeyAgreementException("computeSharedSecret()", x);
       }
-
     final BigInteger s = new BigInteger(
-                                        1,
-                                        Util.fromBase64((String) credentials.get(SRPRegistry.SALT_FIELD)));
+        1,Util.fromBase64((String) credentials.get(SRPRegistry.SALT_FIELD)));
     final BigInteger v = new BigInteger(
-                                        1,
-                                        Util.fromBase64((String) credentials.get(SRPRegistry.USER_VERIFIER_FIELD)));
-
-    //      Map configuration = null;
-    //      try {
-    //         String mode = (String) credentials.get(SRPRegistry.CONFIG_NDX_FIELD);
-    //         configuration = passwordDB.getConfiguration(mode);
-    //      } catch (IOException x) {
-    //         throw new KeyAgreementException("computeSharedSecret()", x);
-    //      }
-    //
-    //      BigInteger N = new BigInteger(1, Util.fromBase64(
-    //            (String) configuration.get(SRPRegistry.SHARED_MODULUS)));
-    //      BigInteger g = new BigInteger(1, Util.fromBase64(
-    //            (String) configuration.get(SRPRegistry.FIELD_GENERATOR)));
-    // ----------------------------------------------------------------------
-
+        1, Util.fromBase64((String) credentials.get(SRPRegistry.USER_VERIFIER_FIELD)));
     final SRPKeyPairGenerator kpg = new SRPKeyPairGenerator();
     final Map attributes = new HashMap();
     if (rnd != null)
-      {
-        attributes.put(SRPKeyPairGenerator.SOURCE_OF_RANDOMNESS, rnd);
-      }
+      attributes.put(SRPKeyPairGenerator.SOURCE_OF_RANDOMNESS, rnd);
     attributes.put(SRPKeyPairGenerator.SHARED_MODULUS, N);
     attributes.put(SRPKeyPairGenerator.GENERATOR, g);
     attributes.put(SRPKeyPairGenerator.USER_VERIFIER, v);
     kpg.setup(attributes);
     hostKeyPair = kpg.generate();
-
     final BigInteger B = ((SRPPublicKey) hostKeyPair.getPublic()).getY();
     final BigInteger u = uValue(A, B); // u = H(A | B)
-
     // compute S = (Av^u) ^ b
     final BigInteger b = ((SRPPrivateKey) hostKeyPair.getPrivate()).getX();
     final BigInteger S = A.multiply(v.modPow(u, N)).modPow(b, N);
-
     final byte[] sBytes = Util.trim(S);
     final IMessageDigest hash = srp.newDigest();
     hash.update(sBytes, 0, sBytes.length);
     K = new BigInteger(1, hash.digest());
-
     final OutgoingMessage result = new OutgoingMessage();
     result.writeMPI(s);
     result.writeMPI(B);
-
     complete = true;
     return result;
   }
diff --git a/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6KeyAgreement.java b/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6KeyAgreement.java
index 63c981d80ef..b4264184e5e 100644
--- a/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6KeyAgreement.java
+++ b/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6KeyAgreement.java
@@ -49,98 +49,72 @@ import gnu.javax.crypto.sasl.srp.SRP;
 import java.math.BigInteger;
 
 /**
- * <p>The Secure Remote Password (SRP) key agreement protocol, also known as
- * SRP-6, is designed by Thomas J. Wu (see references). The protocol, and its
- * elements are described as follows:</p>
- *
+ * The Secure Remote Password (SRP) key agreement protocol, also known as SRP-6,
+ * is designed by Thomas J. Wu (see references). The protocol, and its elements
+ * are described as follows:
  * <pre>
- * N    A large safe prime (N = 2q+1, where q is prime)
- *      All arithmetic is done modulo N.
- * g    A generator modulo N
- * s    User's salt
- * I    Username
- * p    Cleartext Password
- * H()  One-way hash function
- * ^    (Modular) Exponentiation
- * u    Random scrambling parameter
- * a,b  Secret ephemeral values
- * A,B  Public ephemeral values
- * x    Private key (derived from p and s)
- * v    Password verifier
- *
- * The host stores passwords using the following formula:
- * x = H(s | H(I ":" p))           (s is chosen randomly)
- * v = g^x                   (computes password verifier)
- *
- * The host then keeps {I, s, v} in its password database.
- *
- * The authentication protocol itself goes as follows:
- * User -> Host:  I, A = g^a         (identifies self, a = random number)
- * Host -> User:  s, B = 3v + g^b    (sends salt, b = random number)
- *
- * Both:  u = H(A, B)
- *
- * User:  x = H(s, p)                (user enters password)
- * User:  S = (B - 3g^x) ^ (a + ux)  (computes session key)
- * User:  K = H(S)
- *
- * Host:  S = (Av^u) ^ b             (computes session key)
- * Host:  K = H(S)
+ *  N    A large safe prime (N = 2q+1, where q is prime)
+ *       All arithmetic is done modulo N.
+ *  g    A generator modulo N
+ *  s    User's salt
+ *  I    Username
+ *  p    Cleartext Password
+ *  H()  One-way hash function
+ *  &circ;    (Modular) Exponentiation
+ *  u    Random scrambling parameter
+ *  a,b  Secret ephemeral values
+ *  A,B  Public ephemeral values
+ *  x    Private key (derived from p and s)
+ *  v    Password verifier
+ * 
+ *  The host stores passwords using the following formula:
+ *  x = H(s | H(I &quot;:&quot; p))           (s is chosen randomly)
+ *  v = g&circ;x                         (computes password verifier)
+ * 
+ *  The host then keeps {I, s, v} in its password database.
+ * 
+ *  The authentication protocol itself goes as follows:
+ *  User -&gt; Host:  I, A = g&circ;a         (identifies self, a = random number)
+ *  Host -&gt; User:  s, B = 3v + g&circ;b    (sends salt, b = random number)
+ * 
+ *  Both:  u = H(A, B)
+ * 
+ *  User:  x = H(s, p)               (user enters password)
+ *  User:  S = (B - 3g&circ;x) &circ; (a + ux) (computes session key)
+ *  User:  K = H(S)
+ * 
+ *  Host:  S = (Av&circ;u) &circ; b            (computes session key)
+ *  Host:  K = H(S)
  * </pre>
- *
- * <p>Reference:</p>
+ * <p>
+ * Reference:
  * <ol>
- *    <li><a href="http://srp.stanford.edu/design.html">SRP Protocol Design</a><br>
- *    Thomas J. Wu.</li>
+ * <li><a href="http://srp.stanford.edu/design.html">SRP Protocol Design</a><br>
+ * Thomas J. Wu.</li>
  * </ol>
  */
-public abstract class SRP6KeyAgreement extends BaseKeyAgreementParty
+public abstract class SRP6KeyAgreement
+    extends BaseKeyAgreementParty
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   public static final String SOURCE_OF_RANDOMNESS = "gnu.crypto.srp6.ka.prng";
-
   public static final String SHARED_MODULUS = "gnu.crypto.srp6.ka.N";
-
   public static final String GENERATOR = "gnu.crypto.srp6.ka.g";
-
   public static final String HASH_FUNCTION = "gnu.crypto.srp6.ka.H";
-
   public static final String USER_IDENTITY = "gnu.crypto.srp6.ka.I";
-
   public static final String USER_PASSWORD = "gnu.crypto.srp6.ka.p";
-
   public static final String HOST_PASSWORD_DB = "gnu.crypto.srp6.ka.password.db";
-
   protected static final BigInteger THREE = BigInteger.valueOf(3L);
-
   protected SRP srp;
-
   protected BigInteger N;
-
   protected BigInteger g;
-
   /** The shared secret key. */
   protected BigInteger K;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   protected SRP6KeyAgreement()
   {
     super(Registry.SRP6_KA);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // implementation of common abstract methods in BaseKeyAGreementParty ------
-
   protected byte[] engineSharedSecret() throws KeyAgreementException
   {
     return Util.trim(K);
@@ -148,25 +122,20 @@ public abstract class SRP6KeyAgreement extends BaseKeyAgreementParty
 
   protected void engineReset()
   {
-    //      mda = null;
     srp = null;
     N = null;
     g = null;
     K = null;
   }
 
-  // helper methods ----------------------------------------------------------
-
   protected BigInteger uValue(final BigInteger A, final BigInteger B)
   {
-    //      IMessageDigest hash = (IMessageDigest) mda.clone();
     final IMessageDigest hash = srp.newDigest();
     byte[] b;
     b = Util.trim(A);
     hash.update(b, 0, b.length);
     b = Util.trim(B);
     hash.update(b, 0, b.length);
-
     return new BigInteger(1, hash.digest());
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6SaslClient.java b/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6SaslClient.java
index ef460b13bc7..f5969f0c195 100644
--- a/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6SaslClient.java
+++ b/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6SaslClient.java
@@ -48,54 +48,43 @@ import gnu.javax.crypto.key.OutgoingMessage;
 import java.math.BigInteger;
 
 /**
- * <p>A variation of the SRP-6 protocol as used in the SASL-SRP mechanism, for
- * the User (client side).</p>
- *
- * <p>In this alternative, the exchange goes as follows:</p>
+ * A variation of the SRP-6 protocol as used in the SASL-SRP mechanism, for the
+ * User (client side).
+ * <p>
+ * In this alternative, the exchange goes as follows:
+ * 
  * <pre>
- *    C -> S:  I                      (identifies self)
- *    S -> C:  N, g, s, B = 3v + g^b  (sends salt, b = random number)
- *    C -> S:  A = g^a                (a = random number)
+ *     C -&gt; S:  I                      (identifies self)
+ *     S -&gt; C:  N, g, s, B = 3v + g&circ;b  (sends salt, b = random number)
+ *     C -&gt; S:  A = g&circ;a                (a = random number)
  * </pre>
- *
- * <p>All elements are computed the same way as in the standard version.</p>
- *
- * <p>Reference:</p>
+ * 
+ * <p>
+ * All elements are computed the same way as in the standard version.
+ * <p>
+ * Reference:
  * <ol>
- *    <li><a href="http://www.ietf.org/internet-drafts/draft-burdis-cat-srp-sasl-09.txt">
- *    Secure Remote Password Authentication Mechanism</a><br>
- *    K. Burdis, R. Naffah.</li>
- *    <li><a href="http://srp.stanford.edu/design.html">SRP Protocol Design</a><br>
- *    Thomas J. Wu.</li>
+ * <li><a
+ * href="http://www.ietf.org/internet-drafts/draft-burdis-cat-srp-sasl-09.txt">
+ * Secure Remote Password Authentication Mechanism</a><br>
+ * K. Burdis, R. Naffah.</li>
+ * <li><a href="http://srp.stanford.edu/design.html">SRP Protocol Design</a><br>
+ * Thomas J. Wu.</li>
  * </ol>
  */
-public class SRP6SaslClient extends SRP6TLSClient
+public class SRP6SaslClient
+    extends SRP6TLSClient
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   // default 0-arguments constructor
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   protected OutgoingMessage computeSharedSecret(final IncomingMessage in)
       throws KeyAgreementException
   {
     final OutgoingMessage result = super.computeSharedSecret(in);
-
     final byte[] sBytes = Util.trim(K);
     final IMessageDigest hash = srp.newDigest();
     hash.update(sBytes, 0, sBytes.length);
     K = new BigInteger(1, hash.digest());
-
     return result;
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6SaslServer.java b/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6SaslServer.java
index 5e759964e08..7e68c99c437 100644
--- a/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6SaslServer.java
+++ b/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6SaslServer.java
@@ -48,54 +48,43 @@ import gnu.javax.crypto.key.OutgoingMessage;
 import java.math.BigInteger;
 
 /**
- * <p>A variation of the SRP-6 protocol as used in the SASL-SRP mechanism, for
- * the Host (server side).</p>
- *
- * <p>In this alternative, the exchange goes as follows:</p>
+ * A variation of the SRP-6 protocol as used in the SASL-SRP mechanism, for the
+ * Host (server side).
+ * <p>
+ * In this alternative, the exchange goes as follows:
+ * 
  * <pre>
- *    C -> S:  I                      (identifies self)
- *    S -> C:  N, g, s, B = 3v + g^b  (sends salt, b = random number)
- *    C -> S:  A = g^a                (a = random number)
+ *     C -&gt; S:  I                      (identifies self)
+ *     S -&gt; C:  N, g, s, B = 3v + g&circ;b  (sends salt, b = random number)
+ *     C -&gt; S:  A = g&circ;a                (a = random number)
  * </pre>
- *
- * <p>All elements are computed the same way as in the standard version.</p>
- *
- * <p>Reference:</p>
+ * 
+ * <p>
+ * All elements are computed the same way as in the standard version.
+ * <p>
+ * Reference:
  * <ol>
- *    <li><a href="http://www.ietf.org/internet-drafts/draft-burdis-cat-srp-sasl-09.txt">
- *    Secure Remote Password Authentication Mechanism</a><br>
- *    K. Burdis, R. Naffah.</li>
- *    <li><a href="http://srp.stanford.edu/design.html">SRP Protocol Design</a><br>
- *    Thomas J. Wu.</li>
+ * <li><a
+ * href="http://www.ietf.org/internet-drafts/draft-burdis-cat-srp-sasl-09.txt">
+ * Secure Remote Password Authentication Mechanism</a><br>
+ * K. Burdis, R. Naffah.</li>
+ * <li><a href="http://srp.stanford.edu/design.html">SRP Protocol Design</a><br>
+ * Thomas J. Wu.</li>
  * </ol>
  */
-public class SRP6SaslServer extends SRP6TLSServer
+public class SRP6SaslServer
+    extends SRP6TLSServer
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   // default 0-arguments constructor
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   protected OutgoingMessage computeSharedSecret(final IncomingMessage in)
       throws KeyAgreementException
   {
     super.computeSharedSecret(in);
-
     final byte[] sBytes = Util.trim(K);
     final IMessageDigest hash = srp.newDigest();
     hash.update(sBytes, 0, sBytes.length);
     K = new BigInteger(1, hash.digest());
-
     return null;
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6TLSClient.java b/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6TLSClient.java
index 5474a1e8eb9..af0be02dfe0 100644
--- a/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6TLSClient.java
+++ b/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6TLSClient.java
@@ -51,62 +51,38 @@ import java.util.HashMap;
 import java.util.Map;
 
 /**
- * <p>A variation of the SRP6 key agreement protocol, for the client-side as
- * proposed in
- * <a href="http://www.ietf.org/internet-drafts/draft-ietf-tls-srp-05.txt">Using
+ * A variation of the SRP6 key agreement protocol, for the client-side as
+ * proposed in <a
+ * href="http://www.ietf.org/internet-drafts/draft-ietf-tls-srp-05.txt">Using
  * SRP for TLS Authentication</a>. The only difference between it and the SASL
  * variant is that the shared secret is the entity <code>S</code> and not
- * <code>H(S)</code>.</p>
+ * <code>H(S)</code>.
  */
-public class SRP6TLSClient extends SRP6KeyAgreement
+public class SRP6TLSClient
+    extends SRP6KeyAgreement
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** The user's identity. */
   private String I;
-
   /** The user's cleartext password. */
   private byte[] p;
-
   /** The user's ephemeral key pair. */
   private KeyPair userKeyPair;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   // default 0-arguments constructor
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // implementation of abstract methods in base class ------------------------
-
   protected void engineInit(final Map attributes) throws KeyAgreementException
   {
     rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS);
-
     final String md = (String) attributes.get(HASH_FUNCTION);
-    if (md == null || "".equals(md.trim()))
-      {
-        throw new KeyAgreementException("missing hash function");
-      }
+    if (md == null || md.trim().length() == 0)
+      throw new KeyAgreementException("missing hash function");
     srp = SRP.instance(md);
-
     I = (String) attributes.get(USER_IDENTITY);
     if (I == null)
-      {
-        throw new KeyAgreementException("missing user identity");
-      }
+      throw new KeyAgreementException("missing user identity");
     p = (byte[]) attributes.get(USER_PASSWORD);
     if (p == null)
-      {
-        throw new KeyAgreementException("missing user password");
-      }
+      throw new KeyAgreementException("missing user password");
   }
 
   protected OutgoingMessage engineProcessMessage(final IncomingMessage in)
@@ -131,14 +107,11 @@ public class SRP6TLSClient extends SRP6KeyAgreement
     super.engineReset();
   }
 
-  // own methods -------------------------------------------------------------
-
   private OutgoingMessage sendIdentity(final IncomingMessage in)
       throws KeyAgreementException
   {
     final OutgoingMessage result = new OutgoingMessage();
     result.writeString(I);
-
     return result;
   }
 
@@ -149,19 +122,15 @@ public class SRP6TLSClient extends SRP6KeyAgreement
     g = in.readMPI();
     final BigInteger s = in.readMPI();
     final BigInteger B = in.readMPI();
-
     // generate an ephemeral keypair
     final SRPKeyPairGenerator kpg = new SRPKeyPairGenerator();
     final Map attributes = new HashMap();
     if (rnd != null)
-      {
-        attributes.put(SRPKeyPairGenerator.SOURCE_OF_RANDOMNESS, rnd);
-      }
+      attributes.put(SRPKeyPairGenerator.SOURCE_OF_RANDOMNESS, rnd);
     attributes.put(SRPKeyPairGenerator.SHARED_MODULUS, N);
     attributes.put(SRPKeyPairGenerator.GENERATOR, g);
     kpg.setup(attributes);
     userKeyPair = kpg.generate();
-
     final BigInteger A = ((SRPPublicKey) userKeyPair.getPublic()).getY();
     final BigInteger u = uValue(A, B); // u = H(A | B)
     final BigInteger x;
@@ -173,18 +142,13 @@ public class SRP6TLSClient extends SRP6KeyAgreement
       {
         throw new KeyAgreementException("computeSharedSecret()", e);
       }
-
     // compute S = (B - 3g^x) ^ (a + ux)
     final BigInteger a = ((SRPPrivateKey) userKeyPair.getPrivate()).getX();
-    final BigInteger S = B.subtract(THREE.multiply(g.modPow(x, N))).modPow(
-                                                                           a.add(u.multiply(x)),
-                                                                           N);
-
+    final BigInteger S = B.subtract(THREE.multiply(g.modPow(x, N)))
+                          .modPow(a.add(u.multiply(x)), N);
     K = S;
-
     final OutgoingMessage result = new OutgoingMessage();
     result.writeMPI(A);
-
     complete = true;
     return result;
   }
diff --git a/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6TLSServer.java b/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6TLSServer.java
index ecbe36f62b1..f91cffd00f6 100644
--- a/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6TLSServer.java
+++ b/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6TLSServer.java
@@ -55,54 +55,33 @@ import java.util.HashMap;
 import java.util.Map;
 
 /**
- * <p>A variation of the SRP6 key agreement protocol, for the server-side as
- * proposed in
- * <a href="http://www.ietf.org/internet-drafts/draft-ietf-tls-srp-05.txt">Using
+ * A variation of the SRP6 key agreement protocol, for the server-side as
+ * proposed in <a
+ * href="http://www.ietf.org/internet-drafts/draft-ietf-tls-srp-05.txt">Using
  * SRP for TLS Authentication</a>. The only difference between it and the SASL
  * variant is that the shared secret is the entity <code>S</code> and not
- * <code>H(S)</code>.</p>
+ * <code>H(S)</code>.
  */
-public class SRP6TLSServer extends SRP6KeyAgreement
+public class SRP6TLSServer
+    extends SRP6KeyAgreement
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** The user's ephemeral key pair. */
   private KeyPair hostKeyPair;
-
   /** The SRP password database. */
   private SRPAuthInfoProvider passwordDB;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   // default 0-arguments constructor
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // implementation of abstract methods in base class ------------------------
-
   protected void engineInit(final Map attributes) throws KeyAgreementException
   {
     rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS);
-
     final String md = (String) attributes.get(HASH_FUNCTION);
-    if (md == null || "".equals(md.trim()))
-      {
-        throw new KeyAgreementException("missing hash function");
-      }
+    if (md == null || md.trim().length() == 0)
+      throw new KeyAgreementException("missing hash function");
     srp = SRP.instance(md);
-
     passwordDB = (SRPAuthInfoProvider) attributes.get(HOST_PASSWORD_DB);
     if (passwordDB == null)
-      {
-        throw new KeyAgreementException("missing SRP password database");
-      }
+      throw new KeyAgreementException("missing SRP password database");
   }
 
   protected OutgoingMessage engineProcessMessage(final IncomingMessage in)
@@ -125,13 +104,10 @@ public class SRP6TLSServer extends SRP6KeyAgreement
     super.engineReset();
   }
 
-  // own methods -------------------------------------------------------------
-
   private OutgoingMessage sendParameters(final IncomingMessage in)
       throws KeyAgreementException
   {
     final String I = in.readString();
-
     // get s and v for user identified by I
     // ----------------------------------------------------------------------
     final Map credentials;
@@ -148,12 +124,9 @@ public class SRP6TLSServer extends SRP6KeyAgreement
       }
 
     final BigInteger s = new BigInteger(
-                                        1,
-                                        Util.fromBase64((String) credentials.get(SRPRegistry.SALT_FIELD)));
+        1, Util.fromBase64((String) credentials.get(SRPRegistry.SALT_FIELD)));
     final BigInteger v = new BigInteger(
-                                        1,
-                                        Util.fromBase64((String) credentials.get(SRPRegistry.USER_VERIFIER_FIELD)));
-
+        1, Util.fromBase64((String) credentials.get(SRPRegistry.USER_VERIFIER_FIELD)));
     final Map configuration;
     try
       {
@@ -164,36 +137,26 @@ public class SRP6TLSServer extends SRP6KeyAgreement
       {
         throw new KeyAgreementException("computeSharedSecret()", x);
       }
-
     N = new BigInteger(
-                       1,
-                       Util.fromBase64((String) configuration.get(SRPRegistry.SHARED_MODULUS)));
+        1, Util.fromBase64((String) configuration.get(SRPRegistry.SHARED_MODULUS)));
     g = new BigInteger(
-                       1,
-                       Util.fromBase64((String) configuration.get(SRPRegistry.FIELD_GENERATOR)));
-    // ----------------------------------------------------------------------
-
+        1, Util.fromBase64((String) configuration.get(SRPRegistry.FIELD_GENERATOR)));
     // generate an ephemeral keypair
     final SRPKeyPairGenerator kpg = new SRPKeyPairGenerator();
     final Map attributes = new HashMap();
     if (rnd != null)
-      {
-        attributes.put(SRPKeyPairGenerator.SOURCE_OF_RANDOMNESS, rnd);
-      }
+      attributes.put(SRPKeyPairGenerator.SOURCE_OF_RANDOMNESS, rnd);
     attributes.put(SRPKeyPairGenerator.SHARED_MODULUS, N);
     attributes.put(SRPKeyPairGenerator.GENERATOR, g);
     attributes.put(SRPKeyPairGenerator.USER_VERIFIER, v);
     kpg.setup(attributes);
     hostKeyPair = kpg.generate();
-
     final BigInteger B = ((SRPPublicKey) hostKeyPair.getPublic()).getY();
-
     final OutgoingMessage result = new OutgoingMessage();
     result.writeMPI(N);
     result.writeMPI(g);
     result.writeMPI(s);
     result.writeMPI(B);
-
     return result;
   }
 
@@ -201,17 +164,13 @@ public class SRP6TLSServer extends SRP6KeyAgreement
       throws KeyAgreementException
   {
     final BigInteger A = in.readMPI();
-
     final BigInteger B = ((SRPPublicKey) hostKeyPair.getPublic()).getY();
     final BigInteger u = uValue(A, B); // u = H(A | B)
-
     // compute S = (Av^u) ^ b
     final BigInteger b = ((SRPPrivateKey) hostKeyPair.getPrivate()).getX();
     final BigInteger v = ((SRPPrivateKey) hostKeyPair.getPrivate()).getV();
     final BigInteger S = A.multiply(v.modPow(u, N)).modPow(b, N);
-
     K = S;
-
     complete = true;
     return null;
   }
diff --git a/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6User.java b/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6User.java
index d300d6f7664..7c97e76976e 100644
--- a/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6User.java
+++ b/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6User.java
@@ -52,73 +52,45 @@ import java.util.HashMap;
 import java.util.Map;
 
 /**
- * <p>The implementation of the User in the SRP-6 protocol.</p>
- *
- * <p>Reference:</p>
+ * The implementation of the User in the SRP-6 protocol.
+ * <p>
+ * Reference:
  * <ol>
- *    <li><a href="http://srp.stanford.edu/design.html">SRP Protocol Design</a><br>
- *    Thomas J. Wu.</li>
+ * <li><a href="http://srp.stanford.edu/design.html">SRP Protocol Design</a><br>
+ * Thomas J. Wu.</li>
  * </ol>
  */
-public class SRP6User extends SRP6KeyAgreement
+public class SRP6User
+    extends SRP6KeyAgreement
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** The user's identity. */
   private String I;
-
   /** The user's cleartext password. */
   private byte[] p;
-
   /** The user's ephemeral key pair. */
   private KeyPair userKeyPair;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   // default 0-arguments constructor
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // implementation of abstract methods in base class ------------------------
-
   protected void engineInit(final Map attributes) throws KeyAgreementException
   {
     rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS);
     N = (BigInteger) attributes.get(SHARED_MODULUS);
     if (N == null)
-      {
-        throw new KeyAgreementException("missing shared modulus");
-      }
+      throw new KeyAgreementException("missing shared modulus");
     g = (BigInteger) attributes.get(GENERATOR);
     if (g == null)
-      {
-        throw new KeyAgreementException("missing generator");
-      }
-
+      throw new KeyAgreementException("missing generator");
     final String md = (String) attributes.get(HASH_FUNCTION);
-    if (md == null || "".equals(md.trim()))
-      {
-        throw new KeyAgreementException("missing hash function");
-      }
+    if (md == null || md.trim().length() == 0)
+      throw new KeyAgreementException("missing hash function");
     srp = SRP.instance(md);
-
     I = (String) attributes.get(USER_IDENTITY);
     if (I == null)
-      {
-        throw new KeyAgreementException("missing user identity");
-      }
+      throw new KeyAgreementException("missing user identity");
     p = (byte[]) attributes.get(USER_PASSWORD);
     if (p == null)
-      {
-        throw new KeyAgreementException("missing user password");
-      }
+      throw new KeyAgreementException("missing user password");
   }
 
   protected OutgoingMessage engineProcessMessage(final IncomingMessage in)
@@ -143,8 +115,6 @@ public class SRP6User extends SRP6KeyAgreement
     super.engineReset();
   }
 
-  // own methods -------------------------------------------------------------
-
   private OutgoingMessage sendIdentity(final IncomingMessage in)
       throws KeyAgreementException
   {
@@ -152,18 +122,14 @@ public class SRP6User extends SRP6KeyAgreement
     final SRPKeyPairGenerator kpg = new SRPKeyPairGenerator();
     final Map attributes = new HashMap();
     if (rnd != null)
-      {
-        attributes.put(SRPKeyPairGenerator.SOURCE_OF_RANDOMNESS, rnd);
-      }
+      attributes.put(SRPKeyPairGenerator.SOURCE_OF_RANDOMNESS, rnd);
     attributes.put(SRPKeyPairGenerator.SHARED_MODULUS, N);
     attributes.put(SRPKeyPairGenerator.GENERATOR, g);
     kpg.setup(attributes);
     userKeyPair = kpg.generate();
-
     final OutgoingMessage result = new OutgoingMessage();
     result.writeString(I);
     result.writeMPI(((SRPPublicKey) userKeyPair.getPublic()).getY());
-
     return result;
   }
 
@@ -172,10 +138,8 @@ public class SRP6User extends SRP6KeyAgreement
   {
     final BigInteger s = in.readMPI();
     final BigInteger B = in.readMPI();
-
     final BigInteger A = ((SRPPublicKey) userKeyPair.getPublic()).getY();
     final BigInteger u = uValue(A, B); // u = H(A | B)
-
     final BigInteger x;
     try
       {
@@ -185,18 +149,14 @@ public class SRP6User extends SRP6KeyAgreement
       {
         throw new KeyAgreementException("computeSharedSecret()", e);
       }
-
     // compute S = (B - 3g^x) ^ (a + ux)
     final BigInteger a = ((SRPPrivateKey) userKeyPair.getPrivate()).getX();
-    final BigInteger S = B.subtract(THREE.multiply(g.modPow(x, N))).modPow(
-                                                                           a.add(u.multiply(x)),
-                                                                           N);
-
+    final BigInteger S = B.subtract(THREE.multiply(g.modPow(x, N)))
+                          .modPow(a.add(u.multiply(x)), N);
     final byte[] sBytes = Util.trim(S);
     final IMessageDigest hash = srp.newDigest();
     hash.update(sBytes, 0, sBytes.length);
     K = new BigInteger(1, hash.digest());
-
     complete = true;
     return null;
   }
diff --git a/libjava/classpath/gnu/javax/crypto/key/srp6/SRPAlgorithm.java b/libjava/classpath/gnu/javax/crypto/key/srp6/SRPAlgorithm.java
index b068863ed0a..85b3b1139dc 100644
--- a/libjava/classpath/gnu/javax/crypto/key/srp6/SRPAlgorithm.java
+++ b/libjava/classpath/gnu/javax/crypto/key/srp6/SRPAlgorithm.java
@@ -38,15 +38,14 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.key.srp6;
 
-import gnu.java.security.util.Prime2;
 import gnu.javax.crypto.sasl.srp.SRPRegistry;
 
 import java.math.BigInteger;
 
 /**
- * <p>Utilities for use with SRP-6 based methods and protocols.</p>
- *
- * <p>Reference:</p>
+ * Utilities for use with SRP-6 based methods and protocols.
+ * <p>
+ * Reference:
  * <ol>
  *    <li><a href="http://srp.stanford.edu/design.html">SRP Protocol Design</a><br>
  *    Thomas J. Wu.</li>
@@ -54,122 +53,79 @@ import java.math.BigInteger;
  */
 public class SRPAlgorithm
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   // lifted from draft-burdis-cat-srp-sasl-09
   public static final BigInteger N_2048 = new BigInteger(
-                                                         "AC6BDB41324A9A9BF166DE5E1389582FAF72B6651987EE07FC3192943DB56050"
-                                                             + "A37329CBB4A099ED8193E0757767A13DD52312AB4B03310DCD7F48A9DA04FD50"
-                                                             + "E8083969EDB767B0CF6095179A163AB3661A05FBD5FAAAE82918A9962F0B93B8"
-                                                             + "55F97993EC975EEAA80D740ADBF4FF747359D041D5C33EA71D281E446B14773B"
-                                                             + "CA97B43A23FB801676BD207A436C6481F1D2B9078717461A5B9D32E688F87748"
-                                                             + "544523B524B0D57D5EA77A2775D2ECFA032CFBDBF52FB3786160279004E57AE6"
-                                                             + "AF874E7303CE53299CCC041C7BC308D82A5698F3A8D0C38271AE35F8E9DBFBB6"
-                                                             + "94B5C803D89F7AE435DE236D525F54759B65E372FCD68EF20FA7111F9E4AFF73",
-                                                         16);
-
+      "AC6BDB41324A9A9BF166DE5E1389582FAF72B6651987EE07FC3192943DB56050"
+    + "A37329CBB4A099ED8193E0757767A13DD52312AB4B03310DCD7F48A9DA04FD50"
+    + "E8083969EDB767B0CF6095179A163AB3661A05FBD5FAAAE82918A9962F0B93B8"
+    + "55F97993EC975EEAA80D740ADBF4FF747359D041D5C33EA71D281E446B14773B"
+    + "CA97B43A23FB801676BD207A436C6481F1D2B9078717461A5B9D32E688F87748"
+    + "544523B524B0D57D5EA77A2775D2ECFA032CFBDBF52FB3786160279004E57AE6"
+    + "AF874E7303CE53299CCC041C7BC308D82A5698F3A8D0C38271AE35F8E9DBFBB6"
+    + "94B5C803D89F7AE435DE236D525F54759B65E372FCD68EF20FA7111F9E4AFF73", 16);
   public static final BigInteger N_1536 = new BigInteger(
-                                                         "9DEF3CAFB939277AB1F12A8617A47BBBDBA51DF499AC4C80BEEEA9614B19CC4D"
-                                                             + "5F4F5F556E27CBDE51C6A94BE4607A291558903BA0D0F84380B655BB9A22E8DC"
-                                                             + "DF028A7CEC67F0D08134B1C8B97989149B609E0BE3BAB63D47548381DBC5B1FC"
-                                                             + "764E3F4B53DD9DA1158BFD3E2B9C8CF56EDF019539349627DB2FD53D24B7C486"
-                                                             + "65772E437D6C7F8CE442734AF7CCB7AE837C264AE3A9BEB87F8A2FE9B8B5292E"
-                                                             + "5A021FFF5E91479E8CE7A28C2442C6F315180F93499A234DCF76E3FED135F9BB",
-                                                         16);
-
+      "9DEF3CAFB939277AB1F12A8617A47BBBDBA51DF499AC4C80BEEEA9614B19CC4D"
+    + "5F4F5F556E27CBDE51C6A94BE4607A291558903BA0D0F84380B655BB9A22E8DC"
+    + "DF028A7CEC67F0D08134B1C8B97989149B609E0BE3BAB63D47548381DBC5B1FC"
+    + "764E3F4B53DD9DA1158BFD3E2B9C8CF56EDF019539349627DB2FD53D24B7C486"
+    + "65772E437D6C7F8CE442734AF7CCB7AE837C264AE3A9BEB87F8A2FE9B8B5292E"
+    + "5A021FFF5E91479E8CE7A28C2442C6F315180F93499A234DCF76E3FED135F9BB", 16);
   public static final BigInteger N_1280 = new BigInteger(
-                                                         "D77946826E811914B39401D56A0A7843A8E7575D738C672A090AB1187D690DC4"
-                                                             + "3872FC06A7B6A43F3B95BEAEC7DF04B9D242EBDC481111283216CE816E004B78"
-                                                             + "6C5FCE856780D41837D95AD787A50BBE90BD3A9C98AC0F5FC0DE744B1CDE1891"
-                                                             + "690894BC1F65E00DE15B4B2AA6D87100C9ECC2527E45EB849DEB14BB2049B163"
-                                                             + "EA04187FD27C1BD9C7958CD40CE7067A9C024F9B7C5A0B4F5003686161F0605B",
-                                                         16);
-
+      "D77946826E811914B39401D56A0A7843A8E7575D738C672A090AB1187D690DC4"
+    + "3872FC06A7B6A43F3B95BEAEC7DF04B9D242EBDC481111283216CE816E004B78"
+    + "6C5FCE856780D41837D95AD787A50BBE90BD3A9C98AC0F5FC0DE744B1CDE1891"
+    + "690894BC1F65E00DE15B4B2AA6D87100C9ECC2527E45EB849DEB14BB2049B163"
+    + "EA04187FD27C1BD9C7958CD40CE7067A9C024F9B7C5A0B4F5003686161F0605B", 16);
   public static final BigInteger N_1024 = new BigInteger(
-                                                         "EEAF0AB9ADB38DD69C33F80AFA8FC5E86072618775FF3C0B9EA2314C9C256576"
-                                                             + "D674DF7496EA81D3383B4813D692C6E0E0D5D8E250B98BE48E495C1D6089DAD1"
-                                                             + "5DC7D7B46154D6B6CE8EF4AD69B15D4982559B297BCF1885C529F566660E57EC"
-                                                             + "68EDBC3C05726CC02FD4CBF4976EAA9AFD5138FE8376435B9FC61D2FC0EB06E3",
-                                                         16);
-
+      "EEAF0AB9ADB38DD69C33F80AFA8FC5E86072618775FF3C0B9EA2314C9C256576"
+    + "D674DF7496EA81D3383B4813D692C6E0E0D5D8E250B98BE48E495C1D6089DAD1"
+    + "5DC7D7B46154D6B6CE8EF4AD69B15D4982559B297BCF1885C529F566660E57EC"
+    + "68EDBC3C05726CC02FD4CBF4976EAA9AFD5138FE8376435B9FC61D2FC0EB06E3", 16);
   public static final BigInteger N_768 = new BigInteger(
-                                                        "B344C7C4F8C495031BB4E04FF8F84EE95008163940B9558276744D91F7CC9F40"
-                                                            + "2653BE7147F00F576B93754BCDDF71B636F2099E6FFF90E79575F3D0DE694AFF"
-                                                            + "737D9BE9713CEF8D837ADA6380B1093E94B6A529A8C6C2BE33E0867C60C3262B",
-                                                        16);
-
+      "B344C7C4F8C495031BB4E04FF8F84EE95008163940B9558276744D91F7CC9F40"
+    + "2653BE7147F00F576B93754BCDDF71B636F2099E6FFF90E79575F3D0DE694AFF"
+    + "737D9BE9713CEF8D837ADA6380B1093E94B6A529A8C6C2BE33E0867C60C3262B", 16);
   public static final BigInteger N_640 = new BigInteger(
-                                                        "C94D67EB5B1A2346E8AB422FC6A0EDAEDA8C7F894C9EEEC42F9ED250FD7F0046"
-                                                            + "E5AF2CF73D6B2FA26BB08033DA4DE322E144E7A8E9B12A0E4637F6371F34A207"
-                                                            + "1C4B3836CBEEAB15034460FAA7ADF483",
-                                                        16);
-
+      "C94D67EB5B1A2346E8AB422FC6A0EDAEDA8C7F894C9EEEC42F9ED250FD7F0046"
+    + "E5AF2CF73D6B2FA26BB08033DA4DE322E144E7A8E9B12A0E4637F6371F34A207"
+    + "1C4B3836CBEEAB15034460FAA7ADF483", 16);
   public static final BigInteger N_512 = new BigInteger(
-                                                        "D4C7F8A2B32C11B8FBA9581EC4BA4F1B04215642EF7355E37C0FC0443EF756EA"
-                                                            + "2C6B8EEB755A1C723027663CAA265EF785B8FF6A9B35227A52D86633DBDFCA43",
-                                                        16);
-
+      "D4C7F8A2B32C11B8FBA9581EC4BA4F1B04215642EF7355E37C0FC0443EF756EA"
+    + "2C6B8EEB755A1C723027663CAA265EF785B8FF6A9B35227A52D86633DBDFCA43", 16);
   public static final BigInteger N_384 = new BigInteger(
-                                                        "8025363296FB943FCE54BE717E0E2958A02A9672EF561953B2BAA3BAACC3ED57"
-                                                            + "54EB764C7AB7184578C57D5949CCB41B",
-                                                        16);
-
+      "8025363296FB943FCE54BE717E0E2958A02A9672EF561953B2BAA3BAACC3ED57"
+    + "54EB764C7AB7184578C57D5949CCB41B", 16);
   public static final BigInteger N_264 = new BigInteger(
-                                                        "115B8B692E0E045692CF280B436735C77A5A9E8A9E7ED56C965F87DB5B2A2ECE3",
-                                                        16);
-
+      "115B8B692E0E045692CF280B436735C77A5A9E8A9E7ED56C965F87DB5B2A2ECE3", 16);
   private static final BigInteger ZERO = BigInteger.ZERO;
-
   private static final BigInteger ONE = BigInteger.ONE;
-
   private static final BigInteger TWO = BigInteger.valueOf(2L);
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial constructor to enforce usage through class methods. */
   private SRPAlgorithm()
   {
     super();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   public static void checkParams(final BigInteger N, final BigInteger g)
   {
     // 1. N should be at least 512-bit long
     final int blen = N.bitLength();
     if (blen < SRPRegistry.MINIMUM_MODULUS_BITLENGTH)
-      {
-        throw new IllegalArgumentException(
-                                           "Bit length of N ("
-                                               + blen
-                                               + ") is too low. Should be at least "
-                                               + SRPRegistry.MINIMUM_MODULUS_BITLENGTH);
-      }
+      throw new IllegalArgumentException("Bit length of N ("
+                                         + blen
+                                         + ") is too low. Should be at least "
+                                         + SRPRegistry.MINIMUM_MODULUS_BITLENGTH);
     // 2. N should be a prime
-    if (!Prime2.passEulerCriterion(N))
-      {
-        throw new IllegalArgumentException("N should be prime but isn't");
-      }
+    if (! N.isProbablePrime(80))
+      throw new IllegalArgumentException("N should be prime but isn't");
     // 3. N should be of the form 2*q + 1, where q is prime
     final BigInteger q = N.subtract(ONE).divide(TWO);
-    if (!Prime2.passEulerCriterion(q))
-      {
-        throw new IllegalArgumentException("(N-1)/2 should be prime but isn't");
-      }
+    if (! q.isProbablePrime(80))
+      throw new IllegalArgumentException("(N-1)/2 should be prime but isn't");
     // 4. g**q should be -1 mod N
     final BigInteger gq = g.modPow(q, N).add(ONE).mod(N);
     if (gq.compareTo(ZERO) != 0)
-      {
-        throw new IllegalArgumentException(
-                                           "g**q should be -1 (mod N) but isn't");
-      }
+      throw new IllegalArgumentException("g**q should be -1 (mod N) but isn't");
   }
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/javax/crypto/key/srp6/SRPKey.java b/libjava/classpath/gnu/javax/crypto/key/srp6/SRPKey.java
index 202ef33b7e2..06ba47a9fb3 100644
--- a/libjava/classpath/gnu/javax/crypto/key/srp6/SRPKey.java
+++ b/libjava/classpath/gnu/javax/crypto/key/srp6/SRPKey.java
@@ -46,37 +46,30 @@ import java.math.BigInteger;
 import java.security.Key;
 
 /**
- * <p>An abstract representation of a base SRP ephemeral key.</p>
- *
- * <p>This object encapsulates the two numbers:</p>
+ * An abstract representation of a base SRP ephemeral key.
+ * <p>
+ * This object encapsulates the two numbers:
  * <ul>
- *    <li><b>N</b>: A large safe prime (N = 2q+1, where q is prime).</li>
- *    <li><b>g</b>: A generator modulo N.</li>
+ * <li><b>N</b>: A large safe prime (N = 2q+1, where q is prime).</li>
+ * <li><b>g</b>: A generator modulo N.</li>
  * </ul>
- *
- * <p>Note that in SRP, all arithmetic is done modulo N.</p>
- *
- * <p>Reference:</p>
+ * <p>
+ * Note that in SRP, all arithmetic is done modulo N.
+ * <p>
+ * Reference:
  * <ol>
- *    <li><a href="http://srp.stanford.edu/design.html">SRP Protocol Design</a><br>
- *    Thomas J. Wu.</li>
+ * <li><a href="http://srp.stanford.edu/design.html">SRP Protocol Design</a><br>
+ * Thomas J. Wu.</li>
  * </ol>
  */
-public abstract class SRPKey implements Key, Serializable
+public abstract class SRPKey
+    implements Key, Serializable
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** The public, Germaine prime, shared modulus. */
   protected final BigInteger N;
-
   /** The generator. */
   protected final BigInteger g;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   protected SRPKey(BigInteger N, BigInteger g)
   {
     super();
@@ -85,17 +78,9 @@ public abstract class SRPKey implements Key, Serializable
     this.g = g;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.security.Key interface implementation ------------------------------
-
   /**
-   * <p>Returns the standard algorithm name for this key.</p>
-   *
+   * Returns the standard algorithm name for this key.
+   * 
    * @return the standard algorithm name for this key.
    */
   public String getAlgorithm()
@@ -112,7 +97,7 @@ public abstract class SRPKey implements Key, Serializable
   /**
    * Returns {@link Registry#RAW_ENCODING_SHORT_NAME} which is the sole format
    * supported for this type of keys.
-   *
+   * 
    * @return {@link Registry#RAW_ENCODING_SHORT_NAME} ALWAYS.
    */
   public String getFormat()
@@ -120,11 +105,9 @@ public abstract class SRPKey implements Key, Serializable
     return Registry.RAW_ENCODING_SHORT_NAME;
   }
 
-  // other methods -----------------------------------------------------------
-
   /**
-   * <p>Returns the public shared modulus.</p>
-   *
+   * Returns the public shared modulus.
+   * 
    * @return <code>N</code>.
    */
   public BigInteger getN()
@@ -133,8 +116,8 @@ public abstract class SRPKey implements Key, Serializable
   }
 
   /**
-   * <p>Returns the generator.</p>
-   *
+   * Returns the generator.
+   * 
    * @return <code>g</code>.
    */
   public BigInteger getG()
@@ -143,28 +126,22 @@ public abstract class SRPKey implements Key, Serializable
   }
 
   /**
-   * <p>Returns <code>true</code> if the designated object is an instance of
-   * <code>SRPKey</code> and has the same SRP parameter values as this one.</p>
-   *
+   * Returns <code>true</code> if the designated object is an instance of
+   * <code>SRPKey</code> and has the same SRP parameter values as this one.
+   * 
    * @param obj the other non-null SRP key to compare to.
-   * @return <code>true</code> if the designated object is of the same type and
-   * value as this one.
+   * @return <code>true</code> if the designated object is of the same type
+   *         and value as this one.
    */
   public boolean equals(Object obj)
   {
     if (obj == null)
-      {
-        return false;
-      }
-    if (!(obj instanceof SRPKey))
-      {
-        return false;
-      }
+      return false;
+    if (! (obj instanceof SRPKey))
+      return false;
     SRPKey that = (SRPKey) obj;
     return N.equals(that.getN()) && g.equals(that.getG());
   }
 
-  // abstract methods to be implemented by subclasses ------------------------
-
   public abstract byte[] getEncoded(int format);
 }
diff --git a/libjava/classpath/gnu/javax/crypto/key/srp6/SRPKeyPairGenerator.java b/libjava/classpath/gnu/javax/crypto/key/srp6/SRPKeyPairGenerator.java
index 2957fc3c855..8d50c9b71cb 100644
--- a/libjava/classpath/gnu/javax/crypto/key/srp6/SRPKeyPairGenerator.java
+++ b/libjava/classpath/gnu/javax/crypto/key/srp6/SRPKeyPairGenerator.java
@@ -38,111 +38,64 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.key.srp6;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.Registry;
 import gnu.java.security.key.IKeyPairGenerator;
 import gnu.java.security.util.PRNG;
-import gnu.java.security.util.Prime2;
 
-import java.io.PrintWriter;
 import java.math.BigInteger;
 import java.security.KeyPair;
 import java.security.SecureRandom;
 import java.util.Map;
+import java.util.logging.Logger;
 
 /**
- *
- *
- * <p>Reference:</p>
+ * Reference:
  * <ol>
- *    <li><a href="http://srp.stanford.edu/design.html">SRP Protocol Design</a><br>
- *    Thomas J. Wu.</li>
+ * <li><a href="http://srp.stanford.edu/design.html">SRP Protocol Design</a><br>
+ * Thomas J. Wu.</li>
  * </ol>
  */
-public class SRPKeyPairGenerator implements IKeyPairGenerator
+public class SRPKeyPairGenerator
+    implements IKeyPairGenerator
 {
-
-  // Debugging methods and variables
-  // -------------------------------------------------------------------------
-
-  private static final String NAME = "srp";
-
-  private static final boolean DEBUG = false;
-
-  private static final int debuglevel = 5;
-
-  private static final PrintWriter err = new PrintWriter(System.out, true);
-
-  private static void debug(String s)
-  {
-    err.println(">>> " + NAME + ": " + s);
-  }
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
+  private static final Logger log = Logger.getLogger(SRPKeyPairGenerator.class.getName());
   private static final BigInteger ZERO = BigInteger.ZERO;
-
   private static final BigInteger ONE = BigInteger.ONE;
-
   private static final BigInteger TWO = BigInteger.valueOf(2L);
-
   private static final BigInteger THREE = BigInteger.valueOf(3L);
-
   /** Property name of the length (Integer) of the modulus (N) of an SRP key. */
   public static final String MODULUS_LENGTH = "gnu.crypto.srp.L";
-
   /** Property name of the Boolean indicating wether or not to use defaults. */
   public static final String USE_DEFAULTS = "gnu.crypto.srp.use.defaults";
-
   /** Property name of the modulus (N) of an SRP key. */
   public static final String SHARED_MODULUS = "gnu.crypto.srp.N";
-
   /** Property name of the generator (g) of an SRP key. */
   public static final String GENERATOR = "gnu.crypto.srp.g";
-
   /** Property name of the user's verifier (v) for a Server SRP key. */
   public static final String USER_VERIFIER = "gnu.crypto.srp.v";
-
   /**
    * Property name of an optional {@link SecureRandom} instance to use. The
    * default is to use a classloader singleton from {@link PRNG}.
    */
   public static final String SOURCE_OF_RANDOMNESS = "gnu.crypto.srp.prng";
-
   /** Default value for the modulus length. */
   private static final int DEFAULT_MODULUS_LENGTH = 1024;
-
   /** The optional {@link SecureRandom} instance to use. */
   private SecureRandom rnd = null;
-
   /** Bit length of the shared modulus. */
   private int l;
-
   /** The shared public modulus. */
   private BigInteger N;
-
   /** The Field generator. */
   private BigInteger g;
-
   /** The user's verifier MPI. */
   private BigInteger v;
-
   /** Our default source of randomness. */
   private PRNG prng = null;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   // implicit 0-arguments constructor
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // gnu.crypto.key.IKeyPairGenerator interface implementation ---------------
-
   public String name()
   {
     return Registry.SRP_KPG;
@@ -152,25 +105,20 @@ public class SRPKeyPairGenerator implements IKeyPairGenerator
   {
     // do we have a SecureRandom, or should we use our own?
     rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS);
-
     N = (BigInteger) attributes.get(SHARED_MODULUS);
     if (N != null)
       {
         l = N.bitLength();
         g = (BigInteger) attributes.get(GENERATOR);
         if (g == null)
-          {
-            g = TWO;
-          }
+          g = TWO;
         SRPAlgorithm.checkParams(N, g);
       }
     else
       { // generate or use default values for N and g
         Boolean useDefaults = (Boolean) attributes.get(USE_DEFAULTS);
         if (useDefaults == null)
-          {
-            useDefaults = Boolean.TRUE;
-          }
+          useDefaults = Boolean.TRUE;
         Integer L = (Integer) attributes.get(MODULUS_LENGTH);
         l = DEFAULT_MODULUS_LENGTH;
         if (useDefaults.equals(Boolean.TRUE))
@@ -203,26 +151,23 @@ public class SRPKeyPairGenerator implements IKeyPairGenerator
                     break;
                   default:
                     throw new IllegalArgumentException(
-                                                       "unknown default shared modulus bit length");
+                        "unknown default shared modulus bit length");
                   }
                 g = TWO;
                 l = N.bitLength();
               }
           }
-        else
-          { // generate new N and g
+        else // generate new N and g
+          {
             if (L != null)
               {
                 l = L.intValue();
                 if ((l % 256) != 0 || l < 512 || l > 2048)
-                  {
-                    throw new IllegalArgumentException(
-                                                       "invalid shared modulus bit length");
-                  }
+                  throw new IllegalArgumentException(
+                      "invalid shared modulus bit length");
               }
           }
       }
-
     // are we using this generator on the server side, or the client side?
     v = (BigInteger) attributes.get(USER_VERIFIER);
   }
@@ -235,23 +180,20 @@ public class SRPKeyPairGenerator implements IKeyPairGenerator
         BigInteger q = params[0];
         N = params[1];
         g = params[2];
-        if (DEBUG && debuglevel > 0)
+        if (Configuration.DEBUG)
           {
-            debug("q: " + q.toString(16));
-            debug("N: " + N.toString(16));
-            debug("g: " + g.toString(16));
+            log.fine("q: " + q.toString(16));
+            log.fine("N: " + N.toString(16));
+            log.fine("g: " + g.toString(16));
           }
       }
-
     return (v != null ? hostKeyPair() : userKeyPair());
   }
 
-  // helper methods ----------------------------------------------------------
-
   private synchronized BigInteger[] generateParameters()
   {
-    // N    A large safe prime (N = 2q+1, where q is prime)
-    // g    A generator modulo N
+    // N A large safe prime (N = 2q+1, where q is prime)
+    // g A generator modulo N
     BigInteger q, p, g;
     byte[] qBytes = new byte[l / 8];
     do
@@ -262,11 +204,10 @@ public class SRPKeyPairGenerator implements IKeyPairGenerator
             q = new BigInteger(1, qBytes);
             q = q.setBit(0).setBit(l - 2).clearBit(l - 1);
           }
-        while (!Prime2.isProbablePrime(q));
+        while (! q.isProbablePrime(80));
         p = q.multiply(TWO).add(ONE);
       }
-    while (p.bitLength() != l || !Prime2.isProbablePrime(p));
-
+    while (p.bitLength() != l || ! p.isProbablePrime(80));
     // compute g. from FIPS-186, Appendix 4: e == 2
     BigInteger p_minus_1 = p.subtract(ONE);
     g = TWO;
@@ -277,12 +218,9 @@ public class SRPKeyPairGenerator implements IKeyPairGenerator
         // Set g = h**2 mod p
         g = h.modPow(TWO, p);
         // If g = 1, go to step 3
-        if (!g.equals(ONE))
-          {
-            break;
-          }
+        if (! g.equals(ONE))
+          break;
       }
-
     return new BigInteger[] { q, p, g };
   }
 
@@ -301,11 +239,8 @@ public class SRPKeyPairGenerator implements IKeyPairGenerator
         B = THREE.multiply(v).add(g.modPow(b, N)).mod(N);
       }
     while (B.compareTo(ZERO) == 0 || B.compareTo(N) >= 0);
-
-    KeyPair result = new KeyPair(
-                                 new SRPPublicKey(new BigInteger[] { N, g, B }),
-                                 new SRPPrivateKey(new BigInteger[] { N, g, b,
-                                                                     v }));
+    KeyPair result = new KeyPair(new SRPPublicKey(new BigInteger[] { N, g, B }),
+                                 new SRPPrivateKey(new BigInteger[] { N, g, b, v }));
     return result;
   }
 
@@ -324,9 +259,7 @@ public class SRPKeyPairGenerator implements IKeyPairGenerator
         A = g.modPow(a, N);
       }
     while (A.compareTo(ZERO) == 0 || A.compareTo(N) >= 0);
-
-    KeyPair result = new KeyPair(
-                                 new SRPPublicKey(new BigInteger[] { N, g, A }),
+    KeyPair result = new KeyPair(new SRPPublicKey(new BigInteger[] { N, g, A }),
                                  new SRPPrivateKey(new BigInteger[] { N, g, a }));
     return result;
   }
@@ -334,9 +267,7 @@ public class SRPKeyPairGenerator implements IKeyPairGenerator
   private void nextRandomBytes(byte[] buffer)
   {
     if (rnd != null)
-      {
-        rnd.nextBytes(buffer);
-      }
+      rnd.nextBytes(buffer);
     else
       getDefaultPRNG().nextBytes(buffer);
   }
diff --git a/libjava/classpath/gnu/javax/crypto/key/srp6/SRPKeyPairRawCodec.java b/libjava/classpath/gnu/javax/crypto/key/srp6/SRPKeyPairRawCodec.java
index 39234b6271f..555dc23cf1a 100644
--- a/libjava/classpath/gnu/javax/crypto/key/srp6/SRPKeyPairRawCodec.java
+++ b/libjava/classpath/gnu/javax/crypto/key/srp6/SRPKeyPairRawCodec.java
@@ -47,116 +47,93 @@ import java.security.PrivateKey;
 import java.security.PublicKey;
 
 /**
- * <p>An object that implements the {@link IKeyPairCodec} operations for the
- * <i>Raw</i> format to use with SRP keypairs.</p>
- *
- * <p>Reference:</p>
+ * An object that implements the {@link IKeyPairCodec} operations for the
+ * <i>Raw</i> format to use with SRP keypairs.
+ * <p>
+ * Reference:
  * <ol>
- *    <li><a href="http://srp.stanford.edu/design.html">SRP Protocol Design</a><br>
- *    Thomas J. Wu.</li>
+ * <li><a href="http://srp.stanford.edu/design.html">SRP Protocol Design</a><br>
+ * Thomas J. Wu.</li>
  * </ol>
  */
-public class SRPKeyPairRawCodec implements IKeyPairCodec
+public class SRPKeyPairRawCodec
+    implements IKeyPairCodec
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   // implicit 0-arguments constructor
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // gnu.crypto.keys.IKeyPairCodec interface implementation ------------------
-
   public int getFormatID()
   {
     return RAW_FORMAT;
   }
 
   /**
-   * <p>Returns the encoded form of the designated SRP public key according to
-   * the <i>Raw</i> format supported by this library.</p>
-   *
-   * <p>The <i>Raw</i> format for an SRP public key, in this implementation, is
-   * a byte sequence consisting of the following:</p>
+   * Returns the encoded form of the designated SRP public key according to the
+   * <i>Raw</i> format supported by this library.
+   * <p>
+   * The <i>Raw</i> format for an SRP public key, in this implementation, is a
+   * byte sequence consisting of the following:
    * <ol>
-   *    <li>4-byte magic consisting of the value of the literal
-   *    {@link Registry#MAGIC_RAW_SRP_PUBLIC_KEY},<li>
-   *    <li>1-byte version consisting of the constant: 0x01,</li>
-   *    <li>4-byte count of following bytes representing the SRP parameter
-   *    <code>N</code> in internet order,</li>
-   *    <li>n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the <code>toByteArray()</code> method on the SRP parameter
-   *    <code>N</code>,</li>
-   *    <li>4-byte count of following bytes representing the SRP parameter
-   *    <code>g</code>,</li>
-   *    <li>n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the <code>toByteArray()</code> method on the SRP parameter
-   *    <code>g</code>,</li>
-   *    <li>4-byte count of following bytes representing the SRP parameter
-   *    <code>y</code>,</li>
-   *    <li>n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the <code>toByteArray()</code> method on the SRP parameter
-   *    <code>y</code>,</li>
+   * <li>4-byte magic consisting of the value of the literal
+   * {@link Registry#MAGIC_RAW_SRP_PUBLIC_KEY},</li>
+   * <li>1-byte version consisting of the constant: 0x01,</li>
+   * <li>4-byte count of following bytes representing the SRP parameter
+   * <code>N</code> in internet order,</li>
+   * <li>n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the <code>toByteArray()</code> method on the SRP parameter <code>N</code>,
+   * </li>
+   * <li>4-byte count of following bytes representing the SRP parameter
+   * <code>g</code>,</li>
+   * <li>n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the <code>toByteArray()</code> method on the SRP parameter <code>g</code>,
+   * </li>
+   * <li>4-byte count of following bytes representing the SRP parameter
+   * <code>y</code>,</li>
+   * <li>n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the <code>toByteArray()</code> method on the SRP parameter <code>y</code>,
+   * </li>
    * </ol>
-   *
+   * 
    * @param key the key to encode.
    * @return the <i>Raw</i> format encoding of the designated key.
    * @throws IllegalArgumentException if the designated key is not an SRP one.
    */
   public byte[] encodePublicKey(PublicKey key)
   {
-    if (!(key instanceof SRPPublicKey))
-      {
-        throw new IllegalArgumentException("key");
-      }
-
+    if (! (key instanceof SRPPublicKey))
+      throw new IllegalArgumentException("key");
     SRPPublicKey srpKey = (SRPPublicKey) key;
     ByteArrayOutputStream baos = new ByteArrayOutputStream();
-
     // magic
     baos.write(Registry.MAGIC_RAW_SRP_PUBLIC_KEY[0]);
     baos.write(Registry.MAGIC_RAW_SRP_PUBLIC_KEY[1]);
     baos.write(Registry.MAGIC_RAW_SRP_PUBLIC_KEY[2]);
     baos.write(Registry.MAGIC_RAW_SRP_PUBLIC_KEY[3]);
-
     // version
     baos.write(0x01);
-
     // N
     byte[] buffer = srpKey.getN().toByteArray();
     int length = buffer.length;
-    baos.write(length >>> 24);
+    baos.write( length >>> 24);
     baos.write((length >>> 16) & 0xFF);
-    baos.write((length >>> 8) & 0xFF);
-    baos.write(length & 0xFF);
+    baos.write((length >>>  8) & 0xFF);
+    baos.write( length         & 0xFF);
     baos.write(buffer, 0, length);
-
     // g
     buffer = srpKey.getG().toByteArray();
     length = buffer.length;
-    baos.write(length >>> 24);
+    baos.write( length >>> 24);
     baos.write((length >>> 16) & 0xFF);
-    baos.write((length >>> 8) & 0xFF);
-    baos.write(length & 0xFF);
+    baos.write((length >>>  8) & 0xFF);
+    baos.write( length         & 0xFF);
     baos.write(buffer, 0, length);
-
     // y
     buffer = srpKey.getY().toByteArray();
     length = buffer.length;
-    baos.write(length >>> 24);
+    baos.write( length >>> 24);
     baos.write((length >>> 16) & 0xFF);
-    baos.write((length >>> 8) & 0xFF);
-    baos.write(length & 0xFF);
+    baos.write((length >>>  8) & 0xFF);
+    baos.write( length         & 0xFF);
     baos.write(buffer, 0, length);
-
     return baos.toByteArray();
   }
 
@@ -167,150 +144,133 @@ public class SRPKeyPairRawCodec implements IKeyPairCodec
         || k[1] != Registry.MAGIC_RAW_SRP_PUBLIC_KEY[1]
         || k[2] != Registry.MAGIC_RAW_SRP_PUBLIC_KEY[2]
         || k[3] != Registry.MAGIC_RAW_SRP_PUBLIC_KEY[3])
-      {
-        throw new IllegalArgumentException("magic");
-      }
-
+      throw new IllegalArgumentException("magic");
     // version
     if (k[4] != 0x01)
-      {
-        throw new IllegalArgumentException("version");
-      }
+      throw new IllegalArgumentException("version");
     int i = 5;
-
     int l;
     byte[] buffer;
-
     // N
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger N = new BigInteger(1, buffer);
-
     // g
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger g = new BigInteger(1, buffer);
-
     // y
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger y = new BigInteger(1, buffer);
-
     return new SRPPublicKey(N, g, y);
   }
 
   /**
-   * <p>Returns the encoded form of the designated SRP private key according to
-   * the <i>Raw</i> format supported by this library.</p>
-   *
-   * <p>The <i>Raw</i> format for an SRP private key, in this implementation,
-   * is a byte sequence consisting of the following:</p>
+   * Returns the encoded form of the designated SRP private key according to the
+   * <i>Raw</i> format supported by this library.
+   * <p>
+   * The <i>Raw</i> format for an SRP private key, in this implementation, is a
+   * byte sequence consisting of the following:
    * <ol>
-   *    <li>4-byte magic consisting of the value of the literal
-   *    {@link Registry#MAGIC_RAW_SRP_PRIVATE_KEY},<li>
-   *    <li>1-byte version consisting of the constant: 0x01,</li>
-   *    <li>4-byte count of following bytes representing the SRP parameter
-   *    <code>N</code> in internet order,</li>
-   *    <li>n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the <code>toByteArray()</code> method on the SRP parameter
-   *    <code>N</code>,</li>
-   *    <li>4-byte count of following bytes representing the SRP parameter
-   *    <code>g</code>,</li>
-   *    <li>n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the <code>toByteArray()</code> method on the SRP parameter
-   *    <code>g</code>,</li>
-   *    <li>4-byte count of following bytes representing the SRP parameter
-   *    <code>x</code>,</li>
-   *    <li>n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the <code>toByteArray()</code> method on the SRP parameter
-   *    <code>x</code>,</li>
-   *    <li>one byte which indicates whether the SRP parameter <code>v</code>
-   *    is included in this encoding (value <code>0x01</code>) or not
-   *    (value <code>0x00</code>).</li>
-   *    <li>4-byte count of following bytes representing the SRP parameter
-   *    <code>v</code>,</li>
-   *    <li>n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the <code>toByteArray()</code> method on the SRP parameter
-   *    <code>v</code>,</li>
+   * <li>4-byte magic consisting of the value of the literal
+   * {@link Registry#MAGIC_RAW_SRP_PRIVATE_KEY},</li>
+   * <li>1-byte version consisting of the constant: 0x01,</li>
+   * <li>4-byte count of following bytes representing the SRP parameter
+   * <code>N</code> in internet order,</li>
+   * <li>n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the <code>toByteArray()</code> method on the SRP parameter <code>N</code>,
+   * </li>
+   * <li>4-byte count of following bytes representing the SRP parameter
+   * <code>g</code>,</li>
+   * <li>n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the <code>toByteArray()</code> method on the SRP parameter <code>g</code>,
+   * </li>
+   * <li>4-byte count of following bytes representing the SRP parameter
+   * <code>x</code>,</li>
+   * <li>n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the <code>toByteArray()</code> method on the SRP parameter <code>x</code>,
+   * </li>
+   * <li>one byte which indicates whether the SRP parameter <code>v</code> is
+   * included in this encoding (value <code>0x01</code>) or not (value
+   * <code>0x00</code>).</li>
+   * <li>4-byte count of following bytes representing the SRP parameter
+   * <code>v</code>,</li>
+   * <li>n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the <code>toByteArray()</code> method on the SRP parameter <code>v</code>,
+   * </li>
    * </ol>
-   *
+   * 
    * @param key the key to encode.
    * @return the <i>Raw</i> format encoding of the designated key.
    * @throws IllegalArgumentException if the designated key is not an SRP one.
    */
   public byte[] encodePrivateKey(PrivateKey key)
   {
-    if (!(key instanceof SRPPrivateKey))
-      {
-        throw new IllegalArgumentException("key");
-      }
-
+    if (! (key instanceof SRPPrivateKey))
+      throw new IllegalArgumentException("key");
     SRPPrivateKey srpKey = (SRPPrivateKey) key;
     ByteArrayOutputStream baos = new ByteArrayOutputStream();
-
     // magic
     baos.write(Registry.MAGIC_RAW_SRP_PRIVATE_KEY[0]);
     baos.write(Registry.MAGIC_RAW_SRP_PRIVATE_KEY[1]);
     baos.write(Registry.MAGIC_RAW_SRP_PRIVATE_KEY[2]);
     baos.write(Registry.MAGIC_RAW_SRP_PRIVATE_KEY[3]);
-
     // version
     baos.write(0x01);
-
     // N
     byte[] buffer = srpKey.getN().toByteArray();
     int length = buffer.length;
-    baos.write(length >>> 24);
+    baos.write( length >>> 24);
     baos.write((length >>> 16) & 0xFF);
-    baos.write((length >>> 8) & 0xFF);
-    baos.write(length & 0xFF);
+    baos.write((length >>>  8) & 0xFF);
+    baos.write( length         & 0xFF);
     baos.write(buffer, 0, length);
-
     // g
     buffer = srpKey.getG().toByteArray();
     length = buffer.length;
-    baos.write(length >>> 24);
+    baos.write( length >>> 24);
     baos.write((length >>> 16) & 0xFF);
-    baos.write((length >>> 8) & 0xFF);
-    baos.write(length & 0xFF);
+    baos.write((length >>>  8) & 0xFF);
+    baos.write( length         & 0xFF);
     baos.write(buffer, 0, length);
-
     // x
     buffer = srpKey.getX().toByteArray();
     length = buffer.length;
-    baos.write(length >>> 24);
+    baos.write( length >>> 24);
     baos.write((length >>> 16) & 0xFF);
-    baos.write((length >>> 8) & 0xFF);
-    baos.write(length & 0xFF);
+    baos.write((length >>>  8) & 0xFF);
+    baos.write( length         & 0xFF);
     baos.write(buffer, 0, length);
-
     // v
     if (srpKey.getV() != null)
       {
         baos.write(0x01);
-
         buffer = srpKey.getV().toByteArray();
         length = buffer.length;
-        baos.write(length >>> 24);
+        baos.write( length >>> 24);
         baos.write((length >>> 16) & 0xFF);
-        baos.write((length >>> 8) & 0xFF);
-        baos.write(length & 0xFF);
+        baos.write((length >>>  8) & 0xFF);
+        baos.write( length         & 0xFF);
         baos.write(buffer, 0, length);
       }
     else
-      {
-        baos.write(0x00);
-      }
-
+      baos.write(0x00);
     return baos.toByteArray();
   }
 
@@ -321,60 +281,54 @@ public class SRPKeyPairRawCodec implements IKeyPairCodec
         || k[1] != Registry.MAGIC_RAW_SRP_PRIVATE_KEY[1]
         || k[2] != Registry.MAGIC_RAW_SRP_PRIVATE_KEY[2]
         || k[3] != Registry.MAGIC_RAW_SRP_PRIVATE_KEY[3])
-      {
-        throw new IllegalArgumentException("magic");
-      }
-
+      throw new IllegalArgumentException("magic");
     // version
     if (k[4] != 0x01)
-      {
-        throw new IllegalArgumentException("version");
-      }
+      throw new IllegalArgumentException("version");
     int i = 5;
-
     int l;
     byte[] buffer;
-
     // N
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger N = new BigInteger(1, buffer);
-
     // g
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger g = new BigInteger(1, buffer);
-
     // x
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger x = new BigInteger(1, buffer);
-
     // v
     l = k[i++];
     if (l == 0x01)
       {
-        l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-            | (k[i++] & 0xFF);
+        l =  k[i++]         << 24
+          | (k[i++] & 0xFF) << 16
+          | (k[i++] & 0xFF) << 8
+          | (k[i++] & 0xFF);
         buffer = new byte[l];
         System.arraycopy(k, i, buffer, 0, l);
         i += l;
         BigInteger v = new BigInteger(1, buffer);
-
         return new SRPPrivateKey(N, g, x, v);
       }
-    else
-      {
-        return new SRPPrivateKey(N, g, x);
-      }
+    return new SRPPrivateKey(N, g, x);
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/key/srp6/SRPPrivateKey.java b/libjava/classpath/gnu/javax/crypto/key/srp6/SRPPrivateKey.java
index d9f7a19a6cf..d5ade07d765 100644
--- a/libjava/classpath/gnu/javax/crypto/key/srp6/SRPPrivateKey.java
+++ b/libjava/classpath/gnu/javax/crypto/key/srp6/SRPPrivateKey.java
@@ -45,39 +45,33 @@ import java.math.BigInteger;
 import java.security.PrivateKey;
 
 /**
- * <p>A representation of an SRP ephemeral private key.</p>
- *
- * <p>Reference:</p>
+ * A representation of an SRP ephemeral private key.
+ * <p>
+ * Reference:
  * <ol>
- *    <li><a href="http://srp.stanford.edu/design.html">SRP Protocol Design</a><br>
- *    Thomas J. Wu.</li>
+ * <li><a href="http://srp.stanford.edu/design.html">SRP Protocol Design</a><br>
+ * Thomas J. Wu.</li>
  * </ol>
  */
-public class SRPPrivateKey extends SRPKey implements PrivateKey
+public class SRPPrivateKey
+    extends SRPKey
+    implements PrivateKey
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /**
-   * The private exponent for either the server or the client engaged in the
-   * SRP protocol exchange.
+   * The private exponent for either the server or the client engaged in the SRP
+   * protocol exchange.
    */
   private final BigInteger X;
-
   /**
-   * The user's verifier (v) --for the server-- also computed at the client
-   * side as g.modPow(x, N), where x is the hashed output of the user name and
+   * The user's verifier (v) --for the server-- also computed at the client side
+   * as g.modPow(x, N), where x is the hashed output of the user name and
    * password .
    */
   private final BigInteger v;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Public constructor for use from outside this package.</p>
-   *
+   * Public constructor for use from outside this package.
+   * 
    * @param N the public shared modulus.
    * @param g the generator.
    * @param x the private exponent of the ephemeral key.
@@ -88,8 +82,8 @@ public class SRPPrivateKey extends SRPKey implements PrivateKey
   }
 
   /**
-   * <p>Public constructor for use from outside this package.</p>
-   *
+   * Public constructor for use from outside this package.
+   * 
    * @param N the public shared modulus.
    * @param g the generator.
    * @param x the private exponent of the ephemeral key.
@@ -105,15 +99,16 @@ public class SRPPrivateKey extends SRPKey implements PrivateKey
   }
 
   /**
-   * <p>Default constructor. Assumes N and g are already validated.</p>
-   *
+   * Default constructor. Assumes N and g are already validated.
+   * 
    * @param params an array of either 3 or 4 values representing N, g, and
-   * either v and X for the server, or just X for the client. Those values
-   * represent the following:
-   * <ol>
-   *    <li>v (server side): the user's verifier.</li>
-   *    <li>X (both sides): the server's or client's ephemeral private exponent.</li>
-   * </ol>
+   *          either v and X for the server, or just X for the client. Those
+   *          values represent the following:
+   *          <ol>
+   *          <li>v (server side): the user's verifier.</li>
+   *          <li>X (both sides): the server's or client's ephemeral private
+   *          exponent.</li>
+   *          </ol>
    */
   SRPPrivateKey(BigInteger[] params)
   {
@@ -130,31 +125,27 @@ public class SRPPrivateKey extends SRPKey implements PrivateKey
         v = params[3];
       }
     else
-      {
-        throw new IllegalArgumentException("invalid number of SRP parameters");
-      }
+      throw new IllegalArgumentException("invalid number of SRP parameters");
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>A class method that takes the output of the <code>encodePrivateKey()</code>
+   * A class method that takes the output of the <code>encodePrivateKey()</code>
    * method of an SRP keypair codec object (an instance implementing
    * {@link IKeyPairCodec} for DSS keys, and re-constructs an instance of this
-   * object.</p>
-   *
+   * object.
+   * 
    * @param k the contents of a previously encoded instance of this object.
    * @throws ArrayIndexOutOfBoundsException if there is not enough bytes, in
-   * <code>k</code>, to represent a valid encoding of an instance of this object.
+   *           <code>k</code>, to represent a valid encoding of an instance
+   *           of this object.
    * @throws IllegalArgumentException if the byte sequence does not represent a
-   * valid encoding of an instance of this object.
+   *           valid encoding of an instance of this object.
    */
   public static SRPPrivateKey valueOf(byte[] k)
   {
     // check magic...
     // we should parse here enough bytes to know which codec to use, and
-    // direct the byte array to the appropriate codec.  since we only have one
+    // direct the byte array to the appropriate codec. since we only have one
     // codec, we could have immediately tried it; nevertheless since testing
     // one byte is cheaper than instatiating a codec that will fail we test
     // the first byte before we carry on.
@@ -164,18 +155,12 @@ public class SRPPrivateKey extends SRPKey implements PrivateKey
         IKeyPairCodec codec = new SRPKeyPairRawCodec();
         return (SRPPrivateKey) codec.decodePrivateKey(k);
       }
-    else
-      {
-        throw new IllegalArgumentException("magic");
-      }
+    throw new IllegalArgumentException("magic");
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns the private exponent of the key as a {@link BigInteger}.</p>
-   *
+   * Returns the private exponent of the key as a {@link BigInteger}.
+   * 
    * @return the private exponent of the key as a {@link BigInteger}.
    */
   public BigInteger getX()
@@ -184,26 +169,24 @@ public class SRPPrivateKey extends SRPKey implements PrivateKey
   }
 
   /**
-   * <p>Returns the user's verifier as a {@link BigInteger}.</p>
-   *
+   * Returns the user's verifier as a {@link BigInteger}.
+   * 
    * @return the user's verifier as a {@link BigInteger} if this is an SRP
-   * private key of a Host, or <code>null</code> if this is a private SRP key
-   * for a User.
+   *         private key of a Host, or <code>null</code> if this is a private
+   *         SRP key for a User.
    */
   public BigInteger getV()
   {
     return v;
   }
 
-  // Other instance methods --------------------------------------------------
-
   /**
-   * <p>Returns the encoded form of this private key according to the
-   * designated format.</p>
-   *
+   * Returns the encoded form of this private key according to the designated
+   * format.
+   * 
    * @param format the desired format identifier of the resulting encoding.
    * @return the byte sequence encoding this key according to the designated
-   * format.
+   *         format.
    * @throws IllegalArgumentException if the format is not supported.
    */
   public byte[] getEncoded(int format)
@@ -221,30 +204,24 @@ public class SRPPrivateKey extends SRPKey implements PrivateKey
   }
 
   /**
-   * <p>Returns <code>true</code> if the designated object is an instance of
+   * Returns <code>true</code> if the designated object is an instance of
    * <code>SRPPrivateKey</code> and has the same SRP parameter values as this
-   * one.</p>
-   *
+   * one.
+   * 
    * @param obj the other non-null SRP key to compare to.
-   * @return <code>true</code> if the designated object is of the same type and
-   * value as this one.
+   * @return <code>true</code> if the designated object is of the same type
+   *         and value as this one.
    */
   public boolean equals(Object obj)
   {
     if (obj == null)
-      {
-        return false;
-      }
-    if (!(obj instanceof SRPPrivateKey))
-      {
-        return false;
-      }
+      return false;
+    if (! (obj instanceof SRPPrivateKey))
+      return false;
     SRPPrivateKey that = (SRPPrivateKey) obj;
     boolean result = super.equals(that) && X.equals(that.getX());
     if (v != null)
-      {
-        result = result && v.equals(that.getV());
-      }
+      result = result && v.equals(that.getV());
     return result;
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/key/srp6/SRPPublicKey.java b/libjava/classpath/gnu/javax/crypto/key/srp6/SRPPublicKey.java
index 7283fd3dae2..04a949211b9 100644
--- a/libjava/classpath/gnu/javax/crypto/key/srp6/SRPPublicKey.java
+++ b/libjava/classpath/gnu/javax/crypto/key/srp6/SRPPublicKey.java
@@ -45,32 +45,27 @@ import java.math.BigInteger;
 import java.security.PublicKey;
 
 /**
- * <p>A representation of an SRP ephemeral public key.</p>
- *
- * <p>Reference:</p>
+ * A representation of an SRP ephemeral public key.
+ * <p>
+ * Reference:
  * <ol>
- *    <li><a href="http://srp.stanford.edu/design.html">SRP Protocol Design</a><br>
- *    Thomas J. Wu.</li>
+ * <li><a href="http://srp.stanford.edu/design.html">SRP Protocol Design</a><br>
+ * Thomas J. Wu.</li>
  * </ol>
  */
-public class SRPPublicKey extends SRPKey implements PublicKey
+public class SRPPublicKey
+    extends SRPKey
+    implements PublicKey
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /**
-   * The public exponent for either the server or the client engaged in the
-   * SRP protocol exchange.
+   * The public exponent for either the server or the client engaged in the SRP
+   * protocol exchange.
    */
   private final BigInteger Y;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Public constructor for use from outside this package.</p>
-   *
+   * Public constructor for use from outside this package.
+   * 
    * @param N the public shared modulus.
    * @param g the generator.
    * @param Y the public exponent of the ephemeral key.
@@ -84,10 +79,10 @@ public class SRPPublicKey extends SRPKey implements PublicKey
   }
 
   /**
-   * <p>Default constructor. Assumes that N and g are already validated.</p>
-   *
+   * Default constructor. Assumes that N and g are already validated.
+   * 
    * @param params an array of 3 values representing N, g and Y; the latter
-   * being the client's or server's public exponent.
+   *          being the client's or server's public exponent.
    */
   SRPPublicKey(BigInteger[] params)
   {
@@ -96,26 +91,24 @@ public class SRPPublicKey extends SRPKey implements PublicKey
     this.Y = params[2];
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>A class method that takes the output of the <code>encodePublicKey()</code>
+   * A class method that takes the output of the <code>encodePublicKey()</code>
    * method of an SRP keypair codec object (an instance implementing
    * {@link IKeyPairCodec} for SRP keys, and re-constructs an instance of this
-   * object.</p>
-   *
+   * object.
+   * 
    * @param k the contents of a previously encoded instance of this object.
    * @throws ArrayIndexOutOfBoundsException if there is not enough bytes, in
-   * <code>k</code>, to represent a valid encoding of an instance of this object.
+   *           <code>k</code>, to represent a valid encoding of an instance
+   *           of this object.
    * @throws IllegalArgumentException if the byte sequence does not represent a
-   * valid encoding of an instance of this object.
+   *           valid encoding of an instance of this object.
    */
   public static SRPPublicKey valueOf(byte[] k)
   {
     // check magic...
     // we should parse here enough bytes to know which codec to use, and
-    // direct the byte array to the appropriate codec.  since we only have one
+    // direct the byte array to the appropriate codec. since we only have one
     // codec, we could have immediately tried it; nevertheless since testing
     // one byte is cheaper than instatiating a codec that will fail we test
     // the first byte before we carry on.
@@ -125,18 +118,12 @@ public class SRPPublicKey extends SRPKey implements PublicKey
         IKeyPairCodec codec = new SRPKeyPairRawCodec();
         return (SRPPublicKey) codec.decodePublicKey(k);
       }
-    else
-      {
-        throw new IllegalArgumentException("magic");
-      }
+    throw new IllegalArgumentException("magic");
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns the public exponent of the key as a {@link BigInteger}.</p>
-   *
+   * Returns the public exponent of the key as a {@link BigInteger}.
+   * 
    * @return the public exponent of the key as a {@link BigInteger}.
    */
   public BigInteger getY()
@@ -144,15 +131,13 @@ public class SRPPublicKey extends SRPKey implements PublicKey
     return Y;
   }
 
-  // Other instance methods --------------------------------------------------
-
   /**
-   * <p>Returns the encoded form of this public key according to the designated
-   * format.</p>
-   *
+   * Returns the encoded form of this public key according to the designated
+   * format.
+   * 
    * @param format the desired format identifier of the resulting encoding.
    * @return the byte sequence encoding this key according to the designated
-   * format.
+   *         format.
    * @throws IllegalArgumentException if the format is not supported.
    */
   public byte[] getEncoded(int format)
@@ -170,24 +155,20 @@ public class SRPPublicKey extends SRPKey implements PublicKey
   }
 
   /**
-   * <p>Returns <code>true</code> if the designated object is an instance of
-   * <code>SRPPublicKey</code>and has the same SRP parameter values as this one.
-   * </p>
-   *
+   * Returns <code>true</code> if the designated object is an instance of
+   * <code>SRPPublicKey</code>and has the same SRP parameter values as this
+   * one.
+   * 
    * @param obj the other non-null SRP key to compare to.
-   * @return <code>true</code> if the designated object is of the same type and
-   * value as this one.
+   * @return <code>true</code> if the designated object is of the same type
+   *         and value as this one.
    */
   public boolean equals(Object obj)
   {
     if (obj == null)
-      {
-        return false;
-      }
-    if (!(obj instanceof SRPPublicKey))
-      {
-        return false;
-      }
+      return false;
+    if (! (obj instanceof SRPPublicKey))
+      return false;
     SRPPublicKey that = (SRPPublicKey) obj;
     return super.equals(that) && Y.equals(that.getY());
   }
diff --git a/libjava/classpath/gnu/javax/crypto/keyring/AuthenticatedEntry.java b/libjava/classpath/gnu/javax/crypto/keyring/AuthenticatedEntry.java
index 22b42b3ea0b..cd2e5868db9 100644
--- a/libjava/classpath/gnu/javax/crypto/keyring/AuthenticatedEntry.java
+++ b/libjava/classpath/gnu/javax/crypto/keyring/AuthenticatedEntry.java
@@ -38,46 +38,32 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.keyring;
 
+import gnu.java.security.Registry;
+import gnu.javax.crypto.mac.IMac;
+import gnu.javax.crypto.mac.MacFactory;
+import gnu.javax.crypto.mac.MacOutputStream;
+
 import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
 import java.io.DataInputStream;
 import java.io.DataOutputStream;
 import java.io.IOException;
-
 import java.security.InvalidKeyException;
-
 import java.util.Arrays;
-import java.util.Date;
-import java.util.Iterator;
 import java.util.HashMap;
-import java.util.List;
-
-import gnu.java.security.Registry;
-import gnu.javax.crypto.mac.IMac;
-import gnu.javax.crypto.mac.MacFactory;
-import gnu.javax.crypto.mac.MacInputStream;
-import gnu.javax.crypto.mac.MacOutputStream;
+import java.util.Iterator;
 
-public final class AuthenticatedEntry extends MaskableEnvelopeEntry implements
-    Registry
+public final class AuthenticatedEntry
+    extends MaskableEnvelopeEntry
+    implements Registry
 {
-
-  // Constants and fields.
-  // ------------------------------------------------------------------------
-
   public static final int TYPE = 2;
 
-  // Constructor.
-  // ------------------------------------------------------------------------
-
   public AuthenticatedEntry(String mac, int macLen, Properties properties)
   {
     super(TYPE, properties);
-
     if (macLen <= 0)
-      {
-        throw new IllegalArgumentException("invalid mac length");
-      }
+      throw new IllegalArgumentException("invalid mac length");
     this.properties.put("mac", mac);
     this.properties.put("maclen", String.valueOf(macLen));
     setMasked(false);
@@ -89,32 +75,22 @@ public final class AuthenticatedEntry extends MaskableEnvelopeEntry implements
     setMasked(true);
   }
 
-  // Class methods.
-  // ------------------------------------------------------------------------
-
   public static AuthenticatedEntry decode(DataInputStream in)
       throws IOException
   {
     AuthenticatedEntry entry = new AuthenticatedEntry();
     entry.properties.decode(in);
-    if (!entry.properties.containsKey("mac"))
-      {
-        throw new MalformedKeyringException("no mac specified");
-      }
-    if (!entry.properties.containsKey("maclen"))
-      {
-        throw new MalformedKeyringException("no mac length specified");
-      }
+    if (! entry.properties.containsKey("mac"))
+      throw new MalformedKeyringException("no mac specified");
+    if (! entry.properties.containsKey("maclen"))
+      throw new MalformedKeyringException("no mac length specified");
     return entry;
   }
 
-  // Instance methods.
-  // ------------------------------------------------------------------------
-
   /**
    * Computes the mac over this envelope's data. This method <b>must</b> be
    * called before this entry in encoded.
-   *
+   * 
    * @param key The key to authenticate with.
    * @throws IOException If encoding fails.
    * @throws InvalidKeyException If the supplied key is bad.
@@ -122,11 +98,8 @@ public final class AuthenticatedEntry extends MaskableEnvelopeEntry implements
   public void authenticate(byte[] key) throws IOException, InvalidKeyException
   {
     if (isMasked())
-      {
-        throw new IllegalStateException("entry is masked");
-      }
+      throw new IllegalStateException("entry is masked");
     IMac m = getMac(key);
-
     ByteArrayOutputStream bout = new ByteArrayOutputStream(1024);
     MacOutputStream macout = new MacOutputStream(bout, m);
     DataOutputStream out2 = new DataOutputStream(macout);
@@ -140,36 +113,28 @@ public final class AuthenticatedEntry extends MaskableEnvelopeEntry implements
   }
 
   /**
-   * Verifies this entry's payload. This method will unmask this entry,
-   * thus it must be called before accessing its contents.
-   *
+   * Verifies this entry's payload. This method will unmask this entry, thus it
+   * must be called before accessing its contents.
+   * 
    * @param key The key to use to authenticate.
    * @throws InvalidKeyException If the given key is improper.
    */
   public void verify(byte[] key) throws InvalidKeyException
   {
-    if (!isMasked() || payload == null)
-      {
-        return;
-      }
+    if (! isMasked() || payload == null)
+      return;
     IMac m = getMac(key);
-
     m.update(payload, 0, payload.length - m.macSize());
     byte[] macValue = new byte[m.macSize()];
     System.arraycopy(payload, payload.length - macValue.length, macValue, 0,
                      macValue.length);
-    if (!Arrays.equals(macValue, m.digest()))
-      {
-        throw new IllegalArgumentException("MAC verification failed");
-      }
+    if (! Arrays.equals(macValue, m.digest()))
+      throw new IllegalArgumentException("MAC verification failed");
     try
       {
-        DataInputStream in = new DataInputStream(
-                                                 new ByteArrayInputStream(
-                                                                          payload,
-                                                                          0,
-                                                                          payload.length
-                                                                              - m.macSize()));
+        int len = payload.length - m.macSize();
+        ByteArrayInputStream bais = new ByteArrayInputStream(payload, 0, len);
+        DataInputStream in = new DataInputStream(bais);
         decodeEnvelope(in);
       }
     catch (IOException ioe)
@@ -183,27 +148,17 @@ public final class AuthenticatedEntry extends MaskableEnvelopeEntry implements
   protected void encodePayload() throws IOException
   {
     if (payload == null)
-      {
-        throw new IllegalStateException("not authenticated");
-      }
+      throw new IllegalStateException("not authenticated");
   }
 
-  // Own methods.
-  // ------------------------------------------------------------------------
-
   private IMac getMac(byte[] key) throws InvalidKeyException
   {
     IMac mac = MacFactory.getInstance(properties.get("mac"));
     if (mac == null)
-      {
-        throw new IllegalArgumentException("no such mac: "
-                                           + properties.get("mac"));
-      }
+      throw new IllegalArgumentException("no such mac: " + properties.get("mac"));
     int maclen = 0;
-    if (!properties.containsKey("maclen"))
-      {
-        throw new IllegalArgumentException("no MAC length");
-      }
+    if (! properties.containsKey("maclen"))
+      throw new IllegalArgumentException("no MAC length");
     try
       {
         maclen = Integer.parseInt(properties.get("maclen"));
@@ -212,10 +167,9 @@ public final class AuthenticatedEntry extends MaskableEnvelopeEntry implements
       {
         throw new IllegalArgumentException("bad MAC length");
       }
-
     HashMap macAttr = new HashMap();
     macAttr.put(IMac.MAC_KEY_MATERIAL, key);
-    macAttr.put(IMac.TRUNCATED_SIZE, new Integer(maclen));
+    macAttr.put(IMac.TRUNCATED_SIZE, Integer.valueOf(maclen));
     mac.init(macAttr);
     return mac;
   }
diff --git a/libjava/classpath/gnu/javax/crypto/keyring/BaseKeyring.java b/libjava/classpath/gnu/javax/crypto/keyring/BaseKeyring.java
index 5fe7dbf4deb..369507d4c73 100644
--- a/libjava/classpath/gnu/javax/crypto/keyring/BaseKeyring.java
+++ b/libjava/classpath/gnu/javax/crypto/keyring/BaseKeyring.java
@@ -38,86 +38,58 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.keyring;
 
-import java.io.InputStream;
+import gnu.java.security.Registry;
+
 import java.io.IOException;
+import java.io.InputStream;
 import java.io.OutputStream;
-
 import java.util.Enumeration;
 import java.util.List;
 import java.util.Map;
 import java.util.StringTokenizer;
 
-import gnu.java.security.Registry;
-
-public abstract class BaseKeyring implements IKeyring
+public abstract class BaseKeyring
+    implements IKeyring
 {
-
-  // Fields.
-  // ------------------------------------------------------------------------
-
-  /**
-   * The top-level keyring data.
-   */
+  /** The top-level keyring data. */
   protected PasswordAuthenticatedEntry keyring;
-
   protected CompressedEntry keyring2;
 
-  // Constructors.
-  // ------------------------------------------------------------------------
-
   public BaseKeyring()
   {
   }
 
-  // Instance methods.
-  // ------------------------------------------------------------------------
-
   public void load(Map attributes) throws IOException
   {
     InputStream in = (InputStream) attributes.get(KEYRING_DATA_IN);
     if (in == null)
-      {
-        throw new IllegalArgumentException("no input stream");
-      }
+      throw new IllegalArgumentException("no input stream");
     char[] password = (char[]) attributes.get(KEYRING_PASSWORD);
     if (password == null)
-      {
-        password = new char[0];
-      }
+      password = new char[0];
 
     if (in.read() != Registry.GKR_MAGIC[0]
         || in.read() != Registry.GKR_MAGIC[1]
         || in.read() != Registry.GKR_MAGIC[2]
         || in.read() != Registry.GKR_MAGIC[3])
-      {
-        throw new MalformedKeyringException("magic");
-      }
+      throw new MalformedKeyringException("magic");
 
     load(in, password);
-
     List l = keyring.getEntries();
     if (l.size() == 1 && (l.get(0) instanceof CompressedEntry))
-      {
-        keyring2 = (CompressedEntry) l.get(0);
-      }
+      keyring2 = (CompressedEntry) l.get(0);
   }
 
   public void store(Map attributes) throws IOException
   {
     OutputStream out = (OutputStream) attributes.get(KEYRING_DATA_OUT);
     if (out == null)
-      {
-        throw new IllegalArgumentException("no output stream");
-      }
+      throw new IllegalArgumentException("no output stream");
     char[] password = (char[]) attributes.get(KEYRING_PASSWORD);
     if (password == null)
-      {
-        password = new char[0];
-      }
+      password = new char[0];
     if (keyring == null)
-      {
-        throw new IllegalStateException("empty keyring");
-      }
+      throw new IllegalStateException("empty keyring");
 
     out.write(Registry.GKR_MAGIC);
     store(out, password);
@@ -131,45 +103,35 @@ public abstract class BaseKeyring implements IKeyring
   public int size()
   {
     if (keyring == null)
-      {
-        throw new IllegalStateException ("keyring not loaded");
-      }
+      throw new IllegalStateException("keyring not loaded");
     return ((StringTokenizer) aliases()).countTokens();
   }
 
   public Enumeration aliases()
   {
     if (keyring == null)
-      {
-        throw new IllegalStateException ("keyring not loaded");
-      }
+      throw new IllegalStateException("keyring not loaded");
     return new StringTokenizer(keyring.getAliasList(), ";");
   }
 
   public boolean containsAlias(String alias)
   {
     if (keyring == null)
-      {
-        throw new IllegalStateException("keyring not loaded");
-      }
+      throw new IllegalStateException("keyring not loaded");
     return keyring.containsAlias(alias);
   }
 
   public List get(String alias)
   {
     if (keyring == null)
-      {
-        throw new IllegalStateException("keyring not loaded");
-      }
+      throw new IllegalStateException("keyring not loaded");
     return keyring.get(alias);
   }
 
   public void add(Entry entry)
   {
     if (keyring == null)
-      {
-        throw new IllegalStateException("keyring not loaded");
-      }
+      throw new IllegalStateException("keyring not loaded");
     if (keyring2 != null)
       keyring2.add(entry);
     else
@@ -179,9 +141,7 @@ public abstract class BaseKeyring implements IKeyring
   public void remove(String alias)
   {
     if (keyring == null)
-      {
-        throw new IllegalStateException("keyring not loaded");
-      }
+      throw new IllegalStateException("keyring not loaded");
     keyring.remove(alias);
   }
 
diff --git a/libjava/classpath/gnu/javax/crypto/keyring/BinaryDataEntry.java b/libjava/classpath/gnu/javax/crypto/keyring/BinaryDataEntry.java
index 2dcd5454fb6..e694487e141 100644
--- a/libjava/classpath/gnu/javax/crypto/keyring/BinaryDataEntry.java
+++ b/libjava/classpath/gnu/javax/crypto/keyring/BinaryDataEntry.java
@@ -40,29 +40,22 @@ package gnu.javax.crypto.keyring;
 
 import java.io.DataInputStream;
 import java.io.IOException;
-
 import java.util.Date;
 
 /**
- * A binary data entry is a primitive entry that simply contains some amount
- * of arbitrary binary data and an optional content type.
+ * A binary data entry is a primitive entry that simply contains some amount of
+ * arbitrary binary data and an optional content type.
  */
-public class BinaryDataEntry extends PrimitiveEntry
+public class BinaryDataEntry
+    extends PrimitiveEntry
 {
-
-  // Fields.
-  // ------------------------------------------------------------------------
-
   public static final int TYPE = 9;
 
-  // Constructors.
-  // ------------------------------------------------------------------------
-
   /**
    * Creates a new binary data entry.
-   *
-   * @param contentType The content type of this entry. This parameter can
-   *   be <code>null</code> if no content type is needed.
+   * 
+   * @param contentType The content type of this entry. This parameter can be
+   *          <code>null</code> if no content type is needed.
    * @param data The data.
    * @param creationDate The creation date.
    * @param properties This entry's properties.
@@ -72,14 +65,10 @@ public class BinaryDataEntry extends PrimitiveEntry
   {
     super(TYPE, creationDate, properties);
     if (data == null)
-      {
-        throw new IllegalArgumentException("no data");
-      }
+      throw new IllegalArgumentException("no data");
     payload = (byte[]) data.clone();
     if (contentType != null)
-      {
-        this.properties.put("content-type", contentType);
-      }
+      this.properties.put("content-type", contentType);
   }
 
   private BinaryDataEntry()
@@ -87,9 +76,6 @@ public class BinaryDataEntry extends PrimitiveEntry
     super(TYPE);
   }
 
-  // Class methods.
-  // ------------------------------------------------------------------------
-
   public static BinaryDataEntry decode(DataInputStream in) throws IOException
   {
     BinaryDataEntry entry = new BinaryDataEntry();
@@ -97,13 +83,10 @@ public class BinaryDataEntry extends PrimitiveEntry
     return entry;
   }
 
-  // Instance methods.
-  // ------------------------------------------------------------------------
-
   /**
    * Returns the content type of this entry, or <code>null</code> if this
    * property is not set.
-   *
+   * 
    * @return The content type.
    */
   public String getContentType()
@@ -113,7 +96,7 @@ public class BinaryDataEntry extends PrimitiveEntry
 
   /**
    * Returns this object's data field.
-   *
+   * 
    * @return The data.
    */
   public byte[] getData()
diff --git a/libjava/classpath/gnu/javax/crypto/keyring/CertPathEntry.java b/libjava/classpath/gnu/javax/crypto/keyring/CertPathEntry.java
index ef62347ec9d..32b86084f31 100644
--- a/libjava/classpath/gnu/javax/crypto/keyring/CertPathEntry.java
+++ b/libjava/classpath/gnu/javax/crypto/keyring/CertPathEntry.java
@@ -40,40 +40,28 @@ package gnu.javax.crypto.keyring;
 
 import java.io.ByteArrayOutputStream;
 import java.io.DataInputStream;
-import java.io.DataOutputStream;
 import java.io.IOException;
-
 import java.security.cert.Certificate;
 import java.security.cert.CertificateEncodingException;
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateFactory;
-
 import java.util.Date;
 
 /**
  * A primitive entry that contains a path of X.509 certificates.
  */
-public final class CertPathEntry extends PrimitiveEntry
+public final class CertPathEntry
+    extends PrimitiveEntry
 {
-
-  // Constants and fields.
-  // ------------------------------------------------------------------------
-
   public static final int TYPE = 8;
-
   private Certificate[] path;
 
-  // Constructor.
-  // ------------------------------------------------------------------------
-
   public CertPathEntry(Certificate[] path, Date creationDate,
                        Properties properties)
   {
     super(TYPE, creationDate, properties);
     if (path == null || path.length == 0)
-      {
-        throw new IllegalArgumentException("no certificate path");
-      }
+      throw new IllegalArgumentException("no certificate path");
     this.path = (Certificate[]) path.clone();
   }
 
@@ -82,9 +70,6 @@ public final class CertPathEntry extends PrimitiveEntry
     super(TYPE);
   }
 
-  // Class method.
-  // ------------------------------------------------------------------------
-
   public static CertPathEntry decode(DataInputStream in) throws IOException
   {
     CertPathEntry entry = new CertPathEntry();
@@ -95,8 +80,7 @@ public final class CertPathEntry extends PrimitiveEntry
     try
       {
         CertificateFactory fact = CertificateFactory.getInstance("X.509");
-        entry.path = (Certificate[]) fact.generateCertificates(in2).toArray(
-                                                                            new Certificate[0]);
+        entry.path = (Certificate[]) fact.generateCertificates(in2).toArray(new Certificate[0]);
       }
     catch (CertificateException ce)
       {
@@ -105,9 +89,6 @@ public final class CertPathEntry extends PrimitiveEntry
     return entry;
   }
 
-  // Instance methods.
-  // ------------------------------------------------------------------------
-
   public Certificate[] getCertPath()
   {
     return path;
@@ -120,9 +101,7 @@ public final class CertPathEntry extends PrimitiveEntry
     try
       {
         for (int i = 0; i < path.length; i++)
-          {
-            bout.write(path[i].getEncoded());
-          }
+          bout.write(path[i].getEncoded());
       }
     catch (CertificateEncodingException cee)
       {
diff --git a/libjava/classpath/gnu/javax/crypto/keyring/CertificateEntry.java b/libjava/classpath/gnu/javax/crypto/keyring/CertificateEntry.java
index 95a708ac53f..661758442cc 100644
--- a/libjava/classpath/gnu/javax/crypto/keyring/CertificateEntry.java
+++ b/libjava/classpath/gnu/javax/crypto/keyring/CertificateEntry.java
@@ -39,50 +39,38 @@ exception statement from your version.  */
 package gnu.javax.crypto.keyring;
 
 import java.io.DataInputStream;
-import java.io.DataOutputStream;
 import java.io.IOException;
 import java.security.cert.Certificate;
 import java.security.cert.CertificateEncodingException;
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
 import java.util.Date;
 
 /**
- * <p>An immutable class representing a trusted certificate entry.</p>
+ * An immutable class representing a trusted certificate entry.
  */
-public final class CertificateEntry extends PrimitiveEntry
+public final class CertificateEntry
+    extends PrimitiveEntry
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   public static final int TYPE = 5;
-
   /** The certificate. */
   private Certificate certificate;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
    * Creates a new certificate entry.
-   *
+   * 
    * @param certificate The certificate.
    * @param creationDate The creation date.
    * @param properties The alias.
    * @throws IllegalArgumentException If any argument is null, or if the alias
-   * is empty.
+   *           is empty.
    */
   public CertificateEntry(Certificate certificate, Date creationDate,
                           Properties properties)
   {
     super(TYPE, creationDate, properties);
-
     if (certificate == null)
-      {
-        throw new IllegalArgumentException("no certificate");
-      }
+      throw new IllegalArgumentException("no certificate");
     this.certificate = certificate;
     this.properties.put("type", certificate.getType());
   }
@@ -92,9 +80,6 @@ public final class CertificateEntry extends PrimitiveEntry
     super(TYPE);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   public static CertificateEntry decode(DataInputStream in) throws IOException
   {
     CertificateEntry entry = new CertificateEntry();
@@ -102,9 +87,7 @@ public final class CertificateEntry extends PrimitiveEntry
     entry.makeCreationDate();
     String type = entry.properties.get("type");
     if (type == null)
-      {
-        throw new MalformedKeyringException("no certificate type");
-      }
+      throw new MalformedKeyringException("no certificate type");
     int len = in.readInt();
     MeteredInputStream in2 = new MeteredInputStream(in, len);
     try
@@ -116,19 +99,14 @@ public final class CertificateEntry extends PrimitiveEntry
       {
         throw new MalformedKeyringException(ce.toString());
       }
-    if (!in2.limitReached())
-      {
-        throw new MalformedKeyringException("extra data at end of payload");
-      }
+    if (! in2.limitReached())
+      throw new MalformedKeyringException("extra data at end of payload");
     return entry;
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   /**
    * Returns this entry's certificate.
-   *
+   * 
    * @return The certificate.
    */
   public Certificate getCertificate()
diff --git a/libjava/classpath/gnu/javax/crypto/keyring/CompressedEntry.java b/libjava/classpath/gnu/javax/crypto/keyring/CompressedEntry.java
index cce930d739d..b24c6715ab7 100644
--- a/libjava/classpath/gnu/javax/crypto/keyring/CompressedEntry.java
+++ b/libjava/classpath/gnu/javax/crypto/keyring/CompressedEntry.java
@@ -42,22 +42,15 @@ import java.io.ByteArrayOutputStream;
 import java.io.DataInputStream;
 import java.io.DataOutputStream;
 import java.io.IOException;
-
 import java.util.Iterator;
 import java.util.zip.DeflaterOutputStream;
 import java.util.zip.InflaterInputStream;
 
-public class CompressedEntry extends EnvelopeEntry
+public class CompressedEntry
+    extends EnvelopeEntry
 {
-
-  // Constants and fields.
-  // ------------------------------------------------------------------------
-
   public static final int TYPE = 4;
 
-  // Constructor.
-  // ------------------------------------------------------------------------
-
   public CompressedEntry(Properties properties)
   {
     super(TYPE, properties);
@@ -69,24 +62,16 @@ public class CompressedEntry extends EnvelopeEntry
     this(new Properties());
   }
 
-  // Class methods.
-  // ------------------------------------------------------------------------
-
   public static CompressedEntry decode(DataInputStream in) throws IOException
   {
     CompressedEntry entry = new CompressedEntry();
     entry.properties.decode(in);
     String alg = entry.properties.get("algorithm");
     if (alg == null)
-      {
-        throw new MalformedKeyringException("no compression algorithm");
-      }
-    if (!alg.equalsIgnoreCase("DEFLATE"))
-      {
-        throw new MalformedKeyringException(
-                                            "unsupported compression algorithm: "
-                                                + alg);
-      }
+      throw new MalformedKeyringException("no compression algorithm");
+    if (! alg.equalsIgnoreCase("DEFLATE"))
+      throw new MalformedKeyringException("unsupported compression algorithm: "
+                                          + alg);
     int len = in.readInt();
     MeteredInputStream min = new MeteredInputStream(in, len);
     InflaterInputStream infin = new InflaterInputStream(min);
@@ -95,18 +80,13 @@ public class CompressedEntry extends EnvelopeEntry
     return entry;
   }
 
-  // Instance methods.
-  // ------------------------------------------------------------------------
-
   protected void encodePayload() throws IOException
   {
     ByteArrayOutputStream buf = new ByteArrayOutputStream(1024);
     DeflaterOutputStream dout = new DeflaterOutputStream(buf);
     DataOutputStream out2 = new DataOutputStream(dout);
     for (Iterator it = entries.iterator(); it.hasNext();)
-      {
-        ((Entry) it.next()).encode(out2);
-      }
+      ((Entry) it.next()).encode(out2);
     dout.finish();
     payload = buf.toByteArray();
   }
diff --git a/libjava/classpath/gnu/javax/crypto/keyring/EncryptedEntry.java b/libjava/classpath/gnu/javax/crypto/keyring/EncryptedEntry.java
index fad5f54b236..f0693cc91d2 100644
--- a/libjava/classpath/gnu/javax/crypto/keyring/EncryptedEntry.java
+++ b/libjava/classpath/gnu/javax/crypto/keyring/EncryptedEntry.java
@@ -38,21 +38,6 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.keyring;
 
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.DataInputStream;
-import java.io.DataOutputStream;
-import java.io.IOException;
-
-import java.security.InvalidKeyException;
-
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.Date;
-import java.util.Iterator;
-import java.util.HashMap;
-import java.util.List;
-
 import gnu.java.security.Registry;
 import gnu.javax.crypto.cipher.CipherFactory;
 import gnu.javax.crypto.cipher.IBlockCipher;
@@ -62,25 +47,24 @@ import gnu.javax.crypto.pad.IPad;
 import gnu.javax.crypto.pad.PadFactory;
 import gnu.javax.crypto.pad.WrongPaddingException;
 
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.DataInputStream;
+import java.io.DataOutputStream;
+import java.io.IOException;
+import java.security.InvalidKeyException;
+import java.util.HashMap;
+import java.util.Iterator;
+
 public class EncryptedEntry extends MaskableEnvelopeEntry implements Registry
 {
-
-  // Constants and fields.
-  // ------------------------------------------------------------------------
-
   public static final int TYPE = 0;
 
-  // Constructor.
-  // ------------------------------------------------------------------------
-
   public EncryptedEntry(String cipher, String mode, Properties properties)
   {
     super(TYPE, properties);
     if (cipher == null || mode == null)
-      {
-        throw new IllegalArgumentException(
-                                           "neither cipher nor mode can be null");
-      }
+      throw new IllegalArgumentException("neither cipher nor mode can be null");
     properties.put("cipher", cipher);
     properties.put("mode", mode);
     setMasked(false);
@@ -92,34 +76,22 @@ public class EncryptedEntry extends MaskableEnvelopeEntry implements Registry
     setMasked(true);
   }
 
-  // Class methods.
-  // ------------------------------------------------------------------------
-
   public static EncryptedEntry decode(DataInputStream in) throws IOException
   {
     EncryptedEntry entry = new EncryptedEntry();
     entry.defaultDecode(in);
-    if (!entry.properties.containsKey("cipher"))
-      {
-        throw new MalformedKeyringException("no cipher");
-      }
-    if (!entry.properties.containsKey("cipher"))
-      {
-        throw new MalformedKeyringException("no cipher");
-      }
+    if (! entry.properties.containsKey("cipher"))
+      throw new MalformedKeyringException("no cipher");
+    if (! entry.properties.containsKey("cipher"))
+      throw new MalformedKeyringException("no cipher");
     return entry;
   }
 
-  // Instance methods.
-  // ------------------------------------------------------------------------
-
   public void decrypt(byte[] key, byte[] iv) throws IllegalArgumentException,
       WrongPaddingException
   {
-    if (!isMasked() || payload == null)
-      {
-        return;
-      }
+    if (! isMasked() || payload == null)
+      return;
     IMode mode = getMode(key, iv, IMode.DECRYPTION);
     IPad padding = null;
     padding = PadFactory.getInstance("PKCS7");
@@ -132,12 +104,8 @@ public class EncryptedEntry extends MaskableEnvelopeEntry implements Registry
         count += mode.currentBlockSize();
       }
     int padlen = padding.unpad(buf, 0, buf.length);
-    DataInputStream in = new DataInputStream(
-                                             new ByteArrayInputStream(
-                                                                      buf,
-                                                                      0,
-                                                                      buf.length
-                                                                          - padlen));
+    int len = buf.length - padlen;
+    DataInputStream in = new DataInputStream(new ByteArrayInputStream(buf, 0, len));
     try
       {
         decodeEnvelope(in);
@@ -181,22 +149,14 @@ public class EncryptedEntry extends MaskableEnvelopeEntry implements Registry
   public void encodePayload() throws IOException
   {
     if (payload == null)
-      {
-        throw new IOException("not encrypted");
-      }
+      throw new IOException("not encrypted");
   }
 
-  // Own methods.
-  // ------------------------------------------------------------------------
-
   private IMode getMode(byte[] key, byte[] iv, int state)
   {
     IBlockCipher cipher = CipherFactory.getInstance(properties.get("cipher"));
     if (cipher == null)
-      {
-        throw new IllegalArgumentException("no such cipher: "
-                                           + properties.get("cipher"));
-      }
+      throw new IllegalArgumentException("no such cipher: " + properties.get("cipher"));
     int blockSize = cipher.defaultBlockSize();
     if (properties.containsKey("block-size"))
       {
@@ -210,17 +170,13 @@ public class EncryptedEntry extends MaskableEnvelopeEntry implements Registry
                                                + nfe.getMessage());
           }
       }
-    IMode mode = ModeFactory.getInstance(properties.get("mode"), cipher,
-                                         blockSize);
+    IMode mode = ModeFactory.getInstance(properties.get("mode"), cipher, blockSize);
     if (mode == null)
-      {
-        throw new IllegalArgumentException("no such mode: "
-                                           + properties.get("mode"));
-      }
+      throw new IllegalArgumentException("no such mode: " + properties.get("mode"));
 
     HashMap modeAttr = new HashMap();
     modeAttr.put(IMode.KEY_MATERIAL, key);
-    modeAttr.put(IMode.STATE, new Integer(state));
+    modeAttr.put(IMode.STATE, Integer.valueOf(state));
     modeAttr.put(IMode.IV, iv);
     try
       {
diff --git a/libjava/classpath/gnu/javax/crypto/keyring/Entry.java b/libjava/classpath/gnu/javax/crypto/keyring/Entry.java
index fa7f496798b..ef225db95e6 100644
--- a/libjava/classpath/gnu/javax/crypto/keyring/Entry.java
+++ b/libjava/classpath/gnu/javax/crypto/keyring/Entry.java
@@ -38,49 +38,51 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.keyring;
 
+import gnu.java.security.Configuration;
+
 import java.io.DataInputStream;
 import java.io.DataOutputStream;
 import java.io.IOException;
+import java.util.logging.Logger;
 
 /**
  * An immutable class representing a single entry in a keyring.
  */
 public abstract class Entry
 {
-
-  // Fields.
-  // ------------------------------------------------------------------------
-
+  private static final Logger log = Logger.getLogger(Entry.class.getName());
+  private static final String[] TYPES = new String[] {
+      "Encrypted",
+      "PasswordEncrypted",
+      "Authenticated",
+      "PasswordAuthenticated",
+      "Compressed",
+      "Certificate",
+      "PublicKey",
+      "PrivateKey",
+      "CertPath",
+      "BinaryData" };
   /** This entry's type identifier. */
   protected int type;
-
   /** This entry's property set. */
   protected Properties properties;
-
   /** This entry's payload. */
   protected byte[] payload;
 
-  // Constructor.
-  // ------------------------------------------------------------------------
-
   /**
    * Creates a new Entry.
-   *
+   * 
    * @param type This entry's type.
    * @param properties This entry's properties.
-   * @throws IllegalArgumentException If the properties argument is null,
-   *   or if the type is out of range.
+   * @throws IllegalArgumentException If the properties argument is null, or if
+   *           the type is out of range.
    */
   protected Entry(int type, Properties properties)
   {
     if (type < 0 || type > 255)
-      {
-        throw new IllegalArgumentException("invalid packet type");
-      }
+      throw new IllegalArgumentException("invalid packet type");
     if (properties == null)
-      {
-        throw new IllegalArgumentException("no properties");
-      }
+      throw new IllegalArgumentException("no properties");
     this.type = type;
     this.properties = (Properties) properties.clone();
   }
@@ -91,20 +93,15 @@ public abstract class Entry
   protected Entry(final int type)
   {
     if (type < 0 || type > 255)
-      {
-        throw new IllegalArgumentException("invalid packet type");
-      }
+      throw new IllegalArgumentException("invalid packet type");
     this.type = type;
     properties = new Properties();
   }
 
-  // Instance methods.
-  // ------------------------------------------------------------------------
-
   /**
    * Returns this entry's properties object. The properties are cloned before
    * being returned.
-   *
+   * 
    * @return The properties.
    */
   public Properties getProperties()
@@ -123,28 +120,35 @@ public abstract class Entry
   }
 
   /**
-   * This method is called when this entry needs to be written to an
-   * output stream.
-   *
+   * This method is called when this entry needs to be written to an output
+   * stream.
+   * 
    * @param out The stream to write to.
    * @throws IOException If an I/O exception occurs.
    */
   public void encode(DataOutputStream out) throws IOException
   {
     if (payload == null)
-      {
-        encodePayload();
-      }
+      encodePayload();
     if (out == null)
-      {
-        return;
-      }
+      return;
     out.write(type);
     properties.encode(out);
     out.writeInt(payload.length);
     out.write(payload);
   }
 
+  public String toString()
+  {
+    return new StringBuilder("Entry{")
+        .append("type=").append(TYPES[type])
+        .append(", properties=").append(properties)
+        .append(", payload=")
+        .append(payload == null ? "-" : "byte[" + payload.length + "]")
+        .append( "}")
+        .toString();
+  }
+
   /**
    * Generic decoding method, which simply decodes the properties field
    * and reads the payload field.
@@ -158,16 +162,13 @@ public abstract class Entry
     properties.decode(in);
     int len = in.readInt();
     if (len < 0)
-      {
-        throw new IOException("corrupt length");
-      }
+      throw new IOException("corrupt length");
+    if (Configuration.DEBUG)
+      log.fine("About to instantiate new payload byte array for " + this);
     payload = new byte[len];
     in.readFully(payload);
   }
 
-  // Abstract methods.
-  // ------------------------------------------------------------------------
-
   /**
    * This method is called of subclasses when the payload data needs to be
    * created.
diff --git a/libjava/classpath/gnu/javax/crypto/keyring/EnvelopeEntry.java b/libjava/classpath/gnu/javax/crypto/keyring/EnvelopeEntry.java
index 25b1dc2a04d..fe39091b05c 100644
--- a/libjava/classpath/gnu/javax/crypto/keyring/EnvelopeEntry.java
+++ b/libjava/classpath/gnu/javax/crypto/keyring/EnvelopeEntry.java
@@ -38,45 +38,38 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.keyring;
 
+import gnu.java.security.Configuration;
+
 import java.io.ByteArrayOutputStream;
 import java.io.DataInputStream;
 import java.io.DataOutputStream;
 import java.io.IOException;
-
 import java.util.ArrayList;
-import java.util.Date;
 import java.util.Iterator;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.StringTokenizer;
+import java.util.logging.Logger;
 
 /**
- * An envelope entry is a generic container for some number of primitive
- * and other envelope entries.
+ * An envelope entry is a generic container for some number of primitive and
+ * other envelope entries.
  */
-public abstract class EnvelopeEntry extends Entry
+public abstract class EnvelopeEntry
+    extends Entry
 {
-
-  // Fields.
-  // ------------------------------------------------------------------------
-
+  private static final Logger log = Logger.getLogger(EnvelopeEntry.class.getName());
   /** The envelope that contains this one (if any). */
   protected EnvelopeEntry containingEnvelope;
-
   /** The contained entries. */
   protected List entries;
 
-  // Constructor.
-  // ------------------------------------------------------------------------
-
   public EnvelopeEntry(int type, Properties properties)
   {
     super(type, properties);
     entries = new LinkedList();
     if (this.properties.get("alias-list") != null)
-      {
-        this.properties.remove("alias-list");
-      }
+      this.properties.remove("alias-list");
   }
 
   protected EnvelopeEntry(int type)
@@ -85,84 +78,85 @@ public abstract class EnvelopeEntry extends Entry
     entries = new LinkedList();
   }
 
-  // Instance methods.
-  // ------------------------------------------------------------------------
-
   /**
    * Adds an entry to this envelope.
-   *
+   * 
    * @param entry The entry to add.
    */
   public void add(Entry entry)
   {
-    if (!containsEntry(entry))
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "add", entry);
+    if (! containsEntry(entry))
       {
         if (entry instanceof EnvelopeEntry)
-          {
-            ((EnvelopeEntry) entry).setContainingEnvelope(this);
-          }
+          ((EnvelopeEntry) entry).setContainingEnvelope(this);
         entries.add(entry);
-        payload = null;
+        if (Configuration.DEBUG)
+          log.fine("Payload is " + (payload == null ? "" : "not ") + "null");
         makeAliasList();
       }
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "add");
   }
 
   /**
-   * Tests if this envelope contains a primitive entry with the
-   * given alias.
-   *
+   * Tests if this envelope contains a primitive entry with the given alias.
+   * 
    * @param alias The alias to test.
-   * @return True if this envelope (or one of the contained envelopes)
-   *   contains a primitive entry with the given alias.
+   * @return True if this envelope (or one of the contained envelopes) contains
+   *         a primitive entry with the given alias.
    */
   public boolean containsAlias(String alias)
   {
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "containsAlias", alias);
     String aliases = getAliasList();
-    if (aliases == null)
+    if (Configuration.DEBUG)
+      log.fine("aliases = [" + aliases + "]");
+    boolean result = false;
+    if (aliases != null)
       {
-        return false;
+        StringTokenizer tok = new StringTokenizer(aliases, ";");
+        while (tok.hasMoreTokens())
+          if (tok.nextToken().equals(alias))
+            {
+              result = true;
+              break;
+            }
       }
-    StringTokenizer tok = new StringTokenizer(aliases, ";");
-    while (tok.hasMoreTokens())
-      {
-        if (tok.nextToken().equals(alias))
-          {
-            return true;
-          }
-      }
-    return false;
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "containsAlias",
+                  Boolean.valueOf(result));
+    return result;
   }
 
   /**
    * Tests if this envelope contains the given entry.
-   *
+   * 
    * @param entry The entry to test.
    * @return True if this envelope contains the given entry.
    */
   public boolean containsEntry(Entry entry)
   {
     if (entry instanceof EnvelopeEntry)
-      {
-        return entries.contains(entry);
-      }
-    else if (entry instanceof PrimitiveEntry)
-      {
-        for (Iterator it = entries.iterator(); it.hasNext();)
-          {
-            Entry e = (Entry) it.next();
-            if (e.equals(entry))
-              return true;
-            if ((e instanceof EnvelopeEntry)
-                && ((EnvelopeEntry) e).containsEntry(entry))
-              return true;
-          }
-      }
+      return entries.contains(entry);
+    if (entry instanceof PrimitiveEntry)
+      for (Iterator it = entries.iterator(); it.hasNext();)
+        {
+          Entry e = (Entry) it.next();
+          if (e.equals(entry))
+            return true;
+          if ((e instanceof EnvelopeEntry)
+              && ((EnvelopeEntry) e).containsEntry(entry))
+            return true;
+        }
     return false;
   }
 
   /**
    * Returns a copy of all entries this envelope contains.
-   *
+   * 
    * @return All contained entries.
    */
   public List getEntries()
@@ -171,73 +165,77 @@ public abstract class EnvelopeEntry extends Entry
   }
 
   /**
-   * Gets all primitive entries that have the given alias. If there
-   * are any masked entries that contain the given alias, they will
-   * be returned as well.
-   *
+   * Gets all primitive entries that have the given alias. If there are any
+   * masked entries that contain the given alias, they will be returned as well.
+   * 
    * @param alias The alias of the entries to get.
    * @return A list of all primitive entries that have the given alias.
    */
   public List get(String alias)
   {
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "get", alias);
     List result = new LinkedList();
     for (Iterator it = entries.iterator(); it.hasNext();)
       {
         Entry e = (Entry) it.next();
         if (e instanceof EnvelopeEntry)
           {
-            if (!((EnvelopeEntry) e).containsAlias(alias))
-              {
-                continue;
-              }
-            if (e instanceof MaskableEnvelopeEntry)
+            EnvelopeEntry ee = (EnvelopeEntry) e;
+            if (! ee.containsAlias(alias))
+              continue;
+            if (ee instanceof MaskableEnvelopeEntry)
               {
-                if (((MaskableEnvelopeEntry) e).isMasked())
+                MaskableEnvelopeEntry mee = (MaskableEnvelopeEntry) ee;
+                if (mee.isMasked())
                   {
-                    result.add(e);
+                    if (Configuration.DEBUG)
+                      log.fine("Processing masked entry: " + mee);
+                    result.add(mee);
                     continue;
                   }
               }
-            result.addAll(((EnvelopeEntry) e).get(alias));
+            if (Configuration.DEBUG)
+              log.fine("Processing unmasked entry: " + ee);
+            result.addAll(ee.get(alias));
           }
         else if (e instanceof PrimitiveEntry)
           {
-            if (((PrimitiveEntry) e).getAlias().equals(alias))
-              {
-                result.add(e);
-              }
+            PrimitiveEntry pe = (PrimitiveEntry) e;
+            if (pe.getAlias().equals(alias))
+              result.add(e);
           }
       }
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "get", result);
     return result;
   }
 
   /**
-   * Returns the list of all aliases contained by this envelope,
-   * separated by a semicolon (';').
-   *
+   * Returns the list of all aliases contained by this envelope, separated by a
+   * semicolon (';').
+   * 
    * @return The list of aliases.
    */
   public String getAliasList()
   {
     String list = properties.get("alias-list");
     if (list == null)
-      {
-        return "";
-      }
+      return "";
     else
-      {
-        return list;
-      }
+      return list;
   }
 
   /**
    * Removes the specified entry.
-   *
+   * 
    * @param entry The entry.
    * @return True if an entry was removed.
    */
   public boolean remove(Entry entry)
   {
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "remove", entry);
     boolean ret = false;
     for (Iterator it = entries.iterator(); it.hasNext();)
       {
@@ -268,36 +266,71 @@ public abstract class EnvelopeEntry extends Entry
       }
     if (ret)
       {
+        if (Configuration.DEBUG)
+          log.fine("State before: " + this);
         payload = null;
         makeAliasList();
+        if (Configuration.DEBUG)
+          log.fine("State after: " + this);
       }
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "remove", Boolean.valueOf(ret));
     return ret;
   }
 
   /**
    * Removes all primitive entries that have the specified alias.
-   *
+   * 
    * @param alias The alias of the entries to remove.
+   * @return <code>true</code> if <code>alias</code> was present and was
+   *         successfully trmoved. Returns <code>false</code> if
+   *         <code>alias</code> was not present in the list of aliases in this
+   *         envelope.
    */
-  public void remove(String alias)
+  public boolean remove(String alias)
   {
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "remove", alias);
+    boolean result = false;
     for (Iterator it = entries.iterator(); it.hasNext();)
       {
         Entry e = (Entry) it.next();
         if (e instanceof EnvelopeEntry)
           {
-            ((EnvelopeEntry) e).remove(alias);
+            EnvelopeEntry ee = (EnvelopeEntry) e;
+            result = ee.remove(alias) || result;
           }
         else if (e instanceof PrimitiveEntry)
           {
-            if (((PrimitiveEntry) e).getAlias().equals(alias))
+            PrimitiveEntry pe = (PrimitiveEntry) e;
+            if (pe.getAlias().equals(alias))
               {
                 it.remove();
+                result = true;
               }
           }
       }
-    payload = null;
-    makeAliasList();
+    if (result)
+      {
+        if (Configuration.DEBUG)
+          log.fine("State before: " + this);
+        payload = null;
+        makeAliasList();
+        if (Configuration.DEBUG)
+          log.fine("State after: " + this);
+      }
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "remove", Boolean.valueOf(result));
+    return result;
+  }
+
+  public String toString()
+  {
+    return new StringBuilder("Envelope{")
+        .append(super.toString())
+        .append(", entries=").append(entries)
+        .append("}")
+        .toString();
   }
 
   // Protected methods.
@@ -308,22 +341,19 @@ public abstract class EnvelopeEntry extends Entry
     ByteArrayOutputStream bout = new ByteArrayOutputStream(1024);
     DataOutputStream out = new DataOutputStream(bout);
     for (Iterator it = entries.iterator(); it.hasNext();)
-      {
-        ((Entry) it.next()).encode(out);
-      }
+      ((Entry) it.next()).encode(out);
   }
 
   protected void setContainingEnvelope(EnvelopeEntry e)
   {
     if (containingEnvelope != null)
-      {
-        throw new IllegalArgumentException("envelopes may not be shared");
-      }
+      throw new IllegalArgumentException("envelopes may not be shared");
     containingEnvelope = e;
   }
 
   protected void decodeEnvelope(DataInputStream in) throws IOException
   {
+    this.entries.clear();
     while (true)
       {
         int type = in.read();
@@ -367,32 +397,43 @@ public abstract class EnvelopeEntry extends Entry
       }
   }
 
-  // Own methods.
-  // ------------------------------------------------------------------------
-
   private void makeAliasList()
   {
-    if (entries.isEmpty())
-      return;
-    StringBuffer buf = new StringBuffer();
-    for (Iterator it = entries.iterator(); it.hasNext();)
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "makeAliasList");
+    if (! entries.isEmpty())
       {
-        Entry entry = (Entry) it.next();
-        if (entry instanceof EnvelopeEntry)
-          {
-            buf.append(((EnvelopeEntry) entry).getAliasList());
-          }
-        else if (entry instanceof PrimitiveEntry)
+        StringBuilder buf = new StringBuilder();
+        String aliasOrList;
+        for (Iterator it = entries.iterator(); it.hasNext();)
           {
-            buf.append(((PrimitiveEntry) entry).getAlias());
+            Entry entry = (Entry) it.next();
+            aliasOrList = null;
+            if (entry instanceof EnvelopeEntry)
+              aliasOrList = ((EnvelopeEntry) entry).getAliasList();
+            else if (entry instanceof PrimitiveEntry)
+              aliasOrList = ((PrimitiveEntry) entry).getAlias();
+            else if (Configuration.DEBUG)
+              log.fine("Entry with no Alias. Ignored: " + entry);
+            if (aliasOrList != null)
+              {
+                aliasOrList = aliasOrList.trim();
+                if (aliasOrList.trim().length() > 0)
+                  {
+                    buf.append(aliasOrList);
+                    if (it.hasNext())
+                      buf.append(';');
+                  }
+              }
           }
-        if (it.hasNext())
-          buf.append(';');
-      }
-    properties.put("alias-list", buf.toString());
-    if (containingEnvelope != null)
-      {
-        containingEnvelope.makeAliasList();
+        String aliasList = buf.toString();
+        properties.put("alias-list", aliasList);
+        if (Configuration.DEBUG)
+          log.fine("alias-list=[" + aliasList + "]");
+        if (containingEnvelope != null)
+          containingEnvelope.makeAliasList();
       }
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "makeAliasList");
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/keyring/GnuPrivateKeyring.java b/libjava/classpath/gnu/javax/crypto/keyring/GnuPrivateKeyring.java
index c1fe30e677b..2ccdad6b3e3 100644
--- a/libjava/classpath/gnu/javax/crypto/keyring/GnuPrivateKeyring.java
+++ b/libjava/classpath/gnu/javax/crypto/keyring/GnuPrivateKeyring.java
@@ -38,6 +38,7 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.keyring;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.Registry;
 
 import java.io.DataInputStream;
@@ -55,30 +56,21 @@ import java.util.logging.Level;
 import java.util.logging.Logger;
 
 /**
- * <p>.</p>
+ * 
  */
-public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring
+public class GnuPrivateKeyring
+    extends BaseKeyring
+    implements IPrivateKeyring
 {
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   private static final Logger log = Logger.getLogger(GnuPrivateKeyring.class.getName());
   public static final int USAGE = Registry.GKR_PRIVATE_KEYS
                                   | Registry.GKR_PUBLIC_CREDENTIALS;
-
   protected String mac;
-
   protected int maclen;
-
   protected String cipher;
-
   protected String mode;
-
   protected int keylen;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public GnuPrivateKeyring(String mac, int maclen, String cipher, String mode,
                            int keylen)
   {
@@ -97,16 +89,10 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring
     this("HMAC-SHA-1", 20, "AES", "OFB", 16);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   public boolean containsPrivateKey(String alias)
   {
-    log.entering(this.getClass().getName(), "containsPrivateKey", alias);
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "containsPrivateKey", alias);
     boolean result = false;
     if (containsAlias(alias))
       for (Iterator it = get(alias).iterator(); it.hasNext();)
@@ -115,33 +101,34 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring
             result = true;
             break;
           }
-
-    log.exiting(this.getClass().getName(), "containsPrivateKey",
-                Boolean.valueOf(result));
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "containsPrivateKey",
+                  Boolean.valueOf(result));
     return result;
   }
 
   public Key getPrivateKey(String alias, char[] password)
       throws UnrecoverableKeyException
   {
-    log.entering(this.getClass().getName(), "getPrivateKey",
-                 new Object[] { alias, String.valueOf(password) });
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "getPrivateKey", alias);
     Key result = null;
     if (containsAlias(alias))
       {
         PasswordAuthenticatedEntry e1 = null;
-        PasswordEncryptedEntry e2 = null;
         for (Iterator it = get(alias).iterator(); it.hasNext();)
           {
             Entry e = (Entry) it.next();
+            if (Configuration.DEBUG)
+              log.finest("Entry: " + e);
             if (e instanceof PasswordAuthenticatedEntry)
               {
                 e1 = (PasswordAuthenticatedEntry) e;
                 break;
               }
           }
-
+        if (Configuration.DEBUG)
+          log.fine("e1 = " + e1);
         if (e1 != null)
           {
             try
@@ -150,9 +137,11 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring
               }
             catch (Exception e)
               {
+                if (Configuration.DEBUG)
+                  log.throwing(this.getClass().getName(), "getPrivateKey", e);
                 throw new UnrecoverableKeyException("authentication failed");
               }
-
+            PasswordEncryptedEntry e2 = null;
             for (Iterator it = e1.getEntries().iterator(); it.hasNext();)
               {
                 Entry e = (Entry) it.next();
@@ -162,7 +151,6 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring
                     break;
                   }
               }
-
             if (e2 != null)
               {
                 try
@@ -171,9 +159,9 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring
                   }
                 catch (Exception e)
                   {
+                    log.throwing(this.getClass().getName(), "getPrivateKey", e);
                     throw new UnrecoverableKeyException("decryption failed");
                   }
-
                 for (Iterator it = e2.get(alias).iterator(); it.hasNext();)
                   {
                     Entry e = (Entry) it.next();
@@ -186,66 +174,67 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring
               }
           }
       }
-
-    log.exiting(this.getClass().getName(), "getPrivateKey", result);
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "getPrivateKey",
+                  result == null ? "null" : result.getClass().getName());
     return result;
   }
 
   public void putPrivateKey(String alias, Key key, char[] password)
   {
-    log.entering(this.getClass().getName(), "putPrivateKey",
-                 new Object[] { alias, key, String.valueOf(password) });
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "putPrivateKey",
+                   new Object[] { alias, key.getClass().getName() });
     if (! containsPrivateKey(alias))
       {
         alias = fixAlias(alias);
         Properties p = new Properties();
         p.put("alias", alias);
         PrivateKeyEntry pke = new PrivateKeyEntry(key, new Date(), p);
+        if (Configuration.DEBUG)
+          log.fine("About to encrypt the key...");
         PasswordEncryptedEntry enc;
         enc = new PasswordEncryptedEntry(cipher, mode, keylen, new Properties());
         enc.add(pke);
-
-        PasswordAuthenticatedEntry auth;
-        auth = new PasswordAuthenticatedEntry(mac, maclen, new Properties());
-        auth.add(enc);
-
-        log.finest("About to encrypt the key...");
         try
           {
             enc.encode(null, password);
           }
         catch (IOException x)
           {
-            log.log(Level.FINER, "Exception while encrypting the key. "
-                    + "Rethrow as IllegalArgumentException", x);
+            if (Configuration.DEBUG)
+              log.log(Level.FINE, "Exception while encrypting the key. "
+                                  + "Rethrow as IllegalArgumentException", x);
             throw new IllegalArgumentException(x.toString());
           }
-
-        log.finest("About to authenticate the encrypted key...");
+        if (Configuration.DEBUG)
+          log.fine("About to authenticate the encrypted key...");
+        PasswordAuthenticatedEntry auth;
+        auth = new PasswordAuthenticatedEntry(mac, maclen, new Properties());
+        auth.add(enc);
         try
           {
             auth.encode(null, password);
           }
         catch (IOException x)
           {
-            log.log(Level.FINER, "Exception while authenticating the encrypted "
-                    + "key. Rethrow as IllegalArgumentException", x);
+            if (Configuration.DEBUG)
+              log.log(Level.FINE, "Exception while authenticating the encrypted "
+                                  + "key. Rethrow as IllegalArgumentException", x);
             throw new IllegalArgumentException(x.toString());
           }
-
         keyring.add(auth);
       }
-    else
-      log.finer("Keyring already contains alias: " + alias);
-
-    log.exiting(this.getClass().getName(), "putPrivateKey");
+    else if (Configuration.DEBUG)
+      log.fine("Keyring already contains alias: " + alias);
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "putPrivateKey");
   }
 
   public boolean containsPublicKey(String alias)
   {
-    log.entering(this.getClass().getName(), "containsPublicKey", alias);
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "containsPublicKey", alias);
     boolean result = false;
     if (containsAlias(alias))
       for (Iterator it = get(alias).iterator(); it.hasNext();)
@@ -254,16 +243,16 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring
             result = true;
             break;
           }
-
-    log.exiting(this.getClass().getName(), "containsPublicKey",
-                Boolean.valueOf(result));
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "containsPublicKey",
+                  Boolean.valueOf(result));
     return result;
   }
 
   public PublicKey getPublicKey(String alias)
   {
-    log.entering(this.getClass().getName(), "getPublicKey", alias);
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "getPublicKey", alias);
     PublicKey result = null;
     if (containsAlias(alias))
       for (Iterator it = get(alias).iterator(); it.hasNext();)
@@ -275,32 +264,33 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring
               break;
             }
         }
-
-    log.exiting(this.getClass().getName(), "getPublicKey", result);
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "getPublicKey",
+                  result == null ? "null" : result.getClass().getName());
     return result;
   }
 
   public void putPublicKey(String alias, PublicKey key)
   {
-    log.entering(this.getClass().getName(), "putPublicKey",
-                 new Object[] { alias, key });
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "putPublicKey",
+                   new Object[] { alias, key.getClass().getName() });
     if (! containsPublicKey(alias))
       {
         Properties p = new Properties();
         p.put("alias", fixAlias(alias));
         add(new PublicKeyEntry(key, new Date(), p));
       }
-    else
-      log.finer("Keyring already contains alias: " + alias);
-
-    log.exiting(this.getClass().getName(), "putPublicKey");
+    else if (Configuration.DEBUG)
+      log.fine("Keyring already contains alias: " + alias);
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "putPublicKey");
   }
 
   public boolean containsCertPath(String alias)
   {
-    log.entering(this.getClass().getName(), "containsCertPath", alias);
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "containsCertPath", alias);
     boolean result = false;
     if (containsAlias(alias))
       for (Iterator it = get(alias).iterator(); it.hasNext();)
@@ -309,16 +299,16 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring
             result = true;
             break;
           }
-
-    log.exiting(this.getClass().getName(), "containsCertPath",
-                Boolean.valueOf(result));
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "containsCertPath",
+                  Boolean.valueOf(result));
     return result;
   }
 
   public Certificate[] getCertPath(String alias)
   {
-    log.entering(this.getClass().getName(), "getCertPath", alias);
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "getCertPath", alias);
     Certificate[] result = null;
     if (containsAlias(alias))
       for (Iterator it = get(alias).iterator(); it.hasNext();)
@@ -330,52 +320,49 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring
               break;
             }
         }
-
-    log.exiting(this.getClass().getName(), "getCertPath", result);
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "getCertPath", result);
     return result;
   }
 
   public void putCertPath(String alias, Certificate[] path)
   {
-    log.entering(this.getClass().getName(), "putCertPath",
-                 new Object[] { alias, path });
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "putCertPath",
+                   new Object[] { alias, path });
     if (! containsCertPath(alias))
       {
         Properties p = new Properties();
         p.put("alias", fixAlias(alias));
         add(new CertPathEntry(path, new Date(), p));
       }
-    else
-      log.finer("Keyring already contains alias: " + alias);
-
-    log.exiting(this.getClass().getName(), "putCertPath");
+    else if (Configuration.DEBUG)
+      log.fine("Keyring already contains alias: " + alias);
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "putCertPath");
   }
 
   protected void load(InputStream in, char[] password) throws IOException
   {
-    log.entering(this.getClass().getName(), "load",
-                 new Object[] { in, String.valueOf(password) });
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "load");
     if (in.read() != USAGE)
       throw new MalformedKeyringException("incompatible keyring usage");
-
     if (in.read() != PasswordAuthenticatedEntry.TYPE)
-      throw new MalformedKeyringException("expecting password-authenticated entry tag");
-
+      throw new MalformedKeyringException(
+          "expecting password-authenticated entry tag");
     keyring = PasswordAuthenticatedEntry.decode(new DataInputStream(in), password);
-
-    log.exiting(this.getClass().getName(), "load");
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "load");
   }
 
   protected void store(OutputStream out, char[] password) throws IOException
   {
-    log.entering(this.getClass().getName(), "store",
-                 new Object[] { out, String.valueOf(password) });
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "store");
     out.write(USAGE);
     keyring.encode(new DataOutputStream(out), password);
-
-    log.exiting(this.getClass().getName(), "store");
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "store");
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/keyring/GnuPublicKeyring.java b/libjava/classpath/gnu/javax/crypto/keyring/GnuPublicKeyring.java
index 490eb4458fa..5243919c3c9 100644
--- a/libjava/classpath/gnu/javax/crypto/keyring/GnuPublicKeyring.java
+++ b/libjava/classpath/gnu/javax/crypto/keyring/GnuPublicKeyring.java
@@ -38,6 +38,7 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.keyring;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.Registry;
 
 import java.io.DataInputStream;
@@ -50,17 +51,13 @@ import java.util.Date;
 import java.util.Iterator;
 import java.util.logging.Logger;
 
-public class GnuPublicKeyring extends BaseKeyring implements IPublicKeyring
+public class GnuPublicKeyring
+    extends BaseKeyring
+    implements IPublicKeyring
 {
-  // Fields.
-  // ------------------------------------------------------------------------
-
   private static final Logger log = Logger.getLogger(GnuPublicKeyring.class.getName());
   public static final int USAGE = Registry.GKR_CERTIFICATES;
 
-  // Constructors.
-  // ------------------------------------------------------------------------
-
   public GnuPublicKeyring(String mac, int macLen)
   {
     keyring = new PasswordAuthenticatedEntry(mac, macLen, new Properties());
@@ -72,13 +69,10 @@ public class GnuPublicKeyring extends BaseKeyring implements IPublicKeyring
   {
   }
 
-  // Instance methods.
-  // ------------------------------------------------------------------------
-
   public boolean containsCertificate(String alias)
   {
-    log.entering(this.getClass().getName(), "containsCertificate", alias);
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "containsCertificate", alias);
     boolean result = false;
     if (containsAlias(alias))
       for (Iterator it = get(alias).iterator(); it.hasNext();)
@@ -87,16 +81,16 @@ public class GnuPublicKeyring extends BaseKeyring implements IPublicKeyring
             result = true;
             break;
           }
-
-    log.exiting(this.getClass().getName(), "containsCertificate",
-                Boolean.valueOf(result));
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "containsCertificate",
+                  Boolean.valueOf(result));
     return result;
   }
 
   public Certificate getCertificate(String alias)
   {
-    log.entering(this.getClass().getName(), "getCertificate", alias);
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "getCertificate", alias);
     Certificate result = null;
     if (containsAlias(alias))
       for (Iterator it = get(alias).iterator(); it.hasNext();)
@@ -108,53 +102,50 @@ public class GnuPublicKeyring extends BaseKeyring implements IPublicKeyring
               break;
             }
         }
-
-    log.exiting(this.getClass().getName(), "getCertificate", result);
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "getCertificate", result);
     return result;
   }
 
   public void putCertificate(String alias, Certificate cert)
   {
-    log.entering(this.getClass().getName(), "putCertificate",
-                 new Object[] { alias, cert });
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "putCertificate",
+                   new Object[] { alias, cert });
     if (! containsCertificate(alias))
       {
         Properties p = new Properties();
         p.put("alias", fixAlias(alias));
         add(new CertificateEntry(cert, new Date(), p));
       }
-    else
-      log.finer("Keyring already contains alias: " + alias);
-
-    log.exiting(this.getClass().getName(), "putCertificate");
+    else if (Configuration.DEBUG)
+      log.fine("Keyring already contains alias: " + alias);
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "putCertificate");
   }
 
   protected void load(InputStream in, char[] password) throws IOException
   {
-    log.entering(this.getClass().getName(), "load",
-                 new Object[] { in, String.valueOf(password) });
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "load");
     if (in.read() != USAGE)
       throw new MalformedKeyringException("incompatible keyring usage");
-
     if (in.read() != PasswordAuthenticatedEntry.TYPE)
-      throw new MalformedKeyringException("expecting password-authenticated entry tag");
-
+      throw new MalformedKeyringException(
+          "expecting password-authenticated entry tag");
     DataInputStream dis = new DataInputStream(in);
     keyring = PasswordAuthenticatedEntry.decode(dis, password);
-
-    log.exiting(this.getClass().getName(), "load");
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "load");
   }
 
   protected void store(OutputStream out, char[] password) throws IOException
   {
-    log.entering(this.getClass().getName(), "store",
-                 new Object[] { out, String.valueOf(password) });
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "store");
     out.write(USAGE);
     keyring.encode(new DataOutputStream(out), password);
-
-    log.exiting(this.getClass().getName(), "store");
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "store");
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/keyring/IKeyring.java b/libjava/classpath/gnu/javax/crypto/keyring/IKeyring.java
index 56f467df26e..44d5377008a 100644
--- a/libjava/classpath/gnu/javax/crypto/keyring/IKeyring.java
+++ b/libjava/classpath/gnu/javax/crypto/keyring/IKeyring.java
@@ -44,120 +44,118 @@ import java.util.List;
 import java.util.Map;
 
 /**
- * <p>The top-level interface to a <i>keyring:</i> a file that is used to
- * store and protect public and private cryptographic keys.</p>
- *
- * <p>A <i>keyring</i> is modelled as a mapping of one <i>alias</i> to one or
- * more <i>entries</i> (optionally of different types).</p>
- *
- * <p>See also the sub-interfaces {@link IPublicKeyring} and
- * {@link IPrivateKeyring} for special types of <i>keyrings</i> --the difference
- * being in the type of entries they contain.</p>
+ * The top-level interface to a <i>keyring:</i> a file that is used to store
+ * and protect public and private cryptographic keys.
+ * <p>
+ * A <i>keyring</i> is modelled as a mapping of one <i>alias</i> to one or
+ * more <i>entries</i> (optionally of different types).
+ * <p>
+ * See also the sub-interfaces {@link IPublicKeyring} and
+ * {@link IPrivateKeyring} for special types of <i>keyrings</i> --the
+ * difference being in the type of entries they contain.
  */
 public interface IKeyring
 {
-
   /**
-   * <p>Property name for the source of data to load the keyring from. The
-   * value mapped must be a {@link java.io.InputStream}.</p>
+   * Property name for the source of data to load the keyring from. The value
+   * mapped must be a {@link java.io.InputStream}.
    */
   public static final String KEYRING_DATA_IN = "gnu.crypto.keyring.data.in";
 
   /**
-   * <p>Property name for the data sink to store the keyring to. The value
-   * mapped must be a {@link java.io.OutputStream}.</p>
+   * Property name for the data sink to store the keyring to. The value mapped
+   * must be a {@link java.io.OutputStream}.
    */
   public static final String KEYRING_DATA_OUT = "gun.crypto.keyring.data.out";
 
   /**
-   * <p>Property name for the keyring's top-level password, used to
-   * authenticate and/or transform the store itself. The mapped value must be a
-   * char array.</p>
+   * Property name for the keyring's top-level password, used to authenticate
+   * and/or transform the store itself. The mapped value must be a char array.
    */
   public static final String KEYRING_PASSWORD = "gnu.crypto.keyring.password";
 
   /**
-   * <p>Loads a keyring into memory.</p>
-   *
-   * <p>What happens to the current contents of this keyring? are the new ones
-   * merged with the current ones or do they simply replace them?</p>
-   *
+   * Loads a keyring into memory.
+   * <p>
+   * What happens to the current contents of this keyring? are the new ones
+   * merged with the current ones or do they simply replace them?
+   * 
    * @param attributes The attributes that designate the source where the store
-   * is to be loaded from. What happens
+   *          is to be loaded from. What happens
    * @throws IllegalArgumentException If the attributes are inappropriate.
    * @throws IOException If the keyring file cannot be read.
    * @throws SecurityException If the given password is incorrect, or if the
-   * top-level authentication or decryption fails.
+   *           top-level authentication or decryption fails.
    */
   void load(Map attributes) throws IOException;
 
   /**
-   * <p>Stores the contents of this keyring to persistent storage as specified
-   * by the designated <code>attributes</code>.</p>
-   *
+   * Stores the contents of this keyring to persistent storage as specified by
+   * the designated <code>attributes</code>.
+   * 
    * @param attributes the attributes that define where the contents of this
-   * keyring will be stored.
+   *          keyring will be stored.
    * @throws IOException if an exception occurs during the process.
    */
   void store(Map attributes) throws IOException;
 
   /**
-   * <p>Resets this keyring, clearing all sensitive data. This method always
-   * suceeds.</p>
+   * Resets this keyring, clearing all sensitive data. This method always
+   * suceeds.
    */
   void reset();
 
   /**
-   * <p>Returns the number of entries in this keyring.</p>
-   *
+   * Returns the number of entries in this keyring.
+   * 
    * @return The number of current entries in this keyring.
    */
   int size();
 
   /**
-   * <p>Returns an {@link Enumeration} of all aliases (instances of
-   * {@link String}) in this keyring.</p>
-   *
-   * @return The enumeration of {@link String}s each representing an
-   * <i>alias</i> found in this keyring.
+   * Returns an {@link Enumeration} of all aliases (instances of {@link String})
+   * in this keyring.
+   * 
+   * @return The enumeration of {@link String}s each representing an <i>alias</i>
+   *         found in this keyring.
    */
   Enumeration aliases();
 
   /**
    * Tests whether or not this keyring contains the given alias.
-   *
+   * 
    * @param alias The alias to check.
    * @return true if this keyring contains the alias.
    */
   boolean containsAlias(String alias);
 
   /**
-   * <p>Returns a {@link List} of entries (instances of {@link Entry}) for the
+   * Returns a {@link List} of entries (instances of {@link Entry}) for the
    * given <code>alias</code>, or <code>null</code> if there no such entry
-   * exists.</p>
-   *
+   * exists.
+   * 
    * @param alias The alias of the entry(ies) to return.
    * @return A list of all entries (instances of {@link Entry} that have the
-   * given <code>alias</code>, or <code>null</code> if no one {@link Entry} can
-   * be found with the designated <code>alias</code>.
+   *         given <code>alias</code>, or <code>null</code> if no one
+   *         {@link Entry} can be found with the designated <code>alias</code>.
    */
   List get(String alias);
 
   /**
-   * <p>Adds a designated {@link Entry} to this keyring.</p>
-   *
-   * <p>What happens if there is already an entry with the same alias?</p>
-   *
+   * Adds a designated {@link Entry} to this keyring.
+   * <p>
+   * What happens if there is already an entry with the same alias?
+   * 
    * @param entry The entry to put in this keyring.
    */
   void add(Entry entry);
 
   /**
-   * <p>Removes an entry with the designated <code>alias</code> from this
-   * keyring. Does nothing if there was no such entry.</p>
-   *
-   * <p>What happens if there are more than one?</p>
-   *
+   * Removes an entry with the designated <code>alias</code> from this
+   * keyring. Does nothing if there was no such entry.
+   * <p>
+   * What happens if there are more than one?
+   * 
    * @param alias The alias of the entry to remove.
    */
   void remove(String alias);
diff --git a/libjava/classpath/gnu/javax/crypto/keyring/IPrivateKeyring.java b/libjava/classpath/gnu/javax/crypto/keyring/IPrivateKeyring.java
index 66bbd84f568..9e2ceab9b95 100644
--- a/libjava/classpath/gnu/javax/crypto/keyring/IPrivateKeyring.java
+++ b/libjava/classpath/gnu/javax/crypto/keyring/IPrivateKeyring.java
@@ -44,41 +44,41 @@ import java.security.UnrecoverableKeyException;
 import java.security.cert.Certificate;
 
 /**
- * <p>An interface to private, or "personal", keyrings, which contain private
+ * An interface to private, or "personal", keyrings, which contain private
  * credentials. The contract is that each such entry is known by a unique
- * <i>alias</i>.</p>
- *
- * <p>What about public keys? and certificate-path?</p>
+ * <i>alias</i>.
+ * <p>
+ * What about public keys? and certificate-path?
  */
-public interface IPrivateKeyring extends IKeyring
+public interface IPrivateKeyring
+    extends IKeyring
 {
-
   /**
-   * <p>Tests if this keyring contains a private key entry with the given
-   * <code>alias</code>.</p>
-   *
+   * Tests if this keyring contains a private key entry with the given
+   * <code>alias</code>.
+   * 
    * @param alias The alias to check.
    * @return <code>true</code> if this keyring contains a private key with the
-   * given <code>alias</code>; <code>false</code> otherwise.</p>
+   *         given <code>alias</code>; <code>false</code> otherwise.
    */
   boolean containsPrivateKey(String alias);
 
   /**
-   * <p>Returns the private key with the given <code>alias</code>.</p>
-   *
+   * Returns the private key with the given <code>alias</code>.
+   * 
    * @param alias The alias of the private key to find.
    * @param password The password of the private key.
    * @return The private, or secret, key if one is found; <code>null</code> if
-   * none were found.
+   *         none were found.
    * @throws UnrecoverableKeyException If the private key could not be
-   * recovered, possibly due to a bad password.
+   *           recovered, possibly due to a bad password.
    */
   Key getPrivateKey(String alias, char[] password)
       throws UnrecoverableKeyException;
 
   /**
-   * <p>Adds a private key to this keyring.</p>
-   *
+   * Adds a private key to this keyring.
+   * 
    * @param alias The alias of the private key.
    * @param key The private key.
    * @param password The password used to protect this private key.
@@ -86,55 +86,57 @@ public interface IPrivateKeyring extends IKeyring
   void putPrivateKey(String alias, Key key, char[] password);
 
   /**
-   * <p>Checks if this keyring contains a public key with the given
-   * <code>alias</code>.</p>
-   *
+   * Checks if this keyring contains a public key with the given
+   * <code>alias</code>.
+   * 
    * @param alias The alias to test.
-   * @return <code>true</code> if this keyring contains a public key entry with
-   * the given <code>alias</code>; <code>false</code> otherwise.
+   * @return <code>true</code> if this keyring contains a public key entry
+   *         with the given <code>alias</code>; <code>false</code>
+   *         otherwise.
    */
   boolean containsPublicKey(String alias);
 
   /**
-   * <p>Returns the public key with the given <code>alias</code>, or
-   * <code>null</code> if there is no such entry.</p>
-   *
+   * Returns the public key with the given <code>alias</code>, or
+   * <code>null</code> if there is no such entry.
+   * 
    * @param alias The alias of the public key to find.
    * @return The public key; or <code>null</code> if none were found.
    */
   PublicKey getPublicKey(String alias);
 
   /**
-   * <p>Sets a public key entry.</p>
-   *
+   * Sets a public key entry.
+   * 
    * @param alias The alias for this public key.
    * @param key The public key.
    */
   void putPublicKey(String alias, PublicKey key);
 
   /**
-   * <p>Checks if this keyring contains a certificate path with the given
-   * <code>alias</code>.</p>
-   *
+   * Checks if this keyring contains a certificate path with the given
+   * <code>alias</code>.
+   * 
    * @param alias The alias to check.
-   * @return <code>true</code> if this keyring contains a certificate path with
-   * the given <code>alias</code>; <code>false</code> otherwise.
+   * @return <code>true</code> if this keyring contains a certificate path
+   *         with the given <code>alias</code>; <code>false</code>
+   *         otherwise.
    */
   boolean containsCertPath(String alias);
 
   /**
-   * <p>Returns the certificate path with the given <code>alias</code>, or
-   * <code>null</code> if there is no such entry.</p>
-   *
+   * Returns the certificate path with the given <code>alias</code>, or
+   * <code>null</code> if there is no such entry.
+   * 
    * @param alias The alias of the certificate path to find.
    * @return The certificate path for the designated <code>alias</code>; or
-   * <code>null</code> if none were found.
+   *         <code>null</code> if none were found.
    */
   Certificate[] getCertPath(String alias);
 
   /**
-   * <p>Sets a certificate path entry.</p>
-   *
+   * Sets a certificate path entry.
+   * 
    * @param alias The alias for this certificate path.
    * @param path The certificate path.
    */
diff --git a/libjava/classpath/gnu/javax/crypto/keyring/IPublicKeyring.java b/libjava/classpath/gnu/javax/crypto/keyring/IPublicKeyring.java
index ccf9ca73b55..efe568f185b 100644
--- a/libjava/classpath/gnu/javax/crypto/keyring/IPublicKeyring.java
+++ b/libjava/classpath/gnu/javax/crypto/keyring/IPublicKeyring.java
@@ -41,39 +41,40 @@ package gnu.javax.crypto.keyring;
 import java.security.cert.Certificate;
 
 /**
- * <p>An interface for keyrings that contain trusted (by the owner) public
- * credentials (incl. certificates).</p>
- *
+ * An interface for keyrings that contain trusted (by the owner) public
+ * credentials (incl. certificates).
+ * 
  * @see IKeyring
  */
-public interface IPublicKeyring extends IKeyring
+public interface IPublicKeyring
+    extends IKeyring
 {
-
   /**
-   * <p>Tests if this keyring contains a certificate entry with the specified
-   * <code>alias</code>.</p>
-   *
+   * Tests if this keyring contains a certificate entry with the specified
+   * <code>alias</code>.
+   * 
    * @param alias The alias of the certificate to check.
    * @return <code>true</code> if this keyring contains a certificate entry
-   * that has the given <code>alias</code>; <code>false</code> otherwise.
+   *         that has the given <code>alias</code>; <code>false</code>
+   *         otherwise.
    */
   boolean containsCertificate(String alias);
 
   /**
-   * <p>Returns a certificate that has the given <code>alias</code>, or
-   * <code>null</code> if this keyring has no such entry.</p>
-   *
+   * Returns a certificate that has the given <code>alias</code>, or
+   * <code>null</code> if this keyring has no such entry.
+   * 
    * @param alias The alias of the certificate to find.
    * @return The certificate with the designated <code>alias</code>, or
-   * <code>null</code> if none found.
+   *         <code>null</code> if none found.
    */
   Certificate getCertificate(String alias);
 
   /**
-   * <p>Adds a certificate in this keyring, with the given <code>alias</code>.</p>
-   *
-   * <p>What happens if there is already a certificate entry with this alias?</p>
-   *
+   * Adds a certificate in this keyring, with the given <code>alias</code>.
+   * <p>
+   * What happens if there is already a certificate entry with this alias?
+   * 
    * @param alias The alias of this certificate entry.
    * @param cert The certificate.
    */
diff --git a/libjava/classpath/gnu/javax/crypto/keyring/MalformedKeyringException.java b/libjava/classpath/gnu/javax/crypto/keyring/MalformedKeyringException.java
index 44c953946d4..0dab3a764c6 100644
--- a/libjava/classpath/gnu/javax/crypto/keyring/MalformedKeyringException.java
+++ b/libjava/classpath/gnu/javax/crypto/keyring/MalformedKeyringException.java
@@ -40,12 +40,9 @@ package gnu.javax.crypto.keyring;
 
 import java.io.IOException;
 
-public class MalformedKeyringException extends IOException
+public class MalformedKeyringException
+    extends IOException
 {
-
-  // Constructors.
-  // ------------------------------------------------------------------------
-
   public MalformedKeyringException()
   {
     super();
diff --git a/libjava/classpath/gnu/javax/crypto/keyring/MaskableEnvelopeEntry.java b/libjava/classpath/gnu/javax/crypto/keyring/MaskableEnvelopeEntry.java
index 7fed7c40c15..5206a5e071e 100644
--- a/libjava/classpath/gnu/javax/crypto/keyring/MaskableEnvelopeEntry.java
+++ b/libjava/classpath/gnu/javax/crypto/keyring/MaskableEnvelopeEntry.java
@@ -43,21 +43,15 @@ import java.util.List;
 
 /**
  * An envelope entry that can be "masked" -- placed in a state where the
- * envelope's contents cannot be accessed, due to the envelope not being
- * fully decoded, for example.
+ * envelope's contents cannot be accessed, due to the envelope not being fully
+ * decoded, for example.
  */
-public abstract class MaskableEnvelopeEntry extends EnvelopeEntry
+public abstract class MaskableEnvelopeEntry
+    extends EnvelopeEntry
 {
-
-  // Fields.
-  // ------------------------------------------------------------------------
-
   /** The masked state. */
   protected boolean masked;
 
-  // Constructors.
-  // ------------------------------------------------------------------------
-
   public MaskableEnvelopeEntry(int type, Properties properties)
   {
     super(type, properties);
@@ -68,12 +62,9 @@ public abstract class MaskableEnvelopeEntry extends EnvelopeEntry
     super(type);
   }
 
-  // Instance methods.
-  // ------------------------------------------------------------------------
-
   /**
    * Sets the masked state to the specified value.
-   *
+   * 
    * @param masked The new masked state.
    */
   protected final void setMasked(boolean masked)
@@ -84,7 +75,7 @@ public abstract class MaskableEnvelopeEntry extends EnvelopeEntry
   /**
    * Gets the masked state of this object. Certain operations on this object
    * will fail if it is masked.
-   *
+   * 
    * @return The current masked state.
    */
   public boolean isMasked()
@@ -95,54 +86,50 @@ public abstract class MaskableEnvelopeEntry extends EnvelopeEntry
   public void add(Entry entry)
   {
     if (isMasked())
-      {
-        throw new IllegalStateException("masked envelope");
-      }
+      throw new IllegalStateException("masked envelope");
     super.add(entry);
   }
 
   public boolean containsEntry(Entry entry)
   {
     if (isMasked())
-      {
-        throw new IllegalStateException("masked envelope");
-      }
+      throw new IllegalStateException("masked envelope");
     return super.containsEntry(entry);
   }
 
   public List getEntries()
   {
     if (isMasked())
-      {
-        throw new IllegalStateException("masked envelope");
-      }
+      throw new IllegalStateException("masked envelope");
     return new ArrayList(entries);
   }
 
   public List get(String alias)
   {
     if (isMasked())
-      {
-        throw new IllegalStateException("masked envelope");
-      }
+      throw new IllegalStateException("masked envelope");
     return super.get(alias);
   }
 
   public boolean remove(Entry entry)
   {
     if (isMasked())
-      {
-        throw new IllegalStateException("masked envelope");
-      }
+      throw new IllegalStateException("masked envelope");
     return super.remove(entry);
   }
 
-  public void remove(String alias)
+  public boolean remove(String alias)
   {
     if (isMasked())
-      {
-        throw new IllegalStateException("masked envelope");
-      }
-    super.remove(alias);
+      throw new IllegalStateException("masked envelope");
+    return super.remove(alias);
+  }
+
+  public String toString()
+  {
+    return new StringBuilder("MaskableEnvelope{")
+        .append(super.toString())
+        .append(", masked=").append(masked)
+        .append("}").toString();
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/keyring/MeteredInputStream.java b/libjava/classpath/gnu/javax/crypto/keyring/MeteredInputStream.java
index fcf2be746c9..330e4b20fb5 100644
--- a/libjava/classpath/gnu/javax/crypto/keyring/MeteredInputStream.java
+++ b/libjava/classpath/gnu/javax/crypto/keyring/MeteredInputStream.java
@@ -39,22 +39,15 @@ exception statement from your version.  */
 package gnu.javax.crypto.keyring;
 
 import java.io.FilterInputStream;
-import java.io.InputStream;
 import java.io.IOException;
+import java.io.InputStream;
 
-final class MeteredInputStream extends FilterInputStream
+final class MeteredInputStream
+    extends FilterInputStream
 {
-
-  // Fields.
-  // ------------------------------------------------------------------------
-
   private int count;
-
   private final int limit;
 
-  // Constructor.
-  // ------------------------------------------------------------------------
-
   MeteredInputStream(InputStream in, int limit)
   {
     super(in);
@@ -64,12 +57,9 @@ final class MeteredInputStream extends FilterInputStream
     count = 0;
   }
 
-  // Instance methods.
-  // ------------------------------------------------------------------------
-
   /**
    * Tests if the number of bytes read has reached the limit.
-   *
+   * 
    * @return True if the limit has been reached.
    */
   public boolean limitReached()
diff --git a/libjava/classpath/gnu/javax/crypto/keyring/PasswordAuthenticatedEntry.java b/libjava/classpath/gnu/javax/crypto/keyring/PasswordAuthenticatedEntry.java
index 2e3a0d145c8..be10029c8bc 100644
--- a/libjava/classpath/gnu/javax/crypto/keyring/PasswordAuthenticatedEntry.java
+++ b/libjava/classpath/gnu/javax/crypto/keyring/PasswordAuthenticatedEntry.java
@@ -38,9 +38,11 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.keyring;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.Registry;
 import gnu.java.security.prng.IRandom;
 import gnu.java.security.prng.LimitReachedException;
+import gnu.java.security.util.PRNG;
 import gnu.java.security.util.Util;
 import gnu.javax.crypto.mac.IMac;
 import gnu.javax.crypto.mac.MacFactory;
@@ -55,35 +57,27 @@ import java.io.DataInputStream;
 import java.io.DataOutputStream;
 import java.io.IOException;
 import java.security.InvalidKeyException;
-import java.security.SecureRandom;
 import java.util.Arrays;
-import java.util.Iterator;
 import java.util.HashMap;
+import java.util.Iterator;
+import java.util.logging.Logger;
 
 /**
- * <p>An entry authenticated with a password-based MAC.</p>
+ * An entry authenticated with a password-based MAC.
  */
-public final class PasswordAuthenticatedEntry extends MaskableEnvelopeEntry
+public final class PasswordAuthenticatedEntry
+    extends MaskableEnvelopeEntry
     implements PasswordProtectedEntry, Registry
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
+  private static final Logger log = Logger.getLogger(PasswordAuthenticatedEntry.class.getName());
   public static final int TYPE = 3;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public PasswordAuthenticatedEntry(String mac, int maclen,
                                     Properties properties)
   {
     super(TYPE, properties);
-
     if (mac == null || mac.length() == 0)
-      {
-        throw new IllegalArgumentException("no MAC specified");
-      }
+      throw new IllegalArgumentException("no MAC specified");
     this.properties.put("mac", mac);
     this.properties.put("maclen", String.valueOf(maclen));
     setMasked(false);
@@ -95,9 +89,6 @@ public final class PasswordAuthenticatedEntry extends MaskableEnvelopeEntry
     setMasked(true);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   public static PasswordAuthenticatedEntry decode(DataInputStream in,
                                                   char[] password)
       throws IOException
@@ -113,10 +104,8 @@ public final class PasswordAuthenticatedEntry extends MaskableEnvelopeEntry
     entry.decodeEnvelope(in2);
     byte[] macValue = new byte[mac.macSize()];
     in.readFully(macValue);
-    if (!Arrays.equals(macValue, mac.digest()))
-      {
-        throw new MalformedKeyringException("MAC verification failed");
-      }
+    if (! Arrays.equals(macValue, mac.digest()))
+      throw new MalformedKeyringException("MAC verification failed");
     return entry;
   }
 
@@ -125,74 +114,76 @@ public final class PasswordAuthenticatedEntry extends MaskableEnvelopeEntry
   {
     PasswordAuthenticatedEntry entry = new PasswordAuthenticatedEntry();
     entry.defaultDecode(in);
-    if (!entry.properties.containsKey("mac"))
-      {
-        throw new MalformedKeyringException("no MAC");
-      }
-    if (!entry.properties.containsKey("maclen"))
-      {
-        throw new MalformedKeyringException("no MAC length");
-      }
-    if (!entry.properties.containsKey("salt"))
-      {
-        throw new MalformedKeyringException("no salt");
-      }
+    if (! entry.properties.containsKey("mac"))
+      throw new MalformedKeyringException("no MAC");
+    if (! entry.properties.containsKey("maclen"))
+      throw new MalformedKeyringException("no MAC length");
+    if (! entry.properties.containsKey("salt"))
+      throw new MalformedKeyringException("no salt");
     return entry;
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   public void verify(char[] password)
   {
-    if (!isMasked() || payload == null)
-      {
-        return;
-      }
-    IMac m = null;
-    try
-      {
-        m = getMac(password);
-      }
-    catch (Exception x)
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "verify");
+    if (isMasked() && payload != null)
       {
-        throw new IllegalArgumentException(x.toString());
+        if (Configuration.DEBUG)
+          log.fine("payload to verify: " + Util.dumpString(payload));
+        long tt = -System.currentTimeMillis();
+        IMac m = null;
+        try
+          {
+            m = getMac(password);
+          }
+        catch (Exception x)
+          {
+            throw new IllegalArgumentException(x.toString(), x);
+          }
+        int limit = payload.length - m.macSize();
+        m.update(payload, 0, limit);
+        byte[] macValue = new byte[m.macSize()];
+        System.arraycopy(payload, payload.length - macValue.length, macValue,
+                         0, macValue.length);
+        if (! Arrays.equals(macValue, m.digest()))
+          throw new IllegalArgumentException("MAC verification failed");
+        setMasked(false);
+        ByteArrayInputStream bais;
+        try
+          {
+            bais = new ByteArrayInputStream(payload, 0, limit);
+            DataInputStream in = new DataInputStream(bais);
+            decodeEnvelope(in);
+          }
+        catch (IOException ioe)
+          {
+            throw new IllegalArgumentException("malformed keyring fragment");
+          }
+        tt += System.currentTimeMillis();
+        if (Configuration.DEBUG)
+          log.fine("Verified in " + tt + "ms.");
       }
-
-    m.update(payload, 0, payload.length - m.macSize());
-    byte[] macValue = new byte[m.macSize()];
-    System.arraycopy(payload, payload.length - macValue.length, macValue, 0,
-                     macValue.length);
-    if (!Arrays.equals(macValue, m.digest()))
-      {
-        throw new IllegalArgumentException("MAC verification failed");
-      }
-    try
-      {
-        DataInputStream in = new DataInputStream(
-                                                 new ByteArrayInputStream(
-                                                                          payload,
-                                                                          0,
-                                                                          payload.length
-                                                                              - m.macSize()));
-        decodeEnvelope(in);
-      }
-    catch (IOException ioe)
-      {
-        throw new IllegalArgumentException("malformed keyring fragment");
-      }
-    setMasked(false);
-    payload = null;
+    else if (Configuration.DEBUG)
+      log.fine("Skip verification; "
+               + (isMasked() ? "null payload" : "unmasked"));
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "verify");
   }
 
   public void authenticate(char[] password) throws IOException
   {
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "authenticate");
+    long tt = -System.currentTimeMillis();
+    long t1 = -System.currentTimeMillis();
     if (isMasked())
-      {
-        throw new IllegalStateException("entry is masked");
-      }
+      throw new IllegalStateException("entry is masked");
     byte[] salt = new byte[8];
-    new SecureRandom ().nextBytes (salt);
+    PRNG.getInstance().nextBytes(salt);
+    t1 += System.currentTimeMillis();
+    if (Configuration.DEBUG)
+      log.fine("-- Generated salt in " + t1 + "ms.");
     properties.put("salt", Util.toString(salt));
     IMac m = getMac(password);
     ByteArrayOutputStream bout = new ByteArrayOutputStream(1024);
@@ -201,10 +192,25 @@ public final class PasswordAuthenticatedEntry extends MaskableEnvelopeEntry
     for (Iterator it = entries.iterator(); it.hasNext();)
       {
         Entry entry = (Entry) it.next();
+        if (Configuration.DEBUG)
+          log.fine("-- About to authenticate one " + entry);
+        t1 = -System.currentTimeMillis();
         entry.encode(out2);
+        t1 += System.currentTimeMillis();
+        if (Configuration.DEBUG)
+          log.fine("-- Authenticated an Entry in " + t1 + "ms.");
       }
     bout.write(m.digest());
     payload = bout.toByteArray();
+    if (Configuration.DEBUG)
+      log.fine("authenticated payload: " + Util.dumpString(payload));
+    setMasked(true);
+    tt += System.currentTimeMillis();
+    if (Configuration.DEBUG)
+      {
+        log.fine("Authenticated in " + tt + "ms.");
+        log.exiting(this.getClass().getName(), "authenticate");
+      }
   }
 
   public void encode(DataOutputStream out, char[] password) throws IOException
@@ -217,48 +223,42 @@ public final class PasswordAuthenticatedEntry extends MaskableEnvelopeEntry
   {
     if (payload == null)
       {
+        log.fine("Null payload: " + this);
         throw new IllegalStateException("mac not computed");
       }
   }
 
-  // Own methods.
-  // ------------------------------------------------------------------------
-
   private IMac getMac(char[] password) throws MalformedKeyringException
   {
-    if (!properties.containsKey("salt"))
-      {
-        throw new MalformedKeyringException("no salt");
-      }
-    byte[] salt = Util.toBytesFromString(properties.get("salt"));
-    IMac mac = MacFactory.getInstance(properties.get("mac"));
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "getMac");
+    String saltString = properties.get("salt");
+    if (saltString == null)
+      throw new MalformedKeyringException("no salt");
+    byte[] salt = Util.toBytesFromString(saltString);
+    String macAlgorithm = properties.get("mac");
+    IMac mac = MacFactory.getInstance(macAlgorithm);
     if (mac == null)
-      {
-        throw new MalformedKeyringException("no such mac: "
-                                            + properties.get("mac"));
-      }
-    int keylen = mac.macSize();
-    int maclen = 0;
-    if (!properties.containsKey("maclen"))
-      {
-        throw new MalformedKeyringException("no MAC length");
-      }
+      throw new MalformedKeyringException("no such mac: " + macAlgorithm);
+    String macLenString = properties.get("maclen");
+    if (macLenString == null)
+      throw new MalformedKeyringException("no MAC length");
+    int maclen;
     try
       {
-        maclen = Integer.parseInt(properties.get("maclen"));
+        maclen = Integer.parseInt(macLenString);
       }
     catch (NumberFormatException nfe)
       {
         throw new MalformedKeyringException("bad MAC length");
       }
-
     HashMap pbAttr = new HashMap();
     pbAttr.put(IPBE.PASSWORD, password);
     pbAttr.put(IPBE.SALT, salt);
     pbAttr.put(IPBE.ITERATION_COUNT, ITERATION_COUNT);
     IRandom kdf = PRNGFactory.getInstance("PBKDF2-HMAC-SHA");
     kdf.init(pbAttr);
-
+    int keylen = mac.macSize();
     byte[] dk = new byte[keylen];
     try
       {
@@ -268,10 +268,9 @@ public final class PasswordAuthenticatedEntry extends MaskableEnvelopeEntry
       {
         throw new Error(shouldNotHappen.toString());
       }
-
     HashMap macAttr = new HashMap();
     macAttr.put(IMac.MAC_KEY_MATERIAL, dk);
-    macAttr.put(IMac.TRUNCATED_SIZE, new Integer(maclen));
+    macAttr.put(IMac.TRUNCATED_SIZE, Integer.valueOf(maclen));
     try
       {
         mac.init(macAttr);
@@ -280,6 +279,8 @@ public final class PasswordAuthenticatedEntry extends MaskableEnvelopeEntry
       {
         throw new Error(shouldNotHappen.toString());
       }
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "getMac");
     return mac;
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/keyring/PasswordEncryptedEntry.java b/libjava/classpath/gnu/javax/crypto/keyring/PasswordEncryptedEntry.java
index 26b4032bdfb..00031cbf1bb 100644
--- a/libjava/classpath/gnu/javax/crypto/keyring/PasswordEncryptedEntry.java
+++ b/libjava/classpath/gnu/javax/crypto/keyring/PasswordEncryptedEntry.java
@@ -38,11 +38,12 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.keyring;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.Registry;
 import gnu.java.security.prng.IRandom;
 import gnu.java.security.prng.LimitReachedException;
+import gnu.java.security.util.PRNG;
 import gnu.java.security.util.Util;
-
 import gnu.javax.crypto.cipher.CipherFactory;
 import gnu.javax.crypto.cipher.IBlockCipher;
 import gnu.javax.crypto.mode.IMode;
@@ -58,41 +59,28 @@ import java.io.ByteArrayOutputStream;
 import java.io.DataInputStream;
 import java.io.DataOutputStream;
 import java.io.IOException;
-
 import java.security.InvalidKeyException;
-import java.security.SecureRandom;
-
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.Date;
-import java.util.Iterator;
 import java.util.HashMap;
-import java.util.List;
+import java.util.Iterator;
+import java.util.logging.Logger;
 
 /**
  * An envelope that is encrypted with a password-derived key.
  */
-public class PasswordEncryptedEntry extends MaskableEnvelopeEntry implements
-    PasswordProtectedEntry, Registry
+public class PasswordEncryptedEntry
+    extends MaskableEnvelopeEntry
+    implements PasswordProtectedEntry, Registry
 {
-
-  // Constants and fields.
-  // ------------------------------------------------------------------------
-
+  private static final Logger log = Logger.getLogger(PasswordEncryptedEntry.class.getName());
   public static final int TYPE = 1;
 
-  // Constructors.
-  // ------------------------------------------------------------------------
-
   public PasswordEncryptedEntry(String cipher, String mode, int keylen,
                                 Properties properties)
   {
     super(TYPE, properties);
     if ((cipher == null || cipher.length() == 0)
         || (mode == null || mode.length() == 0))
-      {
-        throw new IllegalArgumentException("cipher nor mode can be empty");
-      }
+      throw new IllegalArgumentException("cipher nor mode can be empty");
     this.properties.put("cipher", cipher);
     this.properties.put("mode", mode);
     this.properties.put("keylen", String.valueOf(keylen));
@@ -105,9 +93,6 @@ public class PasswordEncryptedEntry extends MaskableEnvelopeEntry implements
     setMasked(true);
   }
 
-  // Class methods.
-  // ------------------------------------------------------------------------
-
   public static PasswordEncryptedEntry decode(DataInputStream in,
                                               char[] password)
       throws IOException
@@ -132,49 +117,57 @@ public class PasswordEncryptedEntry extends MaskableEnvelopeEntry implements
     return entry;
   }
 
-  // Instance methods.
-  // ------------------------------------------------------------------------
-
   public void decrypt(char[] password) throws IllegalArgumentException,
       WrongPaddingException
   {
-    if (!isMasked() || payload == null)
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "decrypt");
+    if (isMasked() && payload != null)
       {
-        return;
-      }
-    IMode mode = getMode(password, IMode.DECRYPTION);
-    IPad padding = PadFactory.getInstance("PKCS7");
-    padding.init(mode.currentBlockSize());
-    byte[] buf = new byte[payload.length];
-    int count = 0;
-    for (int i = 0; i < payload.length; i++)
-      {
-        mode.update(payload, count, buf, count);
-        count += mode.currentBlockSize();
-      }
-    int padlen = padding.unpad(buf, 0, buf.length);
-    DataInputStream in = new DataInputStream(
-                                             new ByteArrayInputStream(
-                                                                      buf,
-                                                                      0,
-                                                                      buf.length
-                                                                          - padlen));
-    try
-      {
-        decodeEnvelope(in);
-      }
-    catch (IOException ioe)
-      {
-        throw new IllegalArgumentException("decryption failed");
+        long tt = -System.currentTimeMillis();
+        IMode mode = getMode(password, IMode.DECRYPTION);
+        IPad padding = PadFactory.getInstance("PKCS7");
+        padding.init(mode.currentBlockSize());
+        byte[] buf = new byte[payload.length];
+        int count = 0;
+        while (count + mode.currentBlockSize() <= payload.length)
+          {
+            mode.update(payload, count, buf, count);
+            count += mode.currentBlockSize();
+          }
+        int padlen = padding.unpad(buf, 0, buf.length);
+        setMasked(false);
+        int len = buf.length - padlen;
+        ByteArrayInputStream baos = new ByteArrayInputStream(buf, 0, len);
+        DataInputStream in = new DataInputStream(baos);
+        try
+          {
+            decodeEnvelope(in);
+          }
+        catch (IOException ioe)
+          {
+            throw new IllegalArgumentException("decryption failed");
+          }
+        tt += System.currentTimeMillis();
+        log.fine("Decrypted in " + tt + "ms.");
       }
-    setMasked(false);
-    payload = null;
+    else if (Configuration.DEBUG)
+      log.fine("Skip decryption; " + (isMasked() ? "null payload" : "unmasked"));
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "decrypt");
   }
 
   public void encrypt(char[] password) throws IOException
   {
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "encrypt", String.valueOf(password));
+    long tt = -System.currentTimeMillis();
+    long t1 = -System.currentTimeMillis();
     byte[] salt = new byte[8];
-    new SecureRandom ().nextBytes (salt);
+    PRNG.getInstance().nextBytes(salt);
+    t1 += System.currentTimeMillis();
+    if (Configuration.DEBUG)
+      log.fine("-- Generated salt in " + t1 + "ms.");
     properties.put("salt", Util.toString(salt));
     IMode mode = getMode(password, IMode.ENCRYPTION);
     IPad pad = PadFactory.getInstance("PKCS7");
@@ -184,7 +177,13 @@ public class PasswordEncryptedEntry extends MaskableEnvelopeEntry implements
     for (Iterator it = entries.iterator(); it.hasNext();)
       {
         Entry entry = (Entry) it.next();
+        if (Configuration.DEBUG)
+          log.fine("-- About to encode one " + entry);
+        t1 = -System.currentTimeMillis();
         entry.encode(out2);
+        t1 += System.currentTimeMillis();
+        if (Configuration.DEBUG)
+          log.fine("-- Encoded an Entry in " + t1 + "ms.");
       }
     byte[] plaintext = bout.toByteArray();
     byte[] padding = pad.pad(plaintext, 0, plaintext.length);
@@ -200,6 +199,13 @@ public class PasswordEncryptedEntry extends MaskableEnvelopeEntry implements
         count += mode.currentBlockSize();
       }
     mode.update(lastBlock, 0, payload, count);
+    setMasked(true);
+    tt += System.currentTimeMillis();
+    if (Configuration.DEBUG)
+      {
+        log.fine("Encrypted in " + tt + "ms.");
+        log.exiting(this.getClass().getName(), "encrypt");
+      }
   }
 
   public void encode(DataOutputStream out, char[] password) throws IOException
@@ -212,60 +218,46 @@ public class PasswordEncryptedEntry extends MaskableEnvelopeEntry implements
   {
     if (payload == null)
       {
+        if (Configuration.DEBUG)
+          log.fine("Null payload: " + this);
         throw new IllegalStateException("not encrypted");
       }
   }
 
-  // Own methods.
-  // ------------------------------------------------------------------------
-
   private IMode getMode(char[] password, int state)
   {
     String s = properties.get("salt");
     if (s == null)
-      {
-        throw new IllegalArgumentException("no salt");
-      }
+      throw new IllegalArgumentException("no salt");
     byte[] salt = Util.toBytesFromString(s);
     IBlockCipher cipher = CipherFactory.getInstance(properties.get("cipher"));
     if (cipher == null)
-      {
-        throw new IllegalArgumentException("no such cipher: "
-                                           + properties.get("cipher"));
-      }
+      throw new IllegalArgumentException("no such cipher: "
+                                         + properties.get("cipher"));
     int blockSize = cipher.defaultBlockSize();
     if (properties.containsKey("block-size"))
-      {
-        try
-          {
-            blockSize = Integer.parseInt(properties.get("block-size"));
-          }
-        catch (NumberFormatException nfe)
-          {
-            throw new IllegalArgumentException("bad block size: "
-                                               + nfe.getMessage());
-          }
-      }
-    IMode mode = ModeFactory.getInstance(properties.get("mode"), cipher,
-                                         blockSize);
+      try
+        {
+          blockSize = Integer.parseInt(properties.get("block-size"));
+        }
+      catch (NumberFormatException nfe)
+        {
+          throw new IllegalArgumentException("bad block size: "
+                                             + nfe.getMessage());
+        }
+    String modeName = properties.get("mode");
+    IMode mode = ModeFactory.getInstance(modeName, cipher, blockSize);
     if (mode == null)
-      {
-        throw new IllegalArgumentException("no such mode: "
-                                           + properties.get("mode"));
-      }
-
+      throw new IllegalArgumentException("no such mode: " + modeName);
     HashMap pbAttr = new HashMap();
     pbAttr.put(IPBE.PASSWORD, password);
     pbAttr.put(IPBE.SALT, salt);
     pbAttr.put(IPBE.ITERATION_COUNT, ITERATION_COUNT);
     IRandom kdf = PRNGFactory.getInstance("PBKDF2-HMAC-SHA");
     kdf.init(pbAttr);
-
     int keylen = 0;
-    if (!properties.containsKey("keylen"))
-      {
-        throw new IllegalArgumentException("no key length");
-      }
+    if (! properties.containsKey("keylen"))
+      throw new IllegalArgumentException("no key length");
     try
       {
         keylen = Integer.parseInt(properties.get("keylen"));
@@ -286,7 +278,7 @@ public class PasswordEncryptedEntry extends MaskableEnvelopeEntry implements
       }
     HashMap modeAttr = new HashMap();
     modeAttr.put(IMode.KEY_MATERIAL, dk);
-    modeAttr.put(IMode.STATE, new Integer(state));
+    modeAttr.put(IMode.STATE, Integer.valueOf(state));
     modeAttr.put(IMode.IV, iv);
     try
       {
diff --git a/libjava/classpath/gnu/javax/crypto/keyring/PasswordProtectedEntry.java b/libjava/classpath/gnu/javax/crypto/keyring/PasswordProtectedEntry.java
index 0dcf73eb8d2..5eff637927a 100644
--- a/libjava/classpath/gnu/javax/crypto/keyring/PasswordProtectedEntry.java
+++ b/libjava/classpath/gnu/javax/crypto/keyring/PasswordProtectedEntry.java
@@ -43,21 +43,12 @@ import java.io.IOException;
 
 public interface PasswordProtectedEntry
 {
-
-  // Constant.
-  // ------------------------------------------------------------------------
-
-  /**
-   * The iteration count for password-based KDFs.
-   */
-  Integer ITERATION_COUNT = new Integer(1000);
-
-  // Method.
-  // ------------------------------------------------------------------------
+  /** The iteration count for password-based KDFs. */
+  Integer ITERATION_COUNT = Integer.valueOf(1000);
 
   /**
    * Encodes this entry, protected by a password.
-   *
+   * 
    * @param out The output stream to encode to.
    * @param password The password.
    * @throws IOException If an I/O error occurs.
diff --git a/libjava/classpath/gnu/javax/crypto/keyring/PrimitiveEntry.java b/libjava/classpath/gnu/javax/crypto/keyring/PrimitiveEntry.java
index 4c9ff0ff1d9..194fe9eeec1 100644
--- a/libjava/classpath/gnu/javax/crypto/keyring/PrimitiveEntry.java
+++ b/libjava/classpath/gnu/javax/crypto/keyring/PrimitiveEntry.java
@@ -43,36 +43,24 @@ import java.util.Date;
 /**
  * A primitive entry is an entry that contains a single cryptographic entity.
  */
-public abstract class PrimitiveEntry extends Entry
+public abstract class PrimitiveEntry
+    extends Entry
 {
-
-  // Fields.
-  // ------------------------------------------------------------------------
-
   /** The creation date. */
   protected Date creationDate;
 
-  // Constructor.
-  // ------------------------------------------------------------------------
-
   protected PrimitiveEntry(int type, Date creationDate, Properties properties)
   {
     super(type, properties);
     if (creationDate == null)
-      {
-        this.creationDate = new Date();
-      }
+      this.creationDate = new Date();
     else
-      {
-        this.creationDate = (Date) creationDate.clone();
-      }
-    if (!this.properties.containsKey("alias")
+      this.creationDate = (Date) creationDate.clone();
+    if (! this.properties.containsKey("alias")
         || this.properties.get("alias").length() == 0)
-      {
-        throw new IllegalArgumentException(
-                                           "primitive entries MUST have an alias");
-      }
-    this.properties.put("creation-date", String.valueOf(creationDate.getTime()));
+      throw new IllegalArgumentException("primitive entries MUST have an alias");
+    this.properties.put("creation-date",
+                        String.valueOf(this.creationDate.getTime()));
   }
 
   protected PrimitiveEntry(int type)
@@ -80,12 +68,9 @@ public abstract class PrimitiveEntry extends Entry
     super(type);
   }
 
-  // Instance method.
-  // ------------------------------------------------------------------------
-
   /**
    * Returns the alias of this primitive entry.
-   *
+   * 
    * @return The alias.
    */
   public String getAlias()
@@ -95,7 +80,7 @@ public abstract class PrimitiveEntry extends Entry
 
   /**
    * Returns the creation date of this primitive entry.
-   *
+   * 
    * @return The creation date.
    */
   public Date getCreationDate()
@@ -105,7 +90,7 @@ public abstract class PrimitiveEntry extends Entry
 
   public boolean equals(Object object)
   {
-    if (!getClass().equals(object.getClass()))
+    if (! getClass().equals(object.getClass()))
       return false;
     return getAlias().equals(((PrimitiveEntry) object).getAlias());
   }
@@ -114,9 +99,7 @@ public abstract class PrimitiveEntry extends Entry
   {
     String s = properties.get("creation-date");
     if (s == null)
-      {
-        throw new MalformedKeyringException("no creation date");
-      }
+      throw new MalformedKeyringException("no creation date");
     try
       {
         creationDate = new Date(Long.parseLong(s));
diff --git a/libjava/classpath/gnu/javax/crypto/keyring/PrivateKeyEntry.java b/libjava/classpath/gnu/javax/crypto/keyring/PrivateKeyEntry.java
index 88249563341..23244afee8d 100644
--- a/libjava/classpath/gnu/javax/crypto/keyring/PrivateKeyEntry.java
+++ b/libjava/classpath/gnu/javax/crypto/keyring/PrivateKeyEntry.java
@@ -42,12 +42,10 @@ import gnu.java.security.key.IKeyPairCodec;
 import gnu.java.security.key.KeyPairCodecFactory;
 import gnu.java.security.key.dss.DSSPrivateKey;
 import gnu.java.security.key.rsa.GnuRSAPrivateKey;
-
 import gnu.javax.crypto.key.GnuSecretKey;
 import gnu.javax.crypto.key.dh.GnuDHPrivateKey;
 
 import java.io.DataInputStream;
-import java.io.DataOutputStream;
 import java.io.IOException;
 import java.security.Key;
 import java.security.KeyFactory;
@@ -56,25 +54,18 @@ import java.security.spec.PKCS8EncodedKeySpec;
 import java.util.Date;
 
 /**
- * <p>An immutable class representing a private or secret key entry.</p>
+ * An immutable class representing a private or secret key entry.
  */
-public final class PrivateKeyEntry extends PrimitiveEntry
+public final class PrivateKeyEntry
+    extends PrimitiveEntry
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   public static final int TYPE = 7;
-
   /** The key. */
   private Key key;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Creates a new key entry.</p>
-   *
+   * Creates a new key entry.
+   * 
    * @param key The key.
    * @param creationDate The entry creation date.
    * @param properties The entry properties.
@@ -83,15 +74,10 @@ public final class PrivateKeyEntry extends PrimitiveEntry
   public PrivateKeyEntry(Key key, Date creationDate, Properties properties)
   {
     super(TYPE, creationDate, properties);
-
     if (key == null)
-      {
-        throw new IllegalArgumentException("no private key");
-      }
-    if (!(key instanceof PrivateKey) && !(key instanceof GnuSecretKey))
-      {
-        throw new IllegalArgumentException("not a private or secret key");
-      }
+      throw new IllegalArgumentException("no private key");
+    if (! (key instanceof PrivateKey) && ! (key instanceof GnuSecretKey))
+      throw new IllegalArgumentException("not a private or secret key");
     this.key = key;
   }
 
@@ -100,18 +86,13 @@ public final class PrivateKeyEntry extends PrimitiveEntry
     super(TYPE);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   public static PrivateKeyEntry decode(DataInputStream in) throws IOException
   {
     PrivateKeyEntry entry = new PrivateKeyEntry();
     entry.defaultDecode(in);
     String type = entry.properties.get("type");
     if (type == null)
-      {
-        throw new MalformedKeyringException("no key type");
-      }
+      throw new MalformedKeyringException("no key type");
     if (type.equalsIgnoreCase("RAW-DSS"))
       {
         IKeyPairCodec coder = KeyPairCodecFactory.getInstance("dss");
@@ -128,18 +109,16 @@ public final class PrivateKeyEntry extends PrimitiveEntry
         entry.key = coder.decodePrivateKey(entry.payload);
       }
     else if (type.equalsIgnoreCase("RAW"))
-      {
-        entry.key = new GnuSecretKey(entry.payload, null);
-      }
+      entry.key = new GnuSecretKey(entry.payload, null);
     else if (type.equalsIgnoreCase("PKCS8"))
       {
         try
           {
             KeyFactory kf = KeyFactory.getInstance("RSA");
-            entry.key = kf.generatePrivate(new PKCS8EncodedKeySpec(
-                                                                   entry.payload));
+            PKCS8EncodedKeySpec ks = new PKCS8EncodedKeySpec(entry.payload);
+            entry.key = kf.generatePrivate(ks);
           }
-        catch (Exception x)
+        catch (Exception ignored)
           {
           }
         if (entry.key == null)
@@ -147,32 +126,24 @@ public final class PrivateKeyEntry extends PrimitiveEntry
             try
               {
                 KeyFactory kf = KeyFactory.getInstance("DSA");
-                entry.key = kf.generatePrivate(new PKCS8EncodedKeySpec(
-                                                                       entry.payload));
+                PKCS8EncodedKeySpec ks = new PKCS8EncodedKeySpec(entry.payload);
+                entry.key = kf.generatePrivate(ks);
               }
-            catch (Exception x)
+            catch (Exception ignored)
               {
               }
             if (entry.key == null)
-              {
-                throw new MalformedKeyringException(
-                                                    "could not decode PKCS#8 key");
-              }
+              throw new MalformedKeyringException("could not decode PKCS#8 key");
           }
       }
     else
-      {
-        throw new MalformedKeyringException("unsupported key type " + type);
-      }
+      throw new MalformedKeyringException("unsupported key type " + type);
     return entry;
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns this entry's key.</p>
-   *
+   * Returns this entry's key.
+   * 
    * @return The key.
    */
   public Key getKey()
@@ -212,8 +183,12 @@ public final class PrivateKeyEntry extends PrimitiveEntry
         payload = key.getEncoded();
       }
     else
-      {
-        throw new IllegalArgumentException("unsupported private key");
-      }
+      throw new IllegalArgumentException("unsupported private key");
+  }
+
+  public String toString()
+  {
+    return "PrivateKeyEntry{key="
+           + (key == null ? "-" : key.getClass().getName()) + "}";
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/keyring/Properties.java b/libjava/classpath/gnu/javax/crypto/keyring/Properties.java
index 646b5711df2..b833a74aeab 100644
--- a/libjava/classpath/gnu/javax/crypto/keyring/Properties.java
+++ b/libjava/classpath/gnu/javax/crypto/keyring/Properties.java
@@ -42,27 +42,20 @@ import java.io.ByteArrayOutputStream;
 import java.io.DataInputStream;
 import java.io.DataOutputStream;
 import java.io.IOException;
-
 import java.util.HashMap;
 import java.util.Iterator;
 import java.util.Map;
 
 /**
  * A set of <code>(name =&gt; value)</code> pairs used in keyring entries.
- * Keys and values are simple strings, with the key never being empty and
- * always treated case-insensitively.
+ * Keys and values are simple strings, with the key never being empty and always
+ * treated case-insensitively.
  */
-public class Properties implements Cloneable
+public class Properties
+    implements Cloneable
 {
-
-  // Field.
-  // ------------------------------------------------------------------------
-
   private HashMap props;
 
-  // Constructor.
-  // ------------------------------------------------------------------------
-
   /**
    * Creates a new properties object.
    */
@@ -71,9 +64,6 @@ public class Properties implements Cloneable
     props = new HashMap();
   }
 
-  // Instance methods.
-  // ------------------------------------------------------------------------
-
   /**
    * Removes all properties from this object.
    */
@@ -84,7 +74,7 @@ public class Properties implements Cloneable
 
   /**
    * Creates a copy of this properties object.
-   *
+   * 
    * @return The copy.
    */
   public Object clone()
@@ -96,86 +86,75 @@ public class Properties implements Cloneable
 
   /**
    * Tests if this object contains a given property name.
-   *
+   * 
    * @param key The key to test.
    * @return True if this object contains the given key.
    */
   public boolean containsKey(String key)
   {
     if (key == null || key.length() == 0)
-      {
-        return false;
-      }
+      return false;
     return props.containsKey(canonicalize(key));
   }
 
   /**
    * Tests if this object contains a given property value.
-   *
+   * 
    * @param value The value to test.
    * @return True if this object contains the given value.
    */
   public boolean containsValue(String value)
   {
     if (value == null)
-      {
-        return false;
-      }
+      return false;
     return props.containsValue(value);
   }
 
   /**
    * Adds a new property to this object.
-   *
+   * 
    * @param key The key, which can neither be null nor empty.
    * @param value The value, which cannot be null.
    * @return The old value mapped by the key, if any.
-   * @throws IllegalArgumentException If either the key or value parameter
-
-   *   is null, or if the key is empty.
+   * @throws IllegalArgumentException If either the key or value parameter is
+   *           null, or if the key is empty.
    */
   public String put(String key, String value)
   {
     if (key == null || value == null || key.length() == 0)
-      {
-        throw new IllegalArgumentException("key nor value can be null");
-      }
+      throw new IllegalArgumentException("key nor value can be null");
     return (String) props.put(canonicalize(key), value);
   }
 
   /**
-   * Returns the value mapped by the given key, or null if there is no
-   * such mapping.
-   *
+   * Returns the value mapped by the given key, or null if there is no such
+   * mapping.
+   * 
    * @param key
    */
   public String get(String key)
   {
     if (key == null || key.length() == 0)
-      {
-        return null;
-      }
+      return null;
     return (String) props.get(canonicalize(key));
   }
 
   /**
    * Removes a key and its value from this object.
-   *
+   * 
    * @param key The key of the property to remove.
    * @return The old value mapped by the key, if any.
    */
   public String remove(String key)
   {
     if (key == null || key.length() == 0)
-      {
-        return null;
-      }
+      return null;
     return (String) props.remove(canonicalize(key));
   }
 
   /**
    * Decodes a set of properties from the given input stream.
-   *
+   * 
    * @param in The input stream.
    * @throws IOException If an I/O error occurs.
    */
@@ -184,7 +163,7 @@ public class Properties implements Cloneable
     int len = in.readInt();
     MeteredInputStream min = new MeteredInputStream(in, len);
     DataInputStream in2 = new DataInputStream(min);
-    while (!min.limitReached())
+    while (! min.limitReached())
       {
         String name = in2.readUTF();
         String value = in2.readUTF();
@@ -194,7 +173,7 @@ public class Properties implements Cloneable
 
   /**
    * Encodes this set of properties to the given output stream.
-   *
+   * 
    * @param out The output stream to encode to.
    * @throws IOException If an I/O error occurs.
    */
@@ -217,9 +196,6 @@ public class Properties implements Cloneable
     return props.toString();
   }
 
-  // Own methods.
-  // ------------------------------------------------------------------------
-
   private String canonicalize(String key)
   {
     return key.toLowerCase();
diff --git a/libjava/classpath/gnu/javax/crypto/keyring/PublicKeyEntry.java b/libjava/classpath/gnu/javax/crypto/keyring/PublicKeyEntry.java
index 528e70cc648..3e7f54d3e20 100644
--- a/libjava/classpath/gnu/javax/crypto/keyring/PublicKeyEntry.java
+++ b/libjava/classpath/gnu/javax/crypto/keyring/PublicKeyEntry.java
@@ -38,43 +38,30 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.keyring;
 
-import java.io.DataInputStream;
-import java.io.DataOutputStream;
-import java.io.IOException;
-
-import java.security.PublicKey;
-import java.security.KeyFactory;
-import java.security.spec.X509EncodedKeySpec;
-
-import java.util.Date;
-
 import gnu.java.security.key.IKeyPairCodec;
 import gnu.java.security.key.KeyPairCodecFactory;
 import gnu.java.security.key.dss.DSSPublicKey;
 import gnu.java.security.key.rsa.GnuRSAPublicKey;
 import gnu.javax.crypto.key.dh.GnuDHPublicKey;
 
-public final class PublicKeyEntry extends PrimitiveEntry
-{
-
-  // Constants and fields.
-  // ------------------------------------------------------------------------
+import java.io.DataInputStream;
+import java.io.IOException;
+import java.security.KeyFactory;
+import java.security.PublicKey;
+import java.security.spec.X509EncodedKeySpec;
+import java.util.Date;
 
+public final class PublicKeyEntry
+    extends PrimitiveEntry
+{
   public static final int TYPE = 6;
-
   private PublicKey key;
 
-  // Constructor.
-  // ------------------------------------------------------------------------
-
   public PublicKeyEntry(PublicKey key, Date creationDate, Properties properties)
   {
     super(TYPE, creationDate, properties);
-
     if (key == null)
-      {
-        throw new IllegalArgumentException("no key specified");
-      }
+      throw new IllegalArgumentException("no key specified");
     this.key = key;
   }
 
@@ -83,18 +70,13 @@ public final class PublicKeyEntry extends PrimitiveEntry
     super(TYPE);
   }
 
-  // Class method.
-  // ------------------------------------------------------------------------
-
   public static PublicKeyEntry decode(DataInputStream in) throws IOException
   {
     PublicKeyEntry entry = new PublicKeyEntry();
     entry.defaultDecode(in);
     String type = entry.properties.get("type");
     if (type == null)
-      {
-        throw new MalformedKeyringException("no key type");
-      }
+      throw new MalformedKeyringException("no key type");
     if (type.equalsIgnoreCase("RAW-DSS"))
       {
         IKeyPairCodec coder = KeyPairCodecFactory.getInstance("dss");
@@ -125,33 +107,23 @@ public final class PublicKeyEntry extends PrimitiveEntry
             try
               {
                 KeyFactory kf = KeyFactory.getInstance("DSA");
-                entry.key = kf.generatePublic(new X509EncodedKeySpec(
-                                                                     entry.payload));
+                entry.key = kf.generatePublic(new X509EncodedKeySpec(entry.payload));
               }
             catch (Exception x)
               {
               }
             if (entry.key == null)
-              {
-                throw new MalformedKeyringException(
-                                                    "could not decode X.509 key");
-              }
+              throw new MalformedKeyringException("could not decode X.509 key");
           }
       }
     else
-      {
-        throw new MalformedKeyringException("unsupported public key type: "
-                                            + type);
-      }
+      throw new MalformedKeyringException("unsupported public key type: " + type);
     return entry;
   }
 
-  // Instance methods.
-  // ------------------------------------------------------------------------
-
   /**
    * Returns the public key.
-   *
+   * 
    * @return The public key.
    */
   public PublicKey getKey()
@@ -185,8 +157,6 @@ public final class PublicKeyEntry extends PrimitiveEntry
         payload = key.getEncoded();
       }
     else
-      {
-        throw new IllegalArgumentException("cannot encode public key");
-      }
+      throw new IllegalArgumentException("cannot encode public key");
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/kwa/AESKeyWrap.java b/libjava/classpath/gnu/javax/crypto/kwa/AESKeyWrap.java
new file mode 100644
index 00000000000..bb86c5477aa
--- /dev/null
+++ b/libjava/classpath/gnu/javax/crypto/kwa/AESKeyWrap.java
@@ -0,0 +1,168 @@
+/* AESWrap.java -- An implementation of RFC-3394 AES Key Wrap Algorithm
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.javax.crypto.kwa;
+
+import gnu.java.security.Registry;
+import gnu.javax.crypto.cipher.IBlockCipher;
+import gnu.javax.crypto.cipher.Rijndael;
+
+import java.security.InvalidKeyException;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * The GNU implementation of the AES Key Wrap Algorithm as described in [1].
+ * <p>
+ * References:
+ * <ol>
+ * <li><a href="http://csrc.nist.gov/encryption/kms/key-wrap.pdf"></a>.</li>
+ * <li><a href="http://www.rfc-archive.org/getrfc.php?rfc=3394">Advanced
+ * Encryption Standard (AES) Key Wrap Algorithm</a>.</li>
+ * <li><a href="http://www.w3.org/TR/xmlenc-core/">XML Encryption Syntax and
+ * Processing</a>.</li>
+ * </ol>
+ */
+public class AESKeyWrap
+    extends BaseKeyWrappingAlgorithm
+{
+  private static final byte[] DEFAULT_IV = new byte[] {
+      (byte) 0xA6, (byte) 0xA6, (byte) 0xA6, (byte) 0xA6,
+      (byte) 0xA6, (byte) 0xA6, (byte) 0xA6, (byte) 0xA6 };
+
+  private Rijndael aes;
+  private byte[] iv;
+
+  public AESKeyWrap()
+  {
+    super(Registry.AES_KWA);
+
+    aes = new Rijndael();
+  }
+
+  protected void engineInit(Map attributes) throws InvalidKeyException
+  {
+    Map cipherAttributes = new HashMap();
+    cipherAttributes.put(IBlockCipher.CIPHER_BLOCK_SIZE, Integer.valueOf(16));
+    cipherAttributes.put(IBlockCipher.KEY_MATERIAL,
+                         attributes.get(KEY_ENCRYPTION_KEY_MATERIAL));
+    aes.reset();
+    aes.init(cipherAttributes);
+    byte[] initialValue = (byte[]) attributes.get(INITIAL_VALUE);
+    iv = initialValue == null ? DEFAULT_IV : (byte[]) initialValue.clone();
+  }
+
+  protected byte[] engineWrap(byte[] in, int inOffset, int length)
+  {
+    // TODO: handle input length which is not a multiple of 8 as suggested by
+    // section 2.2.3.2 of RFC-3394
+    if (length % 8 != 0)
+      throw new IllegalArgumentException("Input length MUST be a multiple of 8");
+    int n = length / 8;
+    // output is always one block larger than input
+    byte[] result = new byte[length + 8];
+
+    // 1. init variables: we'll use out buffer for our work buffer;
+    //    A will be the first block in out, while R will be the rest
+    System.arraycopy(iv, 0, result, 0, 8);
+    System.arraycopy(in, inOffset, result, 8, length);
+    byte[] B = new byte[2 * 8];
+    // 2. compute intermediate values
+    long t;
+    for (int j = 0; j < 6; j++)
+      for (int i = 1; i <= n; i++)
+        {
+          System.arraycopy(result, 0, B, 0, 8);
+          System.arraycopy(result, i * 8, B, 8, 8);
+          aes.encryptBlock(B, 0, B, 0);
+          t = (n * j) + i;
+          result[0] = (byte)(B[0] ^ (t >>> 56));
+          result[1] = (byte)(B[1] ^ (t >>> 48));
+          result[2] = (byte)(B[2] ^ (t >>> 40));
+          result[3] = (byte)(B[3] ^ (t >>> 32));
+          result[4] = (byte)(B[4] ^ (t >>> 24));
+          result[5] = (byte)(B[5] ^ (t >>> 16));
+          result[6] = (byte)(B[6] ^ (t >>>  8));
+          result[7] = (byte)(B[7] ^  t        );
+          System.arraycopy(B, 8, result, i * 8, 8);
+        }
+    return result;
+  }
+
+  protected byte[] engineUnwrap(byte[] in, int inOffset, int length)
+      throws KeyUnwrappingException
+  {
+    // TODO: handle input length which is not a multiple of 8 as suggested by
+    // section 2.2.3.2 of RFC-3394
+    if (length % 8 != 0)
+      throw new IllegalArgumentException("Input length MUST be a multiple of 8");
+    // output is always one block shorter than input
+    byte[] result = new byte[length - 8];
+
+    // 1. init variables: we'll use out buffer for our R work buffer
+    byte[] A = new byte[8];
+    System.arraycopy(in, inOffset, A, 0, 8);
+    System.arraycopy(in, inOffset + 8, result, 0, result.length);
+    byte[] B = new byte[2 * 8];
+    // 2. compute intermediate values
+    int n = length / 8 - 1;
+    long t;
+    for (int j = 5; j >= 0; j--)
+      for (int i = n; i >= 1; i--)
+        {
+          t = (n * j) + i;
+          B[0] = (byte)(A[0] ^ (t >>> 56));
+          B[1] = (byte)(A[1] ^ (t >>> 48));
+          B[2] = (byte)(A[2] ^ (t >>> 40));
+          B[3] = (byte)(A[3] ^ (t >>> 32));
+          B[4] = (byte)(A[4] ^ (t >>> 24));
+          B[5] = (byte)(A[5] ^ (t >>> 16));
+          B[6] = (byte)(A[6] ^ (t >>>  8));
+          B[7] = (byte)(A[7] ^  t        );
+          System.arraycopy(result, (i - 1) * 8, B, 8, 8);
+          aes.decryptBlock(B, 0, B, 0);
+          System.arraycopy(B, 0, A, 0, 8);
+          System.arraycopy(B, 8, result, (i - 1) * 8, 8);
+        }
+    if (! Arrays.equals(A, iv))
+      throw new KeyUnwrappingException();
+
+    return result;
+  }
+}
diff --git a/libjava/classpath/gnu/javax/crypto/kwa/BaseKeyWrappingAlgorithm.java b/libjava/classpath/gnu/javax/crypto/kwa/BaseKeyWrappingAlgorithm.java
new file mode 100644
index 00000000000..206e01d13da
--- /dev/null
+++ b/libjava/classpath/gnu/javax/crypto/kwa/BaseKeyWrappingAlgorithm.java
@@ -0,0 +1,145 @@
+/* BaseKeyWrappingAlgorithm.java -- FIXME: briefly describe file purpose
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.javax.crypto.kwa;
+
+import gnu.java.security.util.PRNG;
+
+import java.security.InvalidKeyException;
+import java.util.Collections;
+import java.util.Map;
+
+import javax.crypto.ShortBufferException;
+
+/**
+ * A base class to facilitate implementation of concrete Key Wrapping
+ * Algorithms.
+ */
+public abstract class BaseKeyWrappingAlgorithm
+     implements IKeyWrappingAlgorithm
+{
+  /** The canonical name of the key wrapping algorithm. */
+  protected String name;
+  /** A source of randomness if/when needed by concrete implementations. */
+  private PRNG prng;
+
+  /**
+   * Protected constructor.
+   * 
+   * @param name the key wrapping algorithm canonical name.
+   */
+  protected BaseKeyWrappingAlgorithm(String name)
+  {
+    super();
+  }
+
+  public String name()
+  {
+    return this.name;
+  }
+
+  public void init(Map attributes) throws InvalidKeyException
+  {
+    if (attributes == null)
+      attributes = Collections.EMPTY_MAP;
+
+    engineInit(attributes);
+  }
+
+  public int wrap(byte[] in, int inOffset, int length, byte[] out, int outOffset)
+      throws ShortBufferException
+  {
+    if (outOffset < 0)
+      throw new IllegalArgumentException("Output offset MUST NOT be negative");
+    byte[] result = wrap(in, inOffset, length);
+    if (outOffset + result.length > out.length)
+      throw new ShortBufferException();
+    System.arraycopy(result, 0, out, outOffset, result.length);
+    return result.length;
+  }
+
+  public byte[] wrap(byte[] in, int inOffset, int length)
+  {
+    if (inOffset < 0)
+      throw new IllegalArgumentException("Input offset MUST NOT be negative");
+    if (length < 0)
+      throw new IllegalArgumentException("Input length MUST NOT be negative");
+
+    return engineWrap(in, inOffset, length);
+  }
+
+  public int unwrap(byte[] in, int inOffset, int length,
+                    byte[] out, int outOffset)
+      throws ShortBufferException, KeyUnwrappingException
+  {
+    if (outOffset < 0)
+      throw new IllegalArgumentException("Output offset MUST NOT be negative");
+    byte[] result = engineUnwrap(in, inOffset, length);
+    if (outOffset + result.length > out.length)
+      throw new ShortBufferException();
+    System.arraycopy(result, 0, out, outOffset, result.length);
+    return result.length;
+  }
+
+  public byte[] unwrap(byte[] in, int inOffset, int length)
+      throws KeyUnwrappingException
+  {
+    if (inOffset < 0)
+      throw new IllegalArgumentException("Input offset MUST NOT be negative");
+    if (length < 0)
+      throw new IllegalArgumentException("Input length MUST NOT be negative");
+
+    return engineUnwrap(in, inOffset, length);
+  }
+
+  protected abstract void engineInit(Map attributes) throws InvalidKeyException;
+
+  protected abstract byte[] engineWrap(byte[] in, int inOffset, int length);
+
+  protected abstract byte[] engineUnwrap(byte[] in, int inOffset, int length)
+      throws KeyUnwrappingException;
+
+  /** @return a strong pseudo-random number generator if/when needed. */
+  protected PRNG getDefaultPRNG()
+  {
+    if (prng == null)
+      prng = PRNG.getInstance();
+
+    return prng;
+  }
+}
diff --git a/libjava/classpath/gnu/javax/crypto/kwa/IKeyWrappingAlgorithm.java b/libjava/classpath/gnu/javax/crypto/kwa/IKeyWrappingAlgorithm.java
new file mode 100644
index 00000000000..d9c2bed14d5
--- /dev/null
+++ b/libjava/classpath/gnu/javax/crypto/kwa/IKeyWrappingAlgorithm.java
@@ -0,0 +1,160 @@
+/* IKeyWrappingAlgorithm.java -- FIXME: briefly describe file purpose
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.javax.crypto.kwa;
+
+import java.security.InvalidKeyException;
+import java.security.SecureRandom;
+import java.util.Map;
+
+import javax.crypto.ShortBufferException;
+
+/**
+ * Constants and visible methods available to all GNU Key Wrapping Algorithm
+ * implementations.
+ */
+public interface IKeyWrappingAlgorithm
+{
+  /**
+   * Name of the property, in the attributes map, that references the Key
+   * Wrapping Algorithm KEK (Key Encryption Key) material. The object referenced
+   * by this property is a byte array containing the keying material for the
+   * underlying block cipher.
+   */
+  String KEY_ENCRYPTION_KEY_MATERIAL = "gnu.crypto.kwa.kek";
+  /**
+   * Name of the property, in the attributes map, that references the Initial
+   * Value (IV) material. The object referenced by this property is a byte array
+   * containing the initial integrity check register value.
+   */
+  String INITIAL_VALUE = "gnu.crypto.kwa.iv";
+  /**
+   * Property name of an optional {@link SecureRandom} instance to use. The
+   * default is to use a {@link gnu.java.security.util.PRNG} instance.
+   */
+  String SOURCE_OF_RANDOMNESS = "gnu.crypto.kwa.prng";
+
+  /**
+   * Returns the canonical name of this Key Wrapping Algorithm.
+   * 
+   * @return the canonical name of this Key Wrapping Algorithm.
+   */
+  String name();
+
+  /**
+   * Initializes this instance with the designated algorithm specific
+   * attributes.
+   * 
+   * @param attributes a map of name-to-value pairs the Key Wrapping Algorithm
+   *          must use for its setup.
+   * @throws InvalidKeyException if an exception is encountered while seting up
+   *           the Key Wrapping Algorithm keying material (KEK).
+   */
+  void init(Map attributes) throws InvalidKeyException;
+
+  /**
+   * Wraps the designated plain text bytes.
+   * 
+   * @param in the input byte array containing the plain text.
+   * @param inOffset the offset into <code>in</code> where the first byte of
+   *          the plain text (key material) to wrap is located.
+   * @param length the number of bytes to wrap.
+   * @param out the output byte array where the wrapped key material will be
+   *          stored.
+   * @param outOffset the offset into <code>out</code> of the first wrapped
+   *          byte.
+   * @return the number of bytes of the wrapped key material; i.e. the length,
+   *         in <code>out</code>, starting from <code>outOffset</code>
+   *         where the cipher text (wrapped key material) are stored.
+   * @throws ShortBufferException if the output buffer is not long enough to
+   *           accomodate the number of bytes resulting from wrapping the plain
+   *           text.
+   */
+  int wrap(byte[] in, int inOffset, int length, byte[] out, int outOffset)
+      throws ShortBufferException;
+
+  /**
+   * Wraps the designated plain text bytes.
+   * 
+   * @param in the input byte array containing the plain text.
+   * @param inOffset the offset into <code>in</code> where the first byte of
+   *          the plain text (key material) to wrap is located.
+   * @param length the number of bytes to wrap.
+   * @return a newly allocated byte array containing the cipher text.
+   */
+  byte[] wrap(byte[] in, int inOffset, int length);
+
+  /**
+   * Unwraps the designated cipher text bytes.
+   * 
+   * @param in the input byte array containing the cipher text.
+   * @param inOffset the offset into <code>in</code> where the first byte of
+   *          the cipher text (already wrapped key material) to unwrap is
+   *          located.
+   * @param length the number of bytes to unwrap.
+   * @param out the output byte array where the unwrapped key material will be
+   *          stored.
+   * @param outOffset the offset into <code>out</code> of the first unwrapped
+   *          byte.
+   * @return the number of bytes of the unwrapped key material; i.e. the length,
+   *         in <code>out</code>, starting from <code>outOffset</code>
+   *         where the plain text (unwrapped key material) are stored.
+   * @throws ShortBufferException if the output buffer is not long enough to
+   *           accomodate the number of bytes resulting from unwrapping the
+   *           cipher text.
+   * @throws KeyUnwrappingException if after unwrapping the cipher text, the
+   *           bytes at the begining did not match the initial value.
+   */
+  int unwrap(byte[] in, int inOffset, int length, byte[] out, int outOffset)
+      throws ShortBufferException, KeyUnwrappingException;
+
+  /**
+   * Unwraps the designated cipher text bytes.
+   * 
+   * @param in the input byte array containing the cipher text.
+   * @param inOffset the offset into <code>in</code> where the first byte of
+   *          the cipher text (already wrapped key material) to unwrap is
+   *          located.
+   * @param length the number of bytes to unwrap.
+   * @return a newly allocated byte array containing the plain text.
+   * @throws KeyUnwrappingException if after unwrapping the cipher text, the
+   *           bytes at the begining did not match the initial value.
+   */
+  byte[] unwrap(byte[] in, int inOffset, int length)
+      throws KeyUnwrappingException;
+}
diff --git a/libjava/classpath/gnu/javax/crypto/kwa/KeyUnwrappingException.java b/libjava/classpath/gnu/javax/crypto/kwa/KeyUnwrappingException.java
new file mode 100644
index 00000000000..54b4aff0a62
--- /dev/null
+++ b/libjava/classpath/gnu/javax/crypto/kwa/KeyUnwrappingException.java
@@ -0,0 +1,67 @@
+/* KeyUnwrappingException.java -- FIXME: briefly describe file purpose
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.javax.crypto.kwa;
+
+import java.security.GeneralSecurityException;
+
+/**
+ * A checked security exception to denote an unexpected problem while unwrapping
+ * key material with a Key Wrapping Algorithm.
+ */
+public class KeyUnwrappingException
+    extends GeneralSecurityException
+{
+  /**
+   * Create a new instance with no descriptive error message.
+   */
+  public KeyUnwrappingException()
+  {
+    super();
+  }
+
+  /**
+   * Create a new instance with a descriptive error message.
+   *
+   * @param msg the descriptive error message
+   */
+  public KeyUnwrappingException(String msg)
+  {
+    super(msg);
+  }
+}
diff --git a/libjava/classpath/gnu/javax/crypto/kwa/KeyWrappingAlgorithmFactory.java b/libjava/classpath/gnu/javax/crypto/kwa/KeyWrappingAlgorithmFactory.java
new file mode 100644
index 00000000000..6f6cd121944
--- /dev/null
+++ b/libjava/classpath/gnu/javax/crypto/kwa/KeyWrappingAlgorithmFactory.java
@@ -0,0 +1,110 @@
+/* KeyWrappingAlgorithmFactory.java -- FIXME: briefly describe file purpose
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.javax.crypto.kwa;
+
+import gnu.java.security.Registry;
+
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.Set;
+
+/**
+ * A Factory class for the Key Wrapping Algorithm implementations.
+ */
+public class KeyWrappingAlgorithmFactory
+{
+  /** Names of Key Wrapping Algorihms cached for speed. */
+  private static Set names;
+  
+  /** Trivial constructor to enforce Singleton pattern. */
+  private KeyWrappingAlgorithmFactory()
+  {
+    super();
+  }
+
+  /**
+   * Returns an instance of a key-wrapping algorithm given its name.
+   * 
+   * @param name the case-insensitive name of the key-wrapping algorithm.
+   * @return an instance of the designated key-wrapping algorithm, or
+   *         <code>null</code> if none was found.
+   * @exception InternalError if the implementation does not pass its self-test.
+   */
+  public static final IKeyWrappingAlgorithm getInstance(String name)
+  {
+    if (name == null)
+      return null;
+    name = name.trim();
+    IKeyWrappingAlgorithm result = null;
+    if (name.equalsIgnoreCase(Registry.AES_KWA)
+        || name.equalsIgnoreCase(Registry.AES128_KWA)
+        || name.equalsIgnoreCase(Registry.AES192_KWA)
+        || name.equalsIgnoreCase(Registry.AES256_KWA)
+        || name.equalsIgnoreCase(Registry.RIJNDAEL_KWA))
+      result = new AESKeyWrap();
+    else if (name.equalsIgnoreCase(Registry.TRIPLEDES_KWA)
+        || name.equalsIgnoreCase(Registry.DESEDE_KWA))
+      result = new TripleDESKeyWrap();
+
+    return result;
+  }
+
+  /**
+   * Returns a {@link Set} of key wrapping algorithm names supported by this
+   * <i>Factory</i>.
+   * 
+   * @return a {@link Set} of key wrapping algorithm names (Strings).
+   */
+  public static synchronized final Set getNames()
+  {
+    if (names == null)
+      {
+        HashSet hs = new HashSet();
+        hs.add(Registry.AES_KWA);
+        hs.add(Registry.AES128_KWA);
+        hs.add(Registry.AES192_KWA);
+        hs.add(Registry.AES256_KWA);
+        hs.add(Registry.RIJNDAEL_KWA);
+        hs.add(Registry.TRIPLEDES_KWA);
+        hs.add(Registry.DESEDE_KWA);
+        names = Collections.unmodifiableSet(hs);
+      }
+    return names;
+  }
+}
diff --git a/libjava/classpath/gnu/javax/crypto/kwa/TripleDESKeyWrap.java b/libjava/classpath/gnu/javax/crypto/kwa/TripleDESKeyWrap.java
new file mode 100644
index 00000000000..71562bd752b
--- /dev/null
+++ b/libjava/classpath/gnu/javax/crypto/kwa/TripleDESKeyWrap.java
@@ -0,0 +1,292 @@
+/* TripleDESKeyWrap.java -- FIXME: briefly describe file purpose
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.javax.crypto.kwa;
+
+import gnu.java.security.Registry;
+import gnu.java.security.hash.Sha160;
+import gnu.javax.crypto.assembly.Assembly;
+import gnu.javax.crypto.assembly.Cascade;
+import gnu.javax.crypto.assembly.Direction;
+import gnu.javax.crypto.assembly.Stage;
+import gnu.javax.crypto.assembly.Transformer;
+import gnu.javax.crypto.assembly.TransformerException;
+import gnu.javax.crypto.cipher.IBlockCipher;
+import gnu.javax.crypto.cipher.TripleDES;
+import gnu.javax.crypto.mode.IMode;
+import gnu.javax.crypto.mode.ModeFactory;
+
+import java.security.InvalidKeyException;
+import java.security.SecureRandom;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * The GNU implementation of the Triple DES Key Wrap Algorithm as described in
+ * [1].
+ * <p>
+ * <b>IMPORTANT</b>: This class is NOT thread safe.
+ * <p>
+ * References:
+ * <ol>
+ * <li><a href="http://www.rfc-archive.org/getrfc.php?rfc=3217">Triple-DES and
+ * RC2 Key Wrapping</a>.</li>
+ * <li><a href="http://www.w3.org/TR/xmlenc-core/">XML Encryption Syntax and
+ * Processing</a>.</li>
+ * </ol>
+ */
+public class TripleDESKeyWrap
+    extends BaseKeyWrappingAlgorithm
+{
+  private static final byte[] DEFAULT_IV = new byte[] {
+     (byte) 0x4A, (byte) 0xDD, (byte) 0xA2, (byte) 0x2C,
+     (byte) 0x79, (byte) 0xE8, (byte) 0x21, (byte) 0x05 };
+
+  private Assembly asm;
+  private HashMap asmAttributes = new HashMap();
+  private HashMap modeAttributes = new HashMap();
+  private Sha160 sha = new Sha160();
+  private SecureRandom rnd;
+
+  public TripleDESKeyWrap()
+  {
+    super(Registry.TRIPLEDES_KWA);
+  }
+
+  protected void engineInit(Map attributes) throws InvalidKeyException
+  {
+    rnd = (SecureRandom) attributes.get(IKeyWrappingAlgorithm.SOURCE_OF_RANDOMNESS);
+    IMode des3CBC = ModeFactory.getInstance(Registry.CBC_MODE, new TripleDES(), 8);
+    Stage des3CBCStage = Stage.getInstance(des3CBC, Direction.FORWARD);
+    Cascade cascade = new Cascade();
+    Object modeNdx = cascade.append(des3CBCStage);
+
+    asmAttributes.put(modeNdx, modeAttributes);
+
+    asm = new Assembly();
+    asm.addPreTransformer(Transformer.getCascadeTransformer(cascade));
+
+    modeAttributes.put(IBlockCipher.KEY_MATERIAL,
+                       attributes.get(KEY_ENCRYPTION_KEY_MATERIAL));
+    asmAttributes.put(Assembly.DIRECTION, Direction.FORWARD);
+  }
+
+  protected byte[] engineWrap(byte[] in, int inOffset, int length)
+  {
+    // The same key wrap algorithm is used for both Two-key Triple-DES and
+    // Three-key Triple-DES keys.  When a Two-key Triple-DES key is to be
+    // wrapped, a third DES key with the same value as the first DES key is
+    // created.  Thus, all wrapped Triple-DES keys include three DES keys.
+    if (length != 16 && length != 24)
+      throw new IllegalArgumentException("Only 2- and 3-key Triple DES keys are alowed");
+
+    byte[] CEK = new byte[24];
+    if (length == 16)
+      {
+        System.arraycopy(in, inOffset, CEK, 0,  16);
+        System.arraycopy(in, inOffset, CEK, 16, 8);
+      }
+    else
+      System.arraycopy(in, inOffset, CEK, 0, 24);
+    
+    // TODO: check for the following:
+    // However, a Two-key Triple-DES key MUST NOT be used to wrap a Three-
+    // key Triple-DES key that is comprised of three unique DES keys.
+
+    // 1. Set odd parity for each of the DES key octets comprising the
+    //    Three-Key Triple-DES key that is to be wrapped, call the result
+    //    CEK.
+    TripleDES.adjustParity(CEK, 0);
+
+    // 2. Compute an 8 octet key checksum value on CEK as described above in
+    //    Section 2, call the result ICV.
+    sha.update(CEK);
+    byte[] hash = sha.digest();
+    byte[] ICV = new byte[8];
+    System.arraycopy(hash, 0, ICV, 0, 8);
+
+    // 3. Let CEKICV = CEK || ICV.
+    byte[] CEKICV = new byte[CEK.length + ICV.length];
+    System.arraycopy(CEK, 0, CEKICV, 0,          CEK.length);
+    System.arraycopy(ICV, 0, CEKICV, CEK.length, ICV.length);
+
+    // 4. Generate 8 octets at random, call the result IV.
+    byte[] IV = new byte[8];
+    nextRandomBytes(IV);
+
+    // 5. Encrypt CEKICV in CBC mode using the key-encryption key.  Use the
+    //    random value generated in the previous step as the initialization
+    //    vector (IV).  Call the ciphertext TEMP1.
+    modeAttributes.put(IMode.IV, IV);
+    asmAttributes.put(Assembly.DIRECTION, Direction.FORWARD);
+    byte[] TEMP1;
+    try
+      {
+        asm.init(asmAttributes);
+        TEMP1 = asm.lastUpdate(CEKICV);
+      }
+    catch (TransformerException x)
+      {
+        throw new RuntimeException(x);
+      }
+
+    // 6. Let TEMP2 = IV || TEMP1.
+    byte[] TEMP2 = new byte[IV.length + TEMP1.length];
+    System.arraycopy(IV,    0, TEMP2, 0,         IV.length);
+    System.arraycopy(TEMP1, 0, TEMP2, IV.length, TEMP1.length);
+
+    // 7. Reverse the order of the octets in TEMP2.  That is, the most
+    //    significant (first) octet is swapped with the least significant
+    //    (last) octet, and so on.  Call the result TEMP3.
+    byte[] TEMP3 = new byte[TEMP2.length];
+    for (int i = 0, j = TEMP2.length - 1; i < TEMP2.length; i++, j--)
+      TEMP3[j] = TEMP2[i];
+
+    // 8. Encrypt TEMP3 in CBC mode using the key-encryption key.  Use an
+    //    initialization vector (IV) of 0x4adda22c79e82105.  The ciphertext
+    //    is 40 octets long.
+    modeAttributes.put(IMode.IV, DEFAULT_IV);
+    asmAttributes.put(Assembly.DIRECTION, Direction.FORWARD);
+    byte[] result;
+    try
+      {
+        asm.init(asmAttributes);
+        result = asm.lastUpdate(TEMP3);
+      }
+    catch (TransformerException x)
+      {
+        throw new RuntimeException(x);
+      }
+    return result;
+  }
+
+  protected byte[] engineUnwrap(byte[] in, int inOffset, int length)
+      throws KeyUnwrappingException
+  {
+    // 1. If the wrapped key is not 40 octets, then error.
+    if (length != 40)
+      throw new IllegalArgumentException("length MUST be 40");
+
+    // 2. Decrypt the wrapped key in CBC mode using the key-encryption key.
+    //    Use an initialization vector (IV) of 0x4adda22c79e82105.  Call the
+    //    output TEMP3.
+    modeAttributes.put(IMode.IV, DEFAULT_IV);
+    asmAttributes.put(Assembly.DIRECTION, Direction.REVERSED);
+    byte[] TEMP3;
+    try
+      {
+        asm.init(asmAttributes);
+        TEMP3 = asm.lastUpdate(in, inOffset, 40);
+      }
+    catch (TransformerException x)
+      {
+        throw new RuntimeException(x);
+      }
+
+    // 3. Reverse the order of the octets in TEMP3.  That is, the most
+    //    significant (first) octet is swapped with the least significant
+    //    (last) octet, and so on.  Call the result TEMP2.
+    byte[] TEMP2 = new byte[40];
+    for (int i = 0, j = 40 - 1; i < 40; i++, j--)
+      TEMP2[j] = TEMP3[i];
+
+    // 4. Decompose TEMP2 into IV and TEMP1.  IV is the most significant
+    //    (first) 8 octets, and TEMP1 is the least significant (last) 32
+    //    octets.
+    byte[] IV = new byte[8];
+    byte[] TEMP1 = new byte[32];
+    System.arraycopy(TEMP2, 0, IV,    0, 8);
+    System.arraycopy(TEMP2, 8, TEMP1, 0, 32);
+
+    // 5. Decrypt TEMP1 in CBC mode using the key-encryption key.  Use the
+    //    IV value from the previous step as the initialization vector.
+    //    Call the ciphertext CEKICV.
+    modeAttributes.put(IMode.IV, IV);
+    asmAttributes.put(Assembly.DIRECTION, Direction.REVERSED);
+    byte[] CEKICV;
+    try
+      {
+        asm.init(asmAttributes);
+        CEKICV = asm.lastUpdate(TEMP1, 0, 32);
+      }
+    catch (TransformerException x)
+      {
+        throw new RuntimeException(x);
+      }
+
+    // 6. Decompose CEKICV into CEK and ICV.  CEK is the most significant
+    //    (first) 24 octets, and ICV is the least significant (last) 8
+    //    octets.
+    byte[] CEK = new byte[24];
+    byte[] ICV = new byte[8];
+    System.arraycopy(CEKICV, 0,  CEK, 0, 24);
+    System.arraycopy(CEKICV, 24, ICV, 0, 8);
+
+    // 7. Compute an 8 octet key checksum value on CEK as described above in
+    //    Section 2.  If the computed key checksum value does not match the
+    //    decrypted key checksum value, ICV, then error.
+    sha.update(CEK);
+    byte[] hash = sha.digest();
+    byte[] computedICV = new byte[8];
+    System.arraycopy(hash, 0, computedICV, 0, 8);
+    if (! Arrays.equals(ICV, computedICV))
+      throw new KeyUnwrappingException("ICV and computed ICV MUST match");
+
+    // 8. Check for odd parity each of the DES key octets comprising CEK.
+    //    If parity is incorrect, then error.
+    if (! TripleDES.isParityAdjusted(CEK, 0))
+      throw new KeyUnwrappingException("Triple-DES key parity MUST be adjusted");
+
+    // 9. Use CEK as a Triple-DES key.
+    return CEK;
+  }
+  
+  /**
+   * Fills the designated byte array with random data.
+   * 
+   * @param buffer the byte array to fill with random data.
+   */
+  private void nextRandomBytes(byte[] buffer)
+  {
+    if (rnd != null)
+      rnd.nextBytes(buffer);
+    else
+      getDefaultPRNG().nextBytes(buffer);
+  }
+}
diff --git a/libjava/classpath/gnu/javax/crypto/mac/BaseMac.java b/libjava/classpath/gnu/javax/crypto/mac/BaseMac.java
index 1b42a1644c9..16922130fb6 100644
--- a/libjava/classpath/gnu/javax/crypto/mac/BaseMac.java
+++ b/libjava/classpath/gnu/javax/crypto/mac/BaseMac.java
@@ -40,35 +40,26 @@ package gnu.javax.crypto.mac;
 
 import gnu.java.security.hash.IMessageDigest;
 
-import java.util.Map;
 import java.security.InvalidKeyException;
+import java.util.Map;
 
 /**
- * <p>A base abstract class to facilitate <i>MAC</i> (Message Authentication
- * Code) implementations.</p>
+ * A base abstract class to facilitate <i>MAC</i> (Message Authentication Code)
+ * implementations.
  */
-public abstract class BaseMac implements IMac
+public abstract class BaseMac
+    implements IMac
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** The canonical name prefix of the <i>MAC</i>. */
   protected String name;
-
   /** Reference to the underlying hash algorithm instance. */
   protected IMessageDigest underlyingHash;
-
   /** The length of the truncated output in bytes. */
   protected int truncatedSize;
 
-  /** The authentication key for this instance. */
-  //   protected transient byte[] K;
-  // Constructor(s)
-  // -------------------------------------------------------------------------
   /**
-   * <p>Trivial constructor for use by concrete subclasses.</p>
-   *
+   * Trivial constructor for use by concrete subclasses.
+   * 
    * @param name the canonical name of this instance.
    */
   protected BaseMac(String name)
@@ -79,8 +70,8 @@ public abstract class BaseMac implements IMac
   }
 
   /**
-   * <p>Trivial constructor for use by concrete subclasses.</p>
-   *
+   * Trivial constructor for use by concrete subclasses.
+   * 
    * @param name the canonical name of this instance.
    * @param underlyingHash the underlying message digest algorithm instance.
    */
@@ -89,20 +80,10 @@ public abstract class BaseMac implements IMac
     this(name);
 
     if (underlyingHash != null)
-      {
-        truncatedSize = underlyingHash.hashSize();
-      }
+      truncatedSize = underlyingHash.hashSize();
     this.underlyingHash = underlyingHash;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // gnu.crypto.mac.IMac interface implementation ----------------------------
-
   public String name()
   {
     return name;
@@ -137,12 +118,10 @@ public abstract class BaseMac implements IMac
     return result;
   }
 
-  // methods to be implemented by concrete subclasses ------------------------
-
   public abstract void init(Map attributes) throws InvalidKeyException,
       IllegalStateException;
 
   public abstract byte[] digest();
 
   public abstract boolean selfTest();
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/mac/HMac.java b/libjava/classpath/gnu/javax/crypto/mac/HMac.java
index c1f97b54195..f0e588d1831 100644
--- a/libjava/classpath/gnu/javax/crypto/mac/HMac.java
+++ b/libjava/classpath/gnu/javax/crypto/mac/HMac.java
@@ -48,70 +48,51 @@ import java.util.HashMap;
 import java.util.Map;
 
 /**
- * <p>The implementation of the <i>HMAC</i> (Keyed-Hash Message Authentication
- * Code).</p>
- *
- * <p><i>HMAC</i> can be used in combination with any iterated cryptographic
- * hash function. <i>HMAC</i> also uses a <i>secret key</i> for calculation and
+ * The implementation of the <i>HMAC</i> (Keyed-Hash Message Authentication
+ * Code).
+ * <p>
+ * <i>HMAC</i> can be used in combination with any iterated cryptographic hash
+ * function. <i>HMAC</i> also uses a <i>secret key</i> for calculation and
  * verification of the message authentication values. The main goals behind this
- * construction are</p>
- *
+ * construction are:
  * <ul>
- *    <li>To use, without modifications, available hash functions. In
- *    particular, hash functions that perform well in software, and for which
- *    code is freely and widely available.</li>
- *
- *    <li>To preserve the original performance of the hash function without
- *    incurring a significant degradation.</li>
- *
- *    <li>To use and handle keys in a simple way.</li>
- *
- *    <li>To have a well understood cryptographic analysis of the strength of
- *    the authentication mechanism based on reasonable assumptions on the
- *    underlying hash function.</li>
- *
- *    <li>To allow for easy replaceability of the underlying hash function in
- *    case that faster or more secure hash functions are found or required.</li>
+ * <li>To use, without modifications, available hash functions. In particular,
+ * hash functions that perform well in software, and for which code is freely
+ * and widely available.</li>
+ * <li>To preserve the original performance of the hash function without
+ * incurring a significant degradation.</li>
+ * <li>To use and handle keys in a simple way.</li>
+ * <li>To have a well understood cryptographic analysis of the strength of the
+ * authentication mechanism based on reasonable assumptions on the underlying
+ * hash function.</li>
+ * <li>To allow for easy replaceability of the underlying hash function in case
+ * that faster or more secure hash functions are found or required.</li>
  * </ul>
- *
- * <p>References:</p>
- *
+ * <p>
+ * References:
  * <ol>
- *    <li><a href="http://www.ietf.org/rfc/rfc-2104.txt">RFC 2104</a>HMAC:
- *    Keyed-Hashing for Message Authentication.<br>
- *    H. Krawczyk, M. Bellare, and R. Canetti.</li>
+ * <li><a href="http://www.ietf.org/rfc/rfc-2104.txt">RFC 2104</a>HMAC:
+ * Keyed-Hashing for Message Authentication.<br>
+ * H. Krawczyk, M. Bellare, and R. Canetti.</li>
  * </ol>
  */
-public class HMac extends BaseMac implements Cloneable
+public class HMac
+    extends BaseMac
+    implements Cloneable
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   public static final String USE_WITH_PKCS5_V2 = "gnu.crypto.hmac.pkcs5";
-
   private static final byte IPAD_BYTE = 0x36;
-
   private static final byte OPAD_BYTE = 0x5C;
-
   /** caches the result of the correctness test, once executed. */
   private static Boolean valid;
-
   protected int macSize;
-
   protected int blockSize;
-
   protected IMessageDigest ipadHash;
-
   protected IMessageDigest opadHash;
-
   protected byte[] ipad;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Trivial constructor for use by concrete subclasses.</p>
+   * Trivial constructor for use by concrete subclasses.
    *
    * @param underlyingHash the underlying hash algorithm instance.
    */
@@ -124,14 +105,6 @@ public class HMac extends BaseMac implements Cloneable
     ipadHash = opadHash = null;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.lang.Cloneable interface implementation ----------------------------
-
   public Object clone() throws CloneNotSupportedException
   {
     HMac result = (HMac) super.clone();
@@ -145,88 +118,65 @@ public class HMac extends BaseMac implements Cloneable
     return result;
   }
 
-  // implementation of abstract methods in BaseMac ---------------------------
-
   public void init(Map attributes) throws InvalidKeyException,
       IllegalStateException
   {
     Integer ts = (Integer) attributes.get(TRUNCATED_SIZE);
     truncatedSize = (ts == null ? macSize : ts.intValue());
     if (truncatedSize < (macSize / 2))
-      {
-        throw new IllegalArgumentException("Truncated size too small");
-      }
+      throw new IllegalArgumentException("Truncated size too small");
     else if (truncatedSize < 10)
-      {
-        throw new IllegalArgumentException("Truncated size less than 80 bits");
-      }
+      throw new IllegalArgumentException("Truncated size less than 80 bits");
 
     // we dont use/save the key outside this method
     byte[] K = (byte[]) attributes.get(MAC_KEY_MATERIAL);
     if (K == null)
       { // take it as an indication to re-use previous key if set
         if (ipadHash == null)
-          {
-            throw new InvalidKeyException("Null key");
-          }
+          throw new InvalidKeyException("Null key");
         // we already went through the motions; ie. up to step #4.  re-use
         underlyingHash = (IMessageDigest) ipadHash.clone();
         return;
       }
 
-    // for HMACs used in key-derivation functions (e.g. PBKDF2) the key
-    // material need not be >= the (output) block size of the underlying
-    // algorithm
+    // for HMACs used in key-derivation functions (e.g. PBKDF2) the key material
+    // need not be >= the (output) block size of the underlying algorithm
     Boolean pkcs5 = (Boolean) attributes.get(USE_WITH_PKCS5_V2);
     if (pkcs5 == null)
-      {
-        pkcs5 = Boolean.FALSE;
-      }
-    if (K.length < macSize && !pkcs5.booleanValue())
-      {
-        throw new InvalidKeyException("Key too short");
-      }
+      pkcs5 = Boolean.FALSE;
+    if (K.length < macSize && ! pkcs5.booleanValue())
+      throw new InvalidKeyException("Key too short");
 
     if (K.length > blockSize)
       {
-        // (0) replace K with HASH(K) if K is larger than the hash's
-        //     block size. Then pad with zeros until it is the correct
-        //     size (the next `if').
+        // (0) replace K with HASH(K) if K is larger than the hash's block size.
+        //     Then pad with zeros until it is the correct size (the next `if').
         underlyingHash.update(K, 0, K.length);
         K = underlyingHash.digest();
       }
     if (K.length < blockSize)
       {
-        // (1) append zeros to the end of K to create a B byte string
-        //     (e.g., if K is of length 20 bytes and B=64, then K will be
-        //     appended with 44 zero bytes 0x00)
+        // (1) append zeros to the end of K to create a B byte string (e.g., if
+        //     K is of length 20 bytes and B=64, then K will be appended with 44
+        //     zero bytes 0x00)
         int limit = (K.length > blockSize) ? blockSize : K.length;
         byte[] newK = new byte[blockSize];
         System.arraycopy(K, 0, newK, 0, limit);
         K = newK;
       }
-
     underlyingHash.reset();
     opadHash = (IMessageDigest) underlyingHash.clone();
     if (ipad == null)
-      {
-        ipad = new byte[blockSize];
-      }
-    // (2) XOR (bitwise exclusive-OR) the B byte string computed in step
-    //     (1) with ipad
-    // (3) append the stream of data 'text' to the B byte string resulting
-    //     from step (2)
+      ipad = new byte[blockSize];
+    // (2) XOR (bitwise exclusive-OR) the B byte string computed in step (1)
+    //     with ipad
+    // (3) append the stream of data 'text' to the B byte string resulting from
+    //     step (2)
     // (4) apply H to the stream generated in step (3)
     for (int i = 0; i < blockSize; i++)
-      {
-        //         underlyingHash.update((byte)(K[i] ^ IPAD_BYTE));
-        ipad[i] = (byte) (K[i] ^ IPAD_BYTE);
-      }
+      ipad[i] = (byte)(K[i] ^ IPAD_BYTE);
     for (int i = 0; i < blockSize; i++)
-      {
-        opadHash.update((byte) (K[i] ^ OPAD_BYTE));
-      }
-
+      opadHash.update((byte)(K[i] ^ OPAD_BYTE));
     underlyingHash.update(ipad, 0, blockSize);
     ipadHash = (IMessageDigest) underlyingHash.clone();
     K = null;
@@ -245,28 +195,21 @@ public class HMac extends BaseMac implements Cloneable
   public byte[] digest()
   {
     if (ipadHash == null)
-      {
-        throw new IllegalStateException("HMAC not initialised");
-      }
-
+      throw new IllegalStateException("HMAC not initialised");
     byte[] out = underlyingHash.digest();
-    // (5) XOR (bitwise exclusive-OR) the B byte string computed in
-    //     step (1) with opad
+    // (5) XOR (bitwise exclusive-OR) the B byte string computed in step (1)
+    //     with opad
     underlyingHash = (IMessageDigest) opadHash.clone();
-    // (6) append the H result from step (4) to the B byte string
-    //     resulting from step (5)
+    // (6) append the H result from step (4) to the B byte string resulting from
+    //     step (5)
     underlyingHash.update(out, 0, macSize);
-    // (7) apply H to the stream generated in step (6) and output
-    //     the result
+    // (7) apply H to the stream generated in step (6) and output the result
     out = underlyingHash.digest(); // which also resets the underlying hash
-
     // truncate and return
     if (truncatedSize == macSize)
       return out;
-
     byte[] result = new byte[truncatedSize];
     System.arraycopy(out, 0, result, 0, truncatedSize);
-
     return result;
   }
 
@@ -279,31 +222,25 @@ public class HMac extends BaseMac implements Cloneable
             IMac mac = new HMac(new MD5()); // use rfc-2104 test vectors
             String tv1 = "9294727A3638BB1C13F48EF8158BFC9D";
             String tv3 = "56BE34521D144C88DBB8C733F0E8B3F6";
-            byte[] k1 = new byte[] { 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B,
-                                    0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B,
-                                    0x0B, 0x0B };
-            byte[] k3 = new byte[] { (byte) 0xAA, (byte) 0xAA, (byte) 0xAA,
-                                    (byte) 0xAA, (byte) 0xAA, (byte) 0xAA,
-                                    (byte) 0xAA, (byte) 0xAA, (byte) 0xAA,
-                                    (byte) 0xAA, (byte) 0xAA, (byte) 0xAA,
-                                    (byte) 0xAA, (byte) 0xAA, (byte) 0xAA,
-                                    (byte) 0xAA };
+            byte[] k1 = new byte[] {
+                0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B,
+                0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B };
+            byte[] k3 = new byte[] {
+                (byte) 0xAA, (byte) 0xAA, (byte) 0xAA, (byte) 0xAA,
+                (byte) 0xAA, (byte) 0xAA, (byte) 0xAA, (byte) 0xAA,
+                (byte) 0xAA, (byte) 0xAA, (byte) 0xAA, (byte) 0xAA,
+                (byte) 0xAA, (byte) 0xAA, (byte) 0xAA, (byte) 0xAA };
             byte[] data = new byte[50];
             for (int i = 0; i < 50;)
-              {
-                data[i++] = (byte) 0xDD;
-              }
+              data[i++] = (byte) 0xDD;
 
             HashMap map = new HashMap();
-
             // test vector #1
             map.put(MAC_KEY_MATERIAL, k1);
             mac.init(map);
             mac.update("Hi There".getBytes("ASCII"), 0, 8);
-            if (!tv1.equals(Util.toString(mac.digest())))
-              {
-                valid = Boolean.FALSE;
-              }
+            if (! tv1.equals(Util.toString(mac.digest())))
+              valid = Boolean.FALSE;
 
             // test #2 is not used since it causes a "Key too short" exception
 
@@ -311,10 +248,8 @@ public class HMac extends BaseMac implements Cloneable
             map.put(MAC_KEY_MATERIAL, k3);
             mac.init(map);
             mac.update(data, 0, 50);
-            if (!tv3.equals(Util.toString(mac.digest())))
-              {
-                valid = Boolean.FALSE;
-              }
+            if (! tv3.equals(Util.toString(mac.digest())))
+              valid = Boolean.FALSE;
             valid = Boolean.TRUE;
           }
         catch (Exception x)
diff --git a/libjava/classpath/gnu/javax/crypto/mac/HMacFactory.java b/libjava/classpath/gnu/javax/crypto/mac/HMacFactory.java
index 156e6ced5e7..bc70e8b66ed 100644
--- a/libjava/classpath/gnu/javax/crypto/mac/HMacFactory.java
+++ b/libjava/classpath/gnu/javax/crypto/mac/HMacFactory.java
@@ -47,68 +47,56 @@ import java.util.Iterator;
 import java.util.Set;
 
 /**
- * <p>A <i>Factory</i> to instantiate Keyed-Hash Message Authentication Code
- * (HMAC) algorithm instances.</p>
+ * A <i>Factory</i> to instantiate Keyed-Hash Message Authentication Code
+ * (HMAC) algorithm instances.
  */
-public class HMacFactory implements Registry
+public class HMacFactory
+    implements Registry
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial constructor to enforce <i>Singleton</i> pattern. */
   private HMacFactory()
   {
     super();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Return an instance of a <i>HMAC</i> algorithm given the name of its
+   * Return an instance of a <i>HMAC</i> algorithm given the name of its
    * underlying hash function, prefixed with the literal defined in
-   * {@link Registry#HMAC_NAME_PREFIX}.</p>
-   *
+   * {@link Registry#HMAC_NAME_PREFIX}.
+   * 
    * @param name the fully qualified name of the underlying algorithm: composed
-   * as the concatenation of a literal prefix (see {@link Registry#HMAC_NAME_PREFIX})
-   * and the name of the underlying hash algorithm.
-   * @return an instance of the <i>HMAC</i> algorithm, or <code>null</code> if
-   * none can be constructed.
+   *          as the concatenation of a literal prefix (see
+   *          {@link Registry#HMAC_NAME_PREFIX}) and the name of the underlying
+   *          hash algorithm.
+   * @return an instance of the <i>HMAC</i> algorithm, or <code>null</code>
+   *         if none can be constructed.
    * @exception InternalError if the implementation does not pass its self-test.
    */
   public static IMac getInstance(String name)
   {
     if (name == null)
-      {
-        return null;
-      }
+      return null;
 
     name = name.trim();
     name = name.toLowerCase();
-    if (!name.startsWith(HMAC_NAME_PREFIX))
-      {
-        return null;
-      }
+    if (! name.startsWith(HMAC_NAME_PREFIX))
+      return null;
 
     // strip the prefix
     name = name.substring(HMAC_NAME_PREFIX.length()).trim();
     IMac result = new HMac(HashFactory.getInstance(name));
-    if (result != null && !result.selfTest())
-      {
-        throw new InternalError(result.name());
-      }
+    if (result != null && ! result.selfTest())
+      throw new InternalError(result.name());
 
     return result;
   }
 
   /**
-   * <p>Returns a {@link java.util.Set} of names of <i>HMAC</i> algorithms
-   * supported by this <i>Factory</i>.</p>
-   *
+   * <p>
+   * Returns a {@link java.util.Set} of names of <i>HMAC</i> algorithms
+   * supported by this <i>Factory</i>.
+   * </p>
+   * 
    * @return a {@link java.util.Set} of HMAC algorithm names (Strings).
    */
   public static final Set getNames()
@@ -116,13 +104,8 @@ public class HMacFactory implements Registry
     Set hashNames = HashFactory.getNames();
     HashSet hs = new HashSet();
     for (Iterator it = hashNames.iterator(); it.hasNext();)
-      {
-        hs.add(HMAC_NAME_PREFIX + ((String) it.next()));
-      }
+      hs.add(HMAC_NAME_PREFIX + ((String) it.next()));
 
     return Collections.unmodifiableSet(hs);
   }
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/mac/IMac.java b/libjava/classpath/gnu/javax/crypto/mac/IMac.java
index c4170c42ce9..a9da9eefb63 100644
--- a/libjava/classpath/gnu/javax/crypto/mac/IMac.java
+++ b/libjava/classpath/gnu/javax/crypto/mac/IMac.java
@@ -38,108 +38,93 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.mac;
 
-import java.util.Map;
 import java.security.InvalidKeyException;
+import java.util.Map;
 
 /**
- * <p>The basic visible methods of any MAC (Message Authentication Code)
- * algorithm.</p>
- *
- * <p>A <i>MAC</i> provides a way to check the integrity of information
+ * The basic visible methods of any MAC (Message Authentication Code) algorithm.
+ * <p>
+ * A <i>MAC</i> provides a way to check the integrity of information
  * transmitted over, or stored in, an unreliable medium, based on a secret key.
  * Typically, <i>MAC</i>s are used between two parties, that share a common
- * secret key, in order to validate information transmitted between them.</p>
- *
- * <p>When a <i>MAC</i> algorithm is based on a cryptographic hash function, it
- * is then called to a <i>HMAC</i> (Hashed Message Authentication Code) --see
- * <a href="http://www.ietf.org/rfc/rfc-2104.txt">RFC-2104</a>.</p>
- *
+ * secret key, in order to validate information transmitted between them.
+ * <p>
+ * When a <i>MAC</i> algorithm is based on a cryptographic hash function, it is
+ * then called to a <i>HMAC</i> (Hashed Message Authentication Code) --see <a
+ * href="http://www.ietf.org/rfc/rfc-2104.txt">RFC-2104</a>.
+ * <p>
  * Another type of <i>MAC</i> algorithms exist: UMAC or <i>Universal Message
- * Authentication Code</i>, described in
- * <a href="http://www.ietf.org/internet-drafts/draft-krovetz-umac-01.txt">
- * draft-krovetz-umac-01.txt</a>.</p>
- *
- * <p>With <i>UMAC</i>s, the sender and receiver share a common secret key (the
- * <i>MAC</i> key) which determines:</p>
- *
+ * Authentication Code</i>, described in <a
+ * href="http://www.ietf.org/internet-drafts/draft-krovetz-umac-01.txt">
+ * draft-krovetz-umac-01.txt</a>.
+ * <p>
+ * With <i>UMAC</i>s, the sender and receiver share a common secret key (the
+ * <i>MAC</i> key) which determines:
  * <ul>
- *    <li>The key for a <i>universal hash function</i>. This hash function is
- *    <i>non-cryptographic</i>, in the sense that it does not need to have any
- *    cryptographic <i>hardness</i> property. Rather, it needs to satisfy some
- *    combinatorial property, which can be proven to hold without relying on
- *    unproven hardness assumptions.</li>
- *
- *    <li>The key for a <i>pseudorandom function</i>. This is where one needs a
- *    cryptographic hardness assumption. The pseudorandom function may be
- *    obtained from a <i>block cipher</i> or a <i>cryptographic hash function</i>.
- *    </li>
+ * <li>The key for a <i>universal hash function</i>. This hash function is
+ * <i>non-cryptographic</i>, in the sense that it does not need to have any
+ * cryptographic <i>hardness</i> property. Rather, it needs to satisfy some
+ * combinatorial property, which can be proven to hold without relying on
+ * unproven hardness assumptions.</li>
+ * <li>The key for a <i>pseudorandom function</i>. This is where one needs a
+ * cryptographic hardness assumption. The pseudorandom function may be obtained
+ * from a <i>block cipher</i> or a <i>cryptographic hash function</i>. </li>
  * </ul>
- *
- * <p>References:</p>
- *
+ * <p>
+ * References:
  * <ol>
- *    <li><a href="http://www.ietf.org/rfc/rfc-2104.txt">RFC 2104</a>HMAC:
- *    Keyed-Hashing for Message Authentication.<br>
- *    H. Krawczyk, M. Bellare, and R. Canetti.</li>
- *
- *    <li><a href="http://www.ietf.org/internet-drafts/draft-krovetz-umac-01.txt">
- *    UMAC</a>: Message Authentication Code using Universal Hashing.<br>
- *    T. Krovetz, J. Black, S. Halevi, A. Hevia, H. Krawczyk, and P. Rogaway.</li>
+ * <li><a href="http://www.ietf.org/rfc/rfc-2104.txt">RFC 2104</a>HMAC:
+ * Keyed-Hashing for Message Authentication.<br>
+ * H. Krawczyk, M. Bellare, and R. Canetti.</li>
+ * <li><a href="http://www.ietf.org/internet-drafts/draft-krovetz-umac-01.txt">
+ * UMAC</a>: Message Authentication Code using Universal Hashing.<br>
+ * T. Krovetz, J. Black, S. Halevi, A. Hevia, H. Krawczyk, and P. Rogaway.</li>
  * </ol>
  */
 public interface IMac
 {
-
-  // Constants
-  // -------------------------------------------------------------------------
-
   /**
    * Property name of the user-supplied key material. The value associated to
    * this property name is taken to be a byte array.
    */
   String MAC_KEY_MATERIAL = "gnu.crypto.mac.key.material";
-
   /**
-   * <p>Property name of the desired truncated output size in bytes. The value
-   * associated to this property name is taken to be an integer. If no value
-   * is specified in the attributes map at initialisation time, then all bytes
-   * of the underlying hash algorithm's output are emitted.</p>
-   *
-   * <p>This implementation, follows the recommendation of the <i>RFC 2104</i>
-   * authors; specifically:</p>
-   *
+   * Property name of the desired truncated output size in bytes. The value
+   * associated to this property name is taken to be an integer. If no value is
+   * specified in the attributes map at initialisation time, then all bytes of
+   * the underlying hash algorithm's output are emitted.
+   * <p>
+   * This implementation, follows the recommendation of the <i>RFC 2104</i>
+   * authors; specifically:
    * <pre>
-   *    We recommend that the output length t be not less than half the
-   *    length of the hash output (to match the birthday attack bound)
-   *    and not less than 80 bits (a suitable lower bound on the number
-   *    of bits that need to be predicted by an attacker).
+   *     We recommend that the output length t be not less than half the
+   *     length of the hash output (to match the birthday attack bound)
+   *     and not less than 80 bits (a suitable lower bound on the number
+   *     of bits that need to be predicted by an attacker).
    * </pre>
    */
   String TRUNCATED_SIZE = "gnu.crypto.mac.truncated.size";
 
-  // Methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns the canonical name of this algorithm.</p>
-   *
+   * Returns the canonical name of this algorithm.
+   * 
    * @return the canonical name of this algorithm.
    */
   String name();
 
   /**
-   * <p>Returns the output length in bytes of this <i>MAC</i> algorithm.</p>
-   *
+   * Returns the output length in bytes of this <i>MAC</i> algorithm.
+   * 
    * @return the output length in bytes of this <i>MAC</i> algorithm.
    */
   int macSize();
 
   /**
-   * <p>Initialises the algorithm with designated attributes. Permissible names
-   * and values are described in the class documentation above.</p>
-   *
+   * Initialises the algorithm with designated attributes. Permissible names and
+   * values are described in the class documentation above.
+   * 
    * @param attributes a set of name-value pairs that describe the desired
-   * future instance behaviour.
+   *          future instance behaviour.
    * @exception InvalidKeyException if the key data is invalid.
    * @exception IllegalStateException if the instance is already initialised.
    * @see #MAC_KEY_MATERIAL
@@ -147,18 +132,17 @@ public interface IMac
   void init(Map attributes) throws InvalidKeyException, IllegalStateException;
 
   /**
-   * <p>Continues a <i>MAC</i> operation using the input byte.</p>
-   *
+   * Continues a <i>MAC</i> operation using the input byte.
+   * 
    * @param b the input byte to digest.
    */
   void update(byte b);
 
   /**
-   * <p>Continues a <i>MAC</i> operation, by filling the buffer, processing
-   * data in the algorithm's MAC_SIZE-bit block(s), updating the context and
-   * count, and buffering the remaining bytes in buffer for the next
-   * operation.</p>
-   *
+   * Continues a <i>MAC</i> operation, by filling the buffer, processing data
+   * in the algorithm's MAC_SIZE-bit block(s), updating the context and count,
+   * and buffering the remaining bytes in buffer for the next operation.
+   * 
    * @param in the input block.
    * @param offset start of meaningful bytes in input block.
    * @param length number of bytes, in input block, to consider.
@@ -166,32 +150,32 @@ public interface IMac
   void update(byte[] in, int offset, int length);
 
   /**
-   * <p>Completes the <i>MAC</i> by performing final operations such as
-   * padding and resetting the instance.</p>
-   *
+   * Completes the <i>MAC</i> by performing final operations such as padding
+   * and resetting the instance.
+   * 
    * @return the array of bytes representing the <i>MAC</i> value.
    */
   byte[] digest();
 
   /**
-   * <p>Resets the algorithm instance for re-initialisation and use with other
-   * characteristics. This method always succeeds.</p>
+   * Resets the algorithm instance for re-initialisation and use with other
+   * characteristics. This method always succeeds.
    */
   void reset();
 
   /**
-   * <p>A basic test. Ensures that the MAC of a pre-determined message is equal
-   * to a known pre-computed value.</p>
-   *
+   * A basic test. Ensures that the MAC of a pre-determined message is equal to
+   * a known pre-computed value.
+   * 
    * @return <code>true</code> if the implementation passes a basic self-test.
-   * Returns <code>false</code> otherwise.
+   *         Returns <code>false</code> otherwise.
    */
   boolean selfTest();
 
   /**
-   * <p>Returns a clone copy of this instance.</p>
-   *
+   * Returns a clone copy of this instance.
+   * 
    * @return a clone copy of this instance.
    */
   Object clone() throws CloneNotSupportedException;
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/mac/MacFactory.java b/libjava/classpath/gnu/javax/crypto/mac/MacFactory.java
index d8f8bcfcee6..5d4a561824e 100644
--- a/libjava/classpath/gnu/javax/crypto/mac/MacFactory.java
+++ b/libjava/classpath/gnu/javax/crypto/mac/MacFactory.java
@@ -48,17 +48,13 @@ import java.util.Iterator;
 import java.util.Set;
 
 /**
- * <p>A <i>Factory</i> that instantiates instances of every supported Message
- * Authentication Code algorithms, including all <i>HMAC</i> algorithms.</p>
+ * A <i>Factory</i> that instantiates instances of every supported Message
+ * Authentication Code algorithms, including all <i>HMAC</i> algorithms.
  */
-public class MacFactory implements Registry
+public class MacFactory
+    implements Registry
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
+  private static Set names;
 
   /** Trivial constructor to enforce <i>Singleton</i> pattern. */
   private MacFactory()
@@ -66,72 +62,51 @@ public class MacFactory implements Registry
     super();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns an instance of a <i>MAC</i> algorithm given its name.</p>
-   *
+   * Returns an instance of a <i>MAC</i> algorithm given its name.
+   * 
    * @param name the name of the MAC algorithm.
    * @return an instance of the <i>MAC</i> algorithm, or <code>null</code> if
-   * none can be constructed.
+   *         none can be constructed.
    * @exception InternalError if the implementation does not pass its self-test.
    */
   public static IMac getInstance(String name)
   {
     if (name == null)
-      {
-        return null;
-      }
+      return null;
 
     name = name.trim();
     name = name.toLowerCase();
     if (name.startsWith(HMAC_NAME_PREFIX))
-      {
-        return HMacFactory.getInstance(name);
-      }
+      return HMacFactory.getInstance(name);
 
     if (name.startsWith(OMAC_PREFIX))
       {
         name = name.substring(OMAC_PREFIX.length());
         IBlockCipher cipher = CipherFactory.getInstance(name);
         if (cipher == null)
-          {
-            return null;
-          }
+          return null;
         return new OMAC(cipher);
       }
-
     IMac result = null;
     if (name.equalsIgnoreCase(UHASH32))
-      {
-        result = new UHash32();
-      }
+      result = new UHash32();
     else if (name.equalsIgnoreCase(UMAC32))
-      {
-        result = new UMac32();
-      }
+      result = new UMac32();
     else if (name.equalsIgnoreCase(TMMH16))
-      {
-        result = new TMMH16();
-      }
-    //      else if (name.equalsIgnoreCase(TMMH32)) {
-    //         result = new TMMH32();
-    //      }
+      result = new TMMH16();
 
-    if (result != null && !result.selfTest())
-      {
-        throw new InternalError(result.name());
-      }
+    if (result != null && ! result.selfTest())
+      throw new InternalError(result.name());
 
     return result;
   }
 
   /**
-   * <p>Returns a {@link java.util.Set} of names of <i>MAC</i> algorithms
-   * supported by this <i>Factory</i>.</p>
-   *
-   * @return a {@link java.util.Set} of MAC names (Strings).
+   * Returns a {@link Set} of names of <i>MAC</i> algorithms supported by this
+   * <i>Factory</i>.
+   * 
+   * @return a {@link Set} of MAC names (Strings).
    */
   public static final Set getNames()
   {
@@ -144,21 +119,12 @@ public class MacFactory implements Registry
             hs.add(UHASH32);
             hs.add(UMAC32);
             hs.add(TMMH16);
-            //      hs.add(TMMH32);
-
             for (Iterator it = CipherFactory.getNames().iterator(); it.hasNext();)
-              {
-                hs.add(OMAC_PREFIX + it.next());
-              }
+              hs.add(OMAC_PREFIX + it.next());
 
             names = Collections.unmodifiableSet(hs);
           }
       }
     return names;
   }
-
-  private static Set names;
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/mac/MacInputStream.java b/libjava/classpath/gnu/javax/crypto/mac/MacInputStream.java
index 9acd18b19af..e734b1bbb4b 100644
--- a/libjava/classpath/gnu/javax/crypto/mac/MacInputStream.java
+++ b/libjava/classpath/gnu/javax/crypto/mac/MacInputStream.java
@@ -46,30 +46,19 @@ import java.io.IOException;
  * A filtering input stream that computes a MAC (message authentication code)
  * over all data read from the stream.
  */
-public class MacInputStream extends FilterInputStream
+public class MacInputStream
+    extends FilterInputStream
 {
-
-  // Field.
-  // ------------------------------------------------------------------------
-
-  /**
-   * The digesting state. The MAC is updated only if this flag is true.
-   */
+  /** The digesting state. The MAC is updated only if this flag is true. */
   private boolean digesting;
-
-  /**
-   * The MAC being updated.
-   */
+  /** The MAC being updated. */
   private IMac mac;
 
-  // Constructor.
-  // ------------------------------------------------------------------------
-
   /**
-   * Creates a new MacInputStream. The stream is initially set to digest
-   * data written, the <i>mac</i> argument must have already been initialized,
-   * and the <i>mac</i> argument is <b>not</b> cloned.
-   *
+   * Creates a new MacInputStream. The stream is initially set to digest data
+   * written, the <i>mac</i> argument must have already been initialized, and
+   * the <i>mac</i> argument is <b>not</b> cloned.
+   * 
    * @param in The underlying input stream.
    * @param mac The mac instance to use.
    */
@@ -82,12 +71,9 @@ public class MacInputStream extends FilterInputStream
     digesting = true;
   }
 
-  // Instance methods.
-  // ------------------------------------------------------------------------
-
   /**
    * Returns the MAC this stream is updating.
-   *
+   * 
    * @return The MAC.
    */
   public IMac getMac()
@@ -98,7 +84,7 @@ public class MacInputStream extends FilterInputStream
   /**
    * Sets the MAC this stream is updating, which must have already been
    * initialized. The argument is not cloned by this method.
-   *
+   * 
    * @param mac The new MAC.
    * @throws NullPointerException If the argument is null.
    */
@@ -110,9 +96,9 @@ public class MacInputStream extends FilterInputStream
   }
 
   /**
-   * Turns the digesting state on or off. When off, the MAC will not be
-   * updated when data is written to the stream.
-   *
+   * Turns the digesting state on or off. When off, the MAC will not be updated
+   * when data is written to the stream.
+   * 
    * @param flag The new digesting state.
    */
   public void on(boolean flag)
@@ -135,4 +121,4 @@ public class MacInputStream extends FilterInputStream
       mac.update(buf, off, i);
     return i;
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/mac/MacOutputStream.java b/libjava/classpath/gnu/javax/crypto/mac/MacOutputStream.java
index a48d25ba3a5..739a78497a7 100644
--- a/libjava/classpath/gnu/javax/crypto/mac/MacOutputStream.java
+++ b/libjava/classpath/gnu/javax/crypto/mac/MacOutputStream.java
@@ -43,29 +43,23 @@ import java.io.IOException;
 import java.io.OutputStream;
 
 /**
- * <p>A filtering output stream that computes a MAC (message authentication
- * code) over all data written to the stream.</p>
+ * A filtering output stream that computes a MAC (message authentication code)
+ * over all data written to the stream.
  */
-public class MacOutputStream extends FilterOutputStream
+public class MacOutputStream
+    extends FilterOutputStream
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** The digesting state. The MAC is updated only if this flag is true. */
   private boolean digesting;
-
   /** The MAC being updated. */
   private IMac mac;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Creates a new <code>MacOutputStream</code>. The stream is initially set
+   * Creates a new <code>MacOutputStream</code>. The stream is initially set
    * to digest data written, the <code>mac</code> argument must have already
-   * been initialized, and the <code>mac</code> argument is <b>not</b> cloned.</p>
-   *
+   * been initialized, and the <code>mac</code> argument is <b>not</b>
+   * cloned.
+   * 
    * @param out The underlying output stream.
    * @param mac The mac instance to use.
    */
@@ -73,19 +67,14 @@ public class MacOutputStream extends FilterOutputStream
   {
     super(out);
     if (mac == null)
-      {
-        throw new NullPointerException();
-      }
+      throw new NullPointerException();
     this.mac = mac;
     digesting = true;
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns the MAC this stream is updating.</p>
-   *
+   * Returns the MAC this stream is updating.
+   * 
    * @return The MAC.
    */
   public IMac getMac()
@@ -94,25 +83,23 @@ public class MacOutputStream extends FilterOutputStream
   }
 
   /**
-   * <p>Sets the MAC this stream is updating, which must have already been
-   * initialized. The argument is not cloned by this method.</p>
-   *
+   * Sets the MAC this stream is updating, which must have already been
+   * initialized. The argument is not cloned by this method.
+   * 
    * @param mac The non-null new MAC.
    * @throws NullPointerException If the argument is null.
    */
   public void setMac(IMac mac)
   {
     if (mac == null)
-      {
-        throw new NullPointerException();
-      }
+      throw new NullPointerException();
     this.mac = mac;
   }
 
   /**
-   * <p>Turns the digesting state on or off. When off, the MAC will not be
-   * updated when data is written to the stream.</p>
-   *
+   * Turns the digesting state on or off. When off, the MAC will not be updated
+   * when data is written to the stream.
+   * 
    * @param flag The new digesting state.
    */
   public void on(boolean flag)
@@ -123,18 +110,14 @@ public class MacOutputStream extends FilterOutputStream
   public void write(int b) throws IOException
   {
     if (digesting)
-      {
-        mac.update((byte) b);
-      }
+      mac.update((byte) b);
     out.write(b);
   }
 
   public void write(byte[] buf, int off, int len) throws IOException
   {
     if (digesting)
-      {
-        mac.update(buf, off, len);
-      }
+      mac.update(buf, off, len);
     out.write(buf, off, len);
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/mac/OMAC.java b/libjava/classpath/gnu/javax/crypto/mac/OMAC.java
index c83320a1bc4..cd753acafbc 100644
--- a/libjava/classpath/gnu/javax/crypto/mac/OMAC.java
+++ b/libjava/classpath/gnu/javax/crypto/mac/OMAC.java
@@ -38,88 +38,60 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.mac;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.Registry;
 import gnu.java.security.util.Util;
 import gnu.javax.crypto.cipher.CipherFactory;
 import gnu.javax.crypto.cipher.IBlockCipher;
 import gnu.javax.crypto.mode.IMode;
-import gnu.javax.crypto.mode.ModeFactory;
 
 import java.security.InvalidKeyException;
-
 import java.util.Arrays;
 import java.util.HashMap;
 import java.util.Map;
+import java.util.logging.Logger;
 
 /**
- * <p>The One-Key CBC MAC, OMAC. This message authentication code is based on
- * a block cipher in CBC mode.</p>
- *
- * <p>References:</p>
+ * The One-Key CBC MAC, OMAC. This message authentication code is based on a
+ * block cipher in CBC mode.
+ * <p>
+ * References:
  * <ol>
  * <li>Tetsu Iwata and Kaoru Kurosawa, <i><a
  * href="http://crypt.cis.ibaraki.ac.jp/omac/docs/omac.pdf">OMAC: One-Key CBC
  * MAC</a></i>.</li>
  * </ol>
  */
-public class OMAC implements IMac
+public class OMAC
+    implements IMac
 {
-
-  // Constants and fields.
-  // ------------------------------------------------------------------------
-
-  private static final boolean DEBUG = false;
-
-  private static void debug(String msg)
-  {
-    System.out.print(">>> OMAC: ");
-    System.out.println(msg);
-  }
-
+  private static final Logger log = Logger.getLogger(OMAC.class.getName());
   private static final byte C1 = (byte) 0x87;
-
   private static final byte C2 = 0x1b;
-
   // Test key for OMAC-AES-128
-  private static final byte[] KEY0 = Util.toBytesFromString("2b7e151628aed2a6abf7158809cf4f3c");
-
+  private static final byte[] KEY0 =
+      Util.toBytesFromString("2b7e151628aed2a6abf7158809cf4f3c");
   // Test MAC for zero-length input.
-  private static final byte[] DIGEST0 = Util.toBytesFromString("bb1d6929e95937287fa37d129b756746");
-
+  private static final byte[] DIGEST0 =
+      Util.toBytesFromString("bb1d6929e95937287fa37d129b756746");
   private static Boolean valid;
-
   private final IBlockCipher cipher;
-
   private final String name;
-
   private IMode mode;
-
   private int blockSize;
-
   private int outputSize;
-
   private byte[] Lu, Lu2;
-
   private byte[] M;
-
   private byte[] Y;
-
   private boolean init;
-
   private int index;
 
-  // Constructor.
-  // ------------------------------------------------------------------------
-
   public OMAC(IBlockCipher cipher)
   {
     this.cipher = cipher;
     this.name = "OMAC-" + cipher.name();
   }
 
-  // Instance methods.
-  // ------------------------------------------------------------------------
-
   public Object clone()
   {
     return new OMAC(cipher);
@@ -141,135 +113,89 @@ public class OMAC implements IMac
     attrib2.put(IBlockCipher.KEY_MATERIAL, attrib.get(MAC_KEY_MATERIAL));
     cipher.reset();
     cipher.init(attrib2);
-
     blockSize = cipher.currentBlockSize();
     Integer os = (Integer) attrib.get(TRUNCATED_SIZE);
     if (os != null)
       {
         outputSize = os.intValue();
         if (outputSize < 0 || outputSize > blockSize)
-          {
-            throw new IllegalArgumentException("truncated size out of range");
-          }
+          throw new IllegalArgumentException("truncated size out of range");
       }
     else
-      {
-        outputSize = blockSize;
-      }
+      outputSize = blockSize;
 
     byte[] L = new byte[blockSize];
     cipher.encryptBlock(L, 0, L, 0);
-
-    if (DEBUG)
-      {
-        debug("L = " + Util.toString(L).toLowerCase());
-      }
-
+    if (Configuration.DEBUG)
+      log.fine("L = " + Util.toString(L).toLowerCase());
     if (Lu != null)
       {
         Arrays.fill(Lu, (byte) 0);
         if (Lu.length != blockSize)
-          {
-            Lu = new byte[blockSize];
-          }
+          Lu = new byte[blockSize];
       }
     else
-      {
-        Lu = new byte[blockSize];
-      }
+      Lu = new byte[blockSize];
     if (Lu2 != null)
       {
         Arrays.fill(Lu2, (byte) 0);
         if (Lu2.length != blockSize)
-          {
-            Lu2 = new byte[blockSize];
-          }
+          Lu2 = new byte[blockSize];
       }
     else
-      {
-        Lu2 = new byte[blockSize];
-      }
+      Lu2 = new byte[blockSize];
 
     boolean msb = (L[0] & 0x80) != 0;
     for (int i = 0; i < blockSize; i++)
       {
-        Lu[i] = (byte) (L[i] << 1 & 0xFF);
+        Lu[i] = (byte)(L[i] << 1 & 0xFF);
         if (i + 1 < blockSize)
-          {
-            Lu[i] |= (byte) ((L[i + 1] & 0x80) >> 7);
-          }
+          Lu[i] |= (byte)((L[i + 1] & 0x80) >> 7);
       }
     if (msb)
       {
         if (blockSize == 16)
-          {
-            Lu[Lu.length - 1] ^= C1;
-          }
+          Lu[Lu.length - 1] ^= C1;
         else if (blockSize == 8)
-          {
-            Lu[Lu.length - 1] ^= C2;
-          }
+          Lu[Lu.length - 1] ^= C2;
         else
-          {
-            throw new IllegalArgumentException(
-                                               "unsupported cipher block size: "
-                                                   + blockSize);
-          }
-      }
-    if (DEBUG)
-      {
-        debug("Lu = " + Util.toString(Lu).toLowerCase());
+          throw new IllegalArgumentException("unsupported cipher block size: "
+                                             + blockSize);
       }
-
+    if (Configuration.DEBUG)
+      log.fine("Lu = " + Util.toString(Lu).toLowerCase());
     msb = (Lu[0] & 0x80) != 0;
     for (int i = 0; i < blockSize; i++)
       {
-        Lu2[i] = (byte) (Lu[i] << 1 & 0xFF);
+        Lu2[i] = (byte)(Lu[i] << 1 & 0xFF);
         if (i + 1 < blockSize)
-          {
-            Lu2[i] |= (byte) ((Lu[i + 1] & 0x80) >> 7);
-          }
+          Lu2[i] |= (byte)((Lu[i + 1] & 0x80) >> 7);
       }
     if (msb)
       {
         if (blockSize == 16)
-          {
-            Lu2[Lu2.length - 1] ^= C1;
-          }
+          Lu2[Lu2.length - 1] ^= C1;
         else
-          {
-            Lu2[Lu2.length - 1] ^= C2;
-          }
-      }
-    if (DEBUG)
-      {
-        debug("Lu2 = " + Util.toString(Lu2).toLowerCase());
+          Lu2[Lu2.length - 1] ^= C2;
       }
-
+    if (Configuration.DEBUG)
+      log.fine("Lu2 = " + Util.toString(Lu2).toLowerCase());
     if (M != null)
       {
         Arrays.fill(M, (byte) 0);
         if (M.length != blockSize)
-          {
-            M = new byte[blockSize];
-          }
+          M = new byte[blockSize];
       }
     else
-      {
-        M = new byte[blockSize];
-      }
+      M = new byte[blockSize];
     if (Y != null)
       {
         Arrays.fill(Y, (byte) 0);
         if (Y.length != blockSize)
-          {
-            Y = new byte[blockSize];
-          }
+          Y = new byte[blockSize];
       }
     else
-      {
-        Y = new byte[blockSize];
-      }
+      Y = new byte[blockSize];
 
     index = 0;
     init = true;
@@ -277,10 +203,8 @@ public class OMAC implements IMac
 
   public void update(byte b)
   {
-    if (!init)
-      {
-        throw new IllegalStateException("not initialized");
-      }
+    if (! init)
+      throw new IllegalStateException("not initialized");
     if (index == M.length)
       {
         process();
@@ -291,15 +215,11 @@ public class OMAC implements IMac
 
   public void update(byte[] buf, int off, int len)
   {
-    if (!init)
-      {
-        throw new IllegalStateException("not initialized");
-      }
+    if (! init)
+      throw new IllegalStateException("not initialized");
     if (off < 0 || len < 0 || off + len > buf.length)
-      {
-        throw new IndexOutOfBoundsException("size=" + buf.length + "; off="
-                                            + off + "; len=" + len);
-      }
+      throw new IndexOutOfBoundsException("size=" + buf.length + "; off=" + off
+                                          + "; len=" + len);
     for (int i = 0; i < len;)
       {
         if (index == blockSize)
@@ -323,30 +243,22 @@ public class OMAC implements IMac
 
   public void digest(byte[] out, int off)
   {
-    if (!init)
-      {
-        throw new IllegalStateException("not initialized");
-      }
+    if (! init)
+      throw new IllegalStateException("not initialized");
     if (off < 0 || off + outputSize > out.length)
-      {
-        throw new IndexOutOfBoundsException("size=" + out.length + "; off="
-                                            + off + "; len=" + outputSize);
-      }
+      throw new IndexOutOfBoundsException("size=" + out.length + "; off=" + off
+                                          + "; len=" + outputSize);
     byte[] T = new byte[blockSize];
     byte[] L = Lu;
     if (index < blockSize)
       {
         M[index++] = (byte) 0x80;
         while (index < blockSize)
-          {
-            M[index++] = 0;
-          }
+          M[index++] = 0;
         L = Lu2;
       }
     for (int i = 0; i < blockSize; i++)
-      {
-        T[i] = (byte) (M[i] ^ Y[i] ^ L[i]);
-      }
+      T[i] = (byte)(M[i] ^ Y[i] ^ L[i]);
     cipher.encryptBlock(T, 0, T, 0);
     System.arraycopy(T, 0, out, off, outputSize);
     reset();
@@ -356,13 +268,9 @@ public class OMAC implements IMac
   {
     index = 0;
     if (Y != null)
-      {
-        Arrays.fill(Y, (byte) 0);
-      }
+      Arrays.fill(Y, (byte) 0);
     if (M != null)
-      {
-        Arrays.fill(M, (byte) 0);
-      }
+      Arrays.fill(M, (byte) 0);
   }
 
   public boolean selfTest()
@@ -382,21 +290,14 @@ public class OMAC implements IMac
         return false;
       }
     if (digest == null)
-      {
-        return false;
-      }
+      return false;
     return Arrays.equals(DIGEST0, digest);
   }
 
-  // Own methods.
-  // ------------------------------------------------------------------------
-
   private void process()
   {
     for (int i = 0; i < blockSize; i++)
-      {
-        M[i] = (byte) (M[i] ^ Y[i]);
-      }
+      M[i] = (byte)(M[i] ^ Y[i]);
     cipher.encryptBlock(M, 0, Y, 0);
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/mac/TMMH16.java b/libjava/classpath/gnu/javax/crypto/mac/TMMH16.java
index af6e78fcf87..0a7b4a6caeb 100644
--- a/libjava/classpath/gnu/javax/crypto/mac/TMMH16.java
+++ b/libjava/classpath/gnu/javax/crypto/mac/TMMH16.java
@@ -46,91 +46,63 @@ import java.security.InvalidKeyException;
 import java.util.Map;
 
 /**
- * <p><i>TMMH</i> is a <i>universal</i> hash function suitable for message
+ * <i>TMMH</i> is a <i>universal</i> hash function suitable for message
  * authentication in the Wegman-Carter paradigm, as in the Stream Cipher
  * Security Transform. It is simple, quick, and especially appropriate for
  * Digital Signal Processors and other processors with a fast multiply
  * operation, though a straightforward implementation requires storage equal in
- * length to the largest message to be hashed.</p>
- *
- * <p><i>TMMH</i> is a simple hash function which maps a key and a message to a
+ * length to the largest message to be hashed.
+ * <p>
+ * <i>TMMH</i> is a simple hash function which maps a key and a message to a
  * hash value. There are two versions of TMMH: TMMH/16 and TMMH/32. <i>TMMH</i>
  * can be used as a message authentication code, as described in Section 5 (see
- * References).</p>
- *
- * <p>The key, message, and hash value are all octet strings, and the lengths of
+ * References).
+ * <p>
+ * The key, message, and hash value are all octet strings, and the lengths of
  * these quantities are denoted as <code>KEY_LENGTH</code>,
- * <code>MESSAGE_LENGTH</code>, and <code>TAG_LENGTH</code>, respectively. The
- * values of <code>KEY_LENGTH</code> and <code>TAG_LENGTH</code>
+ * <code>MESSAGE_LENGTH</code>, and <code>TAG_LENGTH</code>, respectively.
+ * The values of <code>KEY_LENGTH</code> and <code>TAG_LENGTH</code>
  * <bold>MUST</bold> be fixed for any particular fixed value of the key, and
- * must obey the alignment restrictions described below.</p>
- *
- * <p>The parameter <code>MAX_HASH_LENGTH</code>, which denotes the maximum
+ * must obey the alignment restrictions described below.
+ * <p>
+ * The parameter <code>MAX_HASH_LENGTH</code>, which denotes the maximum
  * value which <code>MESSAGE_LENGTH</code> may take, is equal to
- * <code>KEY_LENGTH - TAG_LENGTH</code>.</p>
- *
- * <p>References:</p>
- *
+ * <code>KEY_LENGTH - TAG_LENGTH</code>.
+ * <p>
+ * References:
  * <ol>
- *    <li><a
- href="http://www.ietf.org/internet-drafts/draft-mcgrew-saag-tmmh-01.txt">
- *    The Truncated Multi-Modular Hash Function (TMMH)</a>, David A. McGrew.</li>
+ * <li><a
+ * href="http://www.ietf.org/internet-drafts/draft-mcgrew-saag-tmmh-01.txt"> The
+ * Truncated Multi-Modular Hash Function (TMMH)</a>, David A. McGrew.</li>
  * </ol>
  */
-public class TMMH16 extends BaseMac implements Cloneable
+public class TMMH16
+    extends BaseMac
+    implements Cloneable
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   public static final String TAG_LENGTH = "gnu.crypto.mac.tmmh.tag.length";
-
   public static final String KEYSTREAM = "gnu.crypto.mac.tmmh.keystream";
-
   public static final String PREFIX = "gnu.crypto.mac.tmmh.prefix";
-
   private static final int P = (1 << 16) + 1; // the TMMH/16 prime
-
   /** caches the result of the correctness test, once executed. */
   private static Boolean valid;
-
   private int tagWords = 0; // the tagLength expressed in words
-
   private IRandom keystream = null; // the keystream generator
-
   private byte[] prefix; // mask to use when operating as an authentication f.
-
   private long keyWords; // key words counter
-
   private long msgLength; // in bytes
-
   private long msgWords; // should be = msgLength * WORD_LENGTH
-
   private int[] context; // the tmmh running context; length == TAG_WORDS
-
   private int[] K0; // the first TAG_WORDS words of the keystream
-
   private int[] Ki; // the sliding TAG_WORDS words of the keystream
-
   private int Mi; // current message word being constructed
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial 0-arguments constructor. */
   public TMMH16()
   {
     super(Registry.TMMH16);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // gnu.crypto.mac.IMac interface implementation ----------------------------
-
   public int macSize()
   {
     return tagWords * 2;
@@ -143,22 +115,17 @@ public class TMMH16 extends BaseMac implements Cloneable
     Integer tagLength = (Integer) attributes.get(TAG_LENGTH); // get tag length
     if (tagLength == null)
       {
-        if (tagWords == 0)
-          { // was never set
-            throw new IllegalArgumentException(TAG_LENGTH);
-          } // else re-use
+        if (tagWords == 0) // was never set
+          throw new IllegalArgumentException(TAG_LENGTH);
+        // else re-use
       }
-    else
-      { // check if positive and is divisible by WORD_LENGTH
+    else // check if positive and is divisible by WORD_LENGTH
+      {
         wantTagLength = tagLength.intValue();
         if (wantTagLength < 2 || (wantTagLength % 2 != 0))
-          {
-            throw new IllegalArgumentException(TAG_LENGTH);
-          }
-        else if (wantTagLength > (512 / 8))
-          { // 512-bits is our maximum
-            throw new IllegalArgumentException(TAG_LENGTH);
-          }
+          throw new IllegalArgumentException(TAG_LENGTH);
+        else if (wantTagLength > (512 / 8)) // 512-bits is our maximum
+          throw new IllegalArgumentException(TAG_LENGTH);
 
         tagWords = wantTagLength / 2; // init local vars
         K0 = new int[tagWords];
@@ -167,36 +134,27 @@ public class TMMH16 extends BaseMac implements Cloneable
       }
 
     prefix = (byte[]) attributes.get(PREFIX);
-    if (prefix == null)
-      { // default to all-zeroes
-        prefix = new byte[tagWords * 2];
-      }
-    else
-      { // ensure it's as long as it should
+    if (prefix == null) // default to all-zeroes
+      prefix = new byte[tagWords * 2];
+    else // ensure it's as long as it should
+      {
         if (prefix.length != tagWords * 2)
-          {
-            throw new IllegalArgumentException(PREFIX);
-          }
+          throw new IllegalArgumentException(PREFIX);
       }
 
     IRandom prng = (IRandom) attributes.get(KEYSTREAM); // get keystream
     if (prng == null)
       {
         if (keystream == null)
-          {
-            throw new IllegalArgumentException(KEYSTREAM);
-          } // else reuse
+          throw new IllegalArgumentException(KEYSTREAM);
+        // else reuse
       }
     else
-      {
-        keystream = prng;
-      }
+      keystream = prng;
 
     reset(); // reset context variables
-    for (int i = 0; i < tagWords; i++)
-      { // init starting key words
-        Ki[i] = K0[i] = getNextKeyWord(keystream);
-      }
+    for (int i = 0; i < tagWords; i++) // init starting key words
+      Ki[i] = K0[i] = getNextKeyWord(keystream);
   }
 
   // The words of the key are denoted as K[1], K[2], ..., K[KEY_WORDS], and the
@@ -206,12 +164,12 @@ public class TMMH16 extends BaseMac implements Cloneable
   //
   // If MESSAGE_LENGTH is greater than MAX_HASH_LENGTH, then the value of
   // TMMH/16 is undefined. Implementations MUST indicate an error if asked to
-  // hash a message with such a length.  Otherwise, the hash value is defined
+  // hash a message with such a length. Otherwise, the hash value is defined
   // to be the length TAG_WORDS sequence of words in which the j-th word in the
   // sequence is defined as
   //
   // [ [ K[j] * MESSAGE_LENGTH +32 K[j+1] * M[1] +32 K[j+2] * M[2]
-  //   +32 ... K[j+MSG_WORDS] * M[MSG_WORDS] ] modulo p ] modulo 2^16
+  // +32 ... K[j+MSG_WORDS] * M[MSG_WORDS] ] modulo p ] modulo 2^16
   //
   // where j ranges from 1 to TAG_WORDS.
   public void update(byte b)
@@ -222,23 +180,21 @@ public class TMMH16 extends BaseMac implements Cloneable
   public void update(byte[] b, int offset, int len)
   {
     for (int i = 0; i < len; i++)
-      {
-        this.update(b[offset + i], keystream);
-      }
+      this.update(b[offset + i], keystream);
   }
 
   // For TMMH/16, KEY_LENGTH and TAG_LENGTH MUST be a multiple of two. The key,
   // message, and hash value are treated as a sequence of unsigned sixteen bit
-  // integers in network byte order.  (In this section, we call such an integer
-  // a word.)  If MESSAGE_LENGTH is odd, then a zero byte is appended to the
+  // integers in network byte order. (In this section, we call such an integer
+  // a word.) If MESSAGE_LENGTH is odd, then a zero byte is appended to the
   // message to align it on a word boundary, though this process does not
   // change the value of MESSAGE_LENGTH.
   //
-  // ...  Otherwise, the hash value is defined to be the length TAG_WORDS
+  // ... Otherwise, the hash value is defined to be the length TAG_WORDS
   // sequence of words in which the j-th word in the sequence is defined as
   //
   // [ [ K[j] * MESSAGE_LENGTH +32 K[j+1] * M[1] +32 K[j+2] * M[2]
-  //   +32 ... K[j+MSG_WORDS] * M[MSG_WORDS] ] modulo p ] modulo 2^16
+  // +32 ... K[j+MSG_WORDS] * M[MSG_WORDS] ] modulo p ] modulo 2^16
   //
   // where j ranges from 1 to TAG_WORDS.
   //
@@ -255,9 +211,7 @@ public class TMMH16 extends BaseMac implements Cloneable
     msgLength = msgWords = keyWords = 0L;
     Mi = 0;
     for (int i = 0; i < tagWords; i++)
-      {
-        context[i] = 0;
-      }
+      context[i] = 0;
   }
 
   public boolean selfTest()
@@ -265,42 +219,31 @@ public class TMMH16 extends BaseMac implements Cloneable
     if (valid == null)
       {
         // TODO: compute and test equality with one known vector
-
         valid = Boolean.TRUE;
       }
     return valid.booleanValue();
   }
 
-  // Cloneable interface implementation ---------------------------------------
-
   public Object clone() throws CloneNotSupportedException
   {
     TMMH16 result = (TMMH16) super.clone();
-
     if (this.keystream != null)
       result.keystream = (IRandom) this.keystream.clone();
-
     if (this.prefix != null)
       result.prefix = (byte[]) this.prefix.clone();
-
     if (this.context != null)
       result.context = (int[]) this.context.clone();
-
     if (this.K0 != null)
       result.K0 = (int[]) this.K0.clone();
-
     if (this.Ki != null)
       result.Ki = (int[]) this.Ki.clone();
-
     return result;
   }
 
-  // own methods -------------------------------------------------------------
-
   /**
-   * <p>Similar to the same method with one argument, but uses the designated
-   * random number generator to compute needed keying material.</p>
-   *
+   * Similar to the same method with one argument, but uses the designated
+   * random number generator to compute needed keying material.
+   * 
    * @param b the byte to process.
    * @param prng the source of randomness to use.
    */
@@ -309,14 +252,14 @@ public class TMMH16 extends BaseMac implements Cloneable
     Mi <<= 8; // update message buffer
     Mi |= b & 0xFF;
     msgLength++; // update message length (bytes)
-    if (msgLength % 2 == 0)
-      { // got a full word
+    if (msgLength % 2 == 0) // got a full word
+      {
         msgWords++; // update message words counter
         System.arraycopy(Ki, 1, Ki, 0, tagWords - 1); // 1. shift Ki up by 1
         Ki[tagWords - 1] = getNextKeyWord(prng); // 2. fill last box of Ki
         long t; // temp var to allow working in modulo 2^32
-        for (int i = 0; i < tagWords; i++)
-          { // 3. update context
+        for (int i = 0; i < tagWords; i++) // 3. update context
+          {
             t = context[i] & 0xFFFFFFFFL;
             t += Ki[i] * Mi;
             context[i] = (int) t;
@@ -326,28 +269,26 @@ public class TMMH16 extends BaseMac implements Cloneable
   }
 
   /**
-   * <p>Similar to the same method with three arguments, but uses the
-   * designated random number generator to compute needed keying material.</p>
-   *
+   * Similar to the same method with three arguments, but uses the designated
+   * random number generator to compute needed keying material.
+   * 
    * @param b the byte array to process.
    * @param offset the starting offset in <code>b</code> to start considering
-   * the bytes to process.
+   *          the bytes to process.
    * @param len the number of bytes in <code>b</code> starting from
-   * <code>offset</code> to process.
+   *          <code>offset</code> to process.
    * @param prng the source of randomness to use.
    */
   public void update(byte[] b, int offset, int len, IRandom prng)
   {
     for (int i = 0; i < len; i++)
-      {
-        this.update(b[offset + i], prng);
-      }
+      this.update(b[offset + i], prng);
   }
 
   /**
-   * <p>Similar to the same method with no arguments, but uses the designated
-   * random number generator to compute needed keying material.</p>
-   *
+   * Similar to the same method with no arguments, but uses the designated
+   * random number generator to compute needed keying material.
+   * 
    * @param prng the source of randomness to use.
    * @return the final result of the algorithm.
    */
@@ -357,12 +298,11 @@ public class TMMH16 extends BaseMac implements Cloneable
     byte[] result = new byte[tagWords * 2];
     for (int i = 0, j = 0; i < tagWords; i++)
       {
-        result[j] = (byte) ((context[i] >>> 8) ^ prefix[j]);
+        result[j] = (byte)((context[i] >>> 8) ^ prefix[j]);
         j++;
-        result[j] = (byte) (context[i] ^ prefix[j]);
+        result[j] = (byte)(context[i] ^ prefix[j]);
         j++;
       }
-
     reset();
     return result;
   }
@@ -378,7 +318,6 @@ public class TMMH16 extends BaseMac implements Cloneable
       {
         throw new RuntimeException(String.valueOf(x));
       }
-
     keyWords++; // update key words counter
     return result;
   }
@@ -387,9 +326,7 @@ public class TMMH16 extends BaseMac implements Cloneable
   {
     long limit = msgLength; // formula works on real message length
     while (msgLength % 2 != 0)
-      {
-        update((byte) 0x00, prng);
-      }
+      update((byte) 0x00, prng);
     long t;
     for (int i = 0; i < tagWords; i++)
       {
diff --git a/libjava/classpath/gnu/javax/crypto/mac/UHash32.java b/libjava/classpath/gnu/javax/crypto/mac/UHash32.java
index 8abb0255ed4..737e9ce24ec 100644
--- a/libjava/classpath/gnu/javax/crypto/mac/UHash32.java
+++ b/libjava/classpath/gnu/javax/crypto/mac/UHash32.java
@@ -40,7 +40,6 @@ package gnu.javax.crypto.mac;
 
 import gnu.java.security.prng.IRandom;
 import gnu.java.security.prng.LimitReachedException;
-
 import gnu.javax.crypto.cipher.IBlockCipher;
 import gnu.javax.crypto.prng.UMacGenerator;
 
@@ -51,103 +50,63 @@ import java.util.HashMap;
 import java.util.Map;
 
 /**
- * <p><i>UHASH</i> is a keyed hash function, which takes as input a string of
+ * <i>UHASH</i> is a keyed hash function, which takes as input a string of
  * arbitrary length, and produces as output a string of fixed length (such as 8
- * bytes). The actual output length depends on the parameter UMAC-OUTPUT-LEN.</p>
- *
- * <p><i>UHASH</i> has been shown to be <i>epsilon-ASU</i> ("Almost Strongly
+ * bytes). The actual output length depends on the parameter UMAC-OUTPUT-LEN.
+ * <p>
+ * <i>UHASH</i> has been shown to be <i>epsilon-ASU</i> ("Almost Strongly
  * Universal"), where epsilon is a small (parameter-dependent) real number.
  * Informally, saying that a keyed hash function is <i>epsilon-ASU</i> means
  * that for any two distinct fixed input strings, the two outputs of the hash
  * function with a random key "look almost like a pair of random strings". The
- * number epsilon measures how non-random the output strings may be.</p>
- *
- * <i>UHASH</i> has been designed to be fast by exploiting several architectural
- * features of modern commodity processors. It was specifically designed for use
- * in <i>UMAC</i>. But <i>UHASH</i> is useful beyond that domain, and can be
- * easily adopted for other purposes.</p>
- *
+ * number epsilon measures how non-random the output strings may be.
+ * <p>
+ * <i>UHASH</i> has been designed to be fast by exploiting several
+ * architectural features of modern commodity processors. It was specifically
+ * designed for use in <i>UMAC</i>. But <i>UHASH</i> is useful beyond that
+ * domain, and can be easily adopted for other purposes.
+ * <p>
  * <i>UHASH</i> does its work in three layers. First, a hash function called
  * <code>NH</code> is used to compress input messages into strings which are
  * typically many times smaller than the input message. Second, the compressed
  * message is hashed with an optimized <i>polynomial hash function</i> into a
  * fixed-length 16-byte string. Finally, the 16-byte string is hashed using an
- * <i>inner-product hash</i> into a string of length WORD-LEN bytes. These three
- * layers are repeated (with a modified key) until the outputs total
- * UMAC-OUTPUT-LEN bytes.</p>
- *
- * <p>References:</p>
- *
+ * <i>inner-product hash</i> into a string of length WORD-LEN bytes. These
+ * three layers are repeated (with a modified key) until the outputs total
+ * UMAC-OUTPUT-LEN bytes.
+ * <p>
+ * References:
  * <ol>
- *    <li><a href="http://www.ietf.org/internet-drafts/draft-krovetz-umac-01.txt">
- *    UMAC</a>: Message Authentication Code using Universal Hashing.<br>
- *    T. Krovetz, J. Black, S. Halevi, A. Hevia, H. Krawczyk, and P. Rogaway.</li>
+ * <li><a href="http://www.ietf.org/internet-drafts/draft-krovetz-umac-01.txt">
+ * UMAC</a>: Message Authentication Code using Universal Hashing.<br>
+ * T. Krovetz, J. Black, S. Halevi, A. Hevia, H. Krawczyk, and P. Rogaway.</li>
  * </ol>
  */
-public class UHash32 extends BaseMac
+public class UHash32
+    extends BaseMac
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   // UMAC prime values
   private static final BigInteger PRIME_19 = BigInteger.valueOf(0x7FFFFL);
-
   private static final BigInteger PRIME_32 = BigInteger.valueOf(0xFFFFFFFBL);
-
   private static final BigInteger PRIME_36 = BigInteger.valueOf(0xFFFFFFFFBL);
-
-  private static final BigInteger PRIME_64 = new BigInteger(
-                                                            1,
-                                                            new byte[] {
-                                                                        (byte) 0xFF,
-                                                                        (byte) 0xFF,
-                                                                        (byte) 0xFF,
-                                                                        (byte) 0xFF,
-                                                                        (byte) 0xFF,
-                                                                        (byte) 0xFF,
-                                                                        (byte) 0xFF,
-                                                                        (byte) 0xC5 });
-
-  private static final BigInteger PRIME_128 = new BigInteger(
-                                                             1,
-                                                             new byte[] {
-                                                                         (byte) 0xFF,
-                                                                         (byte) 0xFF,
-                                                                         (byte) 0xFF,
-                                                                         (byte) 0xFF,
-                                                                         (byte) 0xFF,
-                                                                         (byte) 0xFF,
-                                                                         (byte) 0xFF,
-                                                                         (byte) 0xFF,
-                                                                         (byte) 0xFF,
-                                                                         (byte) 0xFF,
-                                                                         (byte) 0xFF,
-                                                                         (byte) 0xFF,
-                                                                         (byte) 0xFF,
-                                                                         (byte) 0xFF,
-                                                                         (byte) 0xFF,
-                                                                         (byte) 0x61 });
-
+  private static final BigInteger PRIME_64 = new BigInteger(1, new byte[] {
+      (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF,
+      (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xC5 });
+  private static final BigInteger PRIME_128 = new BigInteger(1, new byte[] {
+      (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF,
+      (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF,
+      (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF,
+      (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0x61 });
   static final BigInteger TWO = BigInteger.valueOf(2L);
-
   static final long BOUNDARY = TWO.shiftLeft(17).longValue();
-
   // 2**64 - 2**32
   static final BigInteger LOWER_RANGE = TWO.pow(64).subtract(TWO.pow(32));
-
   // 2**128 - 2**96
   static final BigInteger UPPER_RANGE = TWO.pow(128).subtract(TWO.pow(96));
-
   static final byte[] ALL_ZEROES = new byte[32];
-
   int streams;
-
   L1Hash32[] l1hash;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial 0-arguments constructor. */
   public UHash32()
   {
@@ -155,7 +114,7 @@ public class UHash32 extends BaseMac
   }
 
   /**
-   * <p>Private constructor for cloning purposes.</p>
+   * Private constructor for cloning purposes.
    *
    * @param that the instance to clone.
    */
@@ -166,24 +125,15 @@ public class UHash32 extends BaseMac
     this.streams = that.streams;
     if (that.l1hash != null)
       {
-        //         this.l1hash = new L1Hash32[that.l1hash.length];
         this.l1hash = new L1Hash32[that.streams];
-        //         for (int i = 0; i < that.l1hash.length; i++) {
         for (int i = 0; i < that.streams; i++)
-          {
-            if (that.l1hash[i] != null)
-              {
-                this.l1hash[i] = (L1Hash32) that.l1hash[i].clone();
-              }
-          }
+          if (that.l1hash[i] != null)
+            this.l1hash[i] = (L1Hash32) that.l1hash[i].clone();
       }
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>The prime numbers used in UMAC are:</p>
+   * The prime numbers used in UMAC are:
    * <pre>
    *   +-----+--------------------+---------------------------------------+
    *   |  x  | prime(x) [Decimal] | prime(x) [Hexadecimal]                |
@@ -219,18 +169,11 @@ public class UHash32 extends BaseMac
       }
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.lang.Cloneable interface implementation ----------------------------
-
   public Object clone()
   {
     return new UHash32(this);
   }
 
-  // gnu.crypto.mac.IMac interface implementation ----------------------------
-
   public int macSize()
   {
     return UMac32.OUTPUT_LEN;
@@ -241,18 +184,12 @@ public class UHash32 extends BaseMac
   {
     byte[] K = (byte[]) attributes.get(MAC_KEY_MATERIAL);
     if (K == null)
-      {
-        throw new InvalidKeyException("Null Key");
-      }
+      throw new InvalidKeyException("Null Key");
     if (K.length != UMac32.KEY_LEN)
-      {
-        throw new InvalidKeyException("Invalid Key length: "
-                                      + String.valueOf(K.length));
-      }
-
+      throw new InvalidKeyException("Invalid Key length: "
+                                    + String.valueOf(K.length));
     // Calculate iterations needed to make UMAC-OUTPUT-LEN bytes
     streams = (UMac32.OUTPUT_LEN + 3) / 4;
-
     // Define total key needed for all iterations using UMacGenerator.
     // L1Key and L3Key1 both reuse most key between iterations.
     IRandom kdf1 = new UMacGenerator();
@@ -261,15 +198,14 @@ public class UHash32 extends BaseMac
     IRandom kdf4 = new UMacGenerator();
     Map map = new HashMap();
     map.put(IBlockCipher.KEY_MATERIAL, K);
-    map.put(UMacGenerator.INDEX, new Integer(0));
+    map.put(UMacGenerator.INDEX, Integer.valueOf(0));
     kdf1.init(map);
-    map.put(UMacGenerator.INDEX, new Integer(1));
+    map.put(UMacGenerator.INDEX, Integer.valueOf(1));
     kdf2.init(map);
-    map.put(UMacGenerator.INDEX, new Integer(2));
+    map.put(UMacGenerator.INDEX, Integer.valueOf(2));
     kdf3.init(map);
-    map.put(UMacGenerator.INDEX, new Integer(3));
+    map.put(UMacGenerator.INDEX, Integer.valueOf(3));
     kdf4.init(map);
-
     // need to generate all bytes for use later in a Toepliz construction
     byte[] L1Key = new byte[UMac32.L1_KEY_LEN + (streams - 1) * 16];
     try
@@ -297,7 +233,6 @@ public class UHash32 extends BaseMac
             x.printStackTrace(System.err);
             throw new RuntimeException("KDF for L2Key reached limit");
           }
-
         byte[] k31 = new byte[64];
         try
           {
@@ -308,7 +243,6 @@ public class UHash32 extends BaseMac
             x.printStackTrace(System.err);
             throw new RuntimeException("KDF for L3Key1 reached limit");
           }
-
         byte[] k32 = new byte[4];
         try
           {
@@ -319,7 +253,6 @@ public class UHash32 extends BaseMac
             x.printStackTrace(System.err);
             throw new RuntimeException("KDF for L3Key2 reached limit");
           }
-
         L1Hash32 mac = new L1Hash32();
         mac.init(k1, k2, k31, k32);
         l1hash[i] = mac;
@@ -329,17 +262,13 @@ public class UHash32 extends BaseMac
   public void update(byte b)
   {
     for (int i = 0; i < streams; i++)
-      {
-        l1hash[i].update(b);
-      }
+      l1hash[i].update(b);
   }
 
   public void update(byte[] b, int offset, int len)
   {
     for (int i = 0; i < len; i++)
-      {
-        this.update(b[offset + i]);
-      }
+      this.update(b[offset + i]);
   }
 
   public byte[] digest()
@@ -357,9 +286,7 @@ public class UHash32 extends BaseMac
   public void reset()
   {
     for (int i = 0; i < streams; i++)
-      {
-        l1hash[i].reset();
-      }
+      l1hash[i].reset();
   }
 
   public boolean selfTest()
@@ -367,38 +294,20 @@ public class UHash32 extends BaseMac
     return true;
   }
 
-  // helper methods ----------------------------------------------------------
-
-  // Inner classes
-  // =========================================================================
-
   /**
    * First hash stage of the UHash32 algorithm.
    */
-  class L1Hash32 implements Cloneable
+  class L1Hash32
+      implements Cloneable
   {
-
-    // Constants and variables
-    // ----------------------------------------------------------------------
-
     private int[] key; // key material as an array of 32-bit ints
-
     private byte[] buffer; // work buffer L1_KEY_LEN long
-
     private int count; // meaningful bytes in buffer
-
     private ByteArrayOutputStream Y;
-
-    //      private byte[] y;
     private long totalCount;
-
     private L2Hash32 l2hash;
-
     private L3Hash32 l3hash;
 
-    // Constructor(s)
-    // ----------------------------------------------------------------------
-
     /** Trivial 0-arguments constructor. */
     L1Hash32()
     {
@@ -412,7 +321,7 @@ public class UHash32 extends BaseMac
     }
 
     /**
-     * <p>Private constructor for cloning purposes.</p>
+     * Private constructor for cloning purposes.
      *
      * @param that the instance to clone.
      */
@@ -427,38 +336,23 @@ public class UHash32 extends BaseMac
       this.Y.write(otherY, 0, otherY.length);
       this.totalCount = that.totalCount;
       if (that.l2hash != null)
-        {
-          this.l2hash = (L2Hash32) that.l2hash.clone();
-        }
+        this.l2hash = (L2Hash32) that.l2hash.clone();
       if (that.l3hash != null)
-        {
-          this.l3hash = (L3Hash32) that.l3hash.clone();
-        }
+        this.l3hash = (L3Hash32) that.l3hash.clone();
     }
 
-    // Class methods
-    // ----------------------------------------------------------------------
-
-    // Instance methods
-    // ----------------------------------------------------------------------
-
-    // java.lang.Cloneable interface implementation -------------------------
-
     public Object clone()
     {
       return new L1Hash32(this);
     }
 
-    // other instance methods -----------------------------------------------
-
     public void init(byte[] k1, byte[] k2, byte[] k31, byte[] k32)
     {
       for (int i = 0, j = 0; i < (UMac32.L1_KEY_LEN / 4); i++)
-        {
-          key[i] = k1[j++] << 24 | (k1[j++] & 0xFF) << 16
-                   | (k1[j++] & 0xFF) << 8 | (k1[j++] & 0xFF);
-        }
-
+        key[i] =  k1[j++]         << 24
+               | (k1[j++] & 0xFF) << 16
+               | (k1[j++] & 0xFF) << 8
+               | (k1[j++] & 0xFF);
       l2hash = new L2Hash32(k2);
       l3hash = new L3Hash32(k31, k32);
     }
@@ -484,8 +378,8 @@ public class UHash32 extends BaseMac
 
           // For each iteration, extract key and three-layer hash.
           // If length(M) <= L1_KEY_LEN, then skip L2-HASH.
-          if (Y.size() == 16)
-            { // we already hashed twice L1_KEY_LEN
+          if (Y.size() == 16) // we already hashed twice L1_KEY_LEN
+            {
               byte[] A = Y.toByteArray();
               Y.reset();
               l2hash.update(A, 0, 16);
@@ -508,19 +402,16 @@ public class UHash32 extends BaseMac
           byte[] y = nh32(count);
           Y.write(y, 0, 8);
         }
-
       byte[] A = Y.toByteArray();
       Y.reset();
       byte[] B;
       if (totalCount <= UMac32.L1_KEY_LEN)
         {
           // we might have 'update'd the bytes already. check
-          if (A.length == 0)
-            { // we did
-              B = l2hash.digest();
-            }
-          else
-            { // did not
+          if (A.length == 0) // we did
+            B = l2hash.digest();
+          else // did not
+            {
               B = new byte[16];
               System.arraycopy(A, 0, B, 8, 8);
             }
@@ -528,12 +419,9 @@ public class UHash32 extends BaseMac
       else
         {
           if (A.length != 0)
-            {
-              l2hash.update(A, 0, A.length);
-            }
+            l2hash.update(A, 0, A.length);
           B = l2hash.digest();
         }
-
       byte[] result = l3hash.digest(B);
       reset();
       return result;
@@ -545,13 +433,9 @@ public class UHash32 extends BaseMac
       Y.reset();
       totalCount = 0L;
       if (l2hash != null)
-        {
-          l2hash.reset();
-        }
+        l2hash.reset();
     }
 
-    // helper methods -------------------------------------------------------
-
     /**
      * 5.1  NH-32: NH hashing with a 32-bit word size.
      *
@@ -562,116 +446,87 @@ public class UHash32 extends BaseMac
     {
       // Break M and K into 4-byte chunks
       int t = len / 4;
-
       // Let M_1, M_2, ..., M_t be 4-byte strings
       // so that M = M_1 || M_2 || .. || M_t.
       // Let K_1, K_2, ..., K_t be 4-byte strings
       // so that K_1 || K_2 || .. || K_t  is a prefix of K.
       int[] m = new int[t];
-
       int i;
       int j = 0;
       for (i = 0, j = 0; i < t; i++)
-        {
-          m[i] = buffer[j++] << 24 | (buffer[j++] & 0xFF) << 16
-                 | (buffer[j++] & 0xFF) << 8 | (buffer[j++] & 0xFF);
-        }
-
+        m[i] =  buffer[j++]         << 24
+             | (buffer[j++] & 0xFF) << 16
+             | (buffer[j++] & 0xFF) << 8
+             | (buffer[j++] & 0xFF);
       // Perform NH hash on the chunks, pairing words for multiplication
       // which are 4 apart to accommodate vector-parallelism.
       long result = len * 8L;
       for (i = 0; i < t; i += 8)
         {
           result += ((m[i + 0] + key[i + 0]) & 0xFFFFFFFFL)
-                    * ((m[i + 4] + key[i + 4]) & 0xFFFFFFFFL);
+                  * ((m[i + 4] + key[i + 4]) & 0xFFFFFFFFL);
           result += ((m[i + 1] + key[i + 1]) & 0xFFFFFFFFL)
-                    * ((m[i + 5] + key[i + 5]) & 0xFFFFFFFFL);
+                  * ((m[i + 5] + key[i + 5]) & 0xFFFFFFFFL);
           result += ((m[i + 2] + key[i + 2]) & 0xFFFFFFFFL)
-                    * ((m[i + 6] + key[i + 6]) & 0xFFFFFFFFL);
+                  * ((m[i + 6] + key[i + 6]) & 0xFFFFFFFFL);
           result += ((m[i + 3] + key[i + 3]) & 0xFFFFFFFFL)
-                    * ((m[i + 7] + key[i + 7]) & 0xFFFFFFFFL);
+                  * ((m[i + 7] + key[i + 7]) & 0xFFFFFFFFL);
         }
-
-      return new byte[] { (byte) (result >>> 56), (byte) (result >>> 48),
-                         (byte) (result >>> 40), (byte) (result >>> 32),
-                         (byte) (result >>> 24), (byte) (result >>> 16),
-                         (byte) (result >>> 8), (byte) result };
+      return new byte[] {
+          (byte)(result >>> 56), (byte)(result >>> 48),
+          (byte)(result >>> 40), (byte)(result >>> 32),
+          (byte)(result >>> 24), (byte)(result >>> 16),
+          (byte)(result >>>  8), (byte) result };
     }
   }
 
-  // =========================================================================
-
   /**
-   * <p>Second hash stage of the UHash32 algorithm.</p>
-   *
-   * 5.4  L2-HASH-32: Second-layer hash.<p>
+   * Second hash stage of the UHash32 algorithm.
+   * <p>
+   * 5.4 L2-HASH-32: Second-layer hash.
    * <ul>
-   *    <li>Input:<br>
-   *       K string of length 24 bytes.<br>
-   *       M string of length less than 2^64 bytes.</li>
-   *    <li>Returns:<br>
-   *       Y, string of length 16 bytes.</li>
+   * <li>Input:<br>
+   * K string of length 24 bytes.<br>
+   * M string of length less than 2^64 bytes.</li>
+   * <li>Returns:<br>
+   * Y, string of length 16 bytes.</li>
    * </ul>
    */
-  class L2Hash32 implements Cloneable
+  class L2Hash32
+      implements Cloneable
   {
-
-    // Constants and variables
-    // ----------------------------------------------------------------------
-
     private BigInteger k64, k128;
-
     private BigInteger y;
-
     private boolean highBound;
-
     private long bytesSoFar;
-
     private ByteArrayOutputStream buffer;
 
-    // Constructor(s)
-    // ----------------------------------------------------------------------
-
     L2Hash32(byte[] K)
     {
       super();
 
       if (K.length != 24)
-        {
-          throw new ExceptionInInitializerError("K length is not 24");
-        }
-
+        throw new ExceptionInInitializerError("K length is not 24");
       //  Extract keys and restrict to special key-sets
       //         Mask64  = uint2str(0x01FFFFFF01FFFFFF, 8);
       //         Mask128 = uint2str(0x01FFFFFF01FFFFFF01FFFFFF01FFFFFF, 16);
       //         k64    = str2uint(K[1..8]  and Mask64);
       //         k128   = str2uint(K[9..24] and Mask128);
       int i = 0;
-      k64 = new BigInteger(1, new byte[] { (byte) (K[i++] & 0x01),
-                                          (byte) (K[i++] & 0xFF),
-                                          (byte) (K[i++] & 0xFF),
-                                          (byte) (K[i++] & 0xFF),
-                                          (byte) (K[i++] & 0x01),
-                                          (byte) (K[i++] & 0xFF),
-                                          (byte) (K[i++] & 0xFF),
-                                          (byte) (K[i++] & 0xFF) });
-      k128 = new BigInteger(1, new byte[] { (byte) (K[i++] & 0x01),
-                                           (byte) (K[i++] & 0xFF),
-                                           (byte) (K[i++] & 0xFF),
-                                           (byte) (K[i++] & 0xFF),
-                                           (byte) (K[i++] & 0x01),
-                                           (byte) (K[i++] & 0xFF),
-                                           (byte) (K[i++] & 0xFF),
-                                           (byte) (K[i++] & 0xFF),
-                                           (byte) (K[i++] & 0x01),
-                                           (byte) (K[i++] & 0xFF),
-                                           (byte) (K[i++] & 0xFF),
-                                           (byte) (K[i++] & 0xFF),
-                                           (byte) (K[i++] & 0x01),
-                                           (byte) (K[i++] & 0xFF),
-                                           (byte) (K[i++] & 0xFF),
-                                           (byte) (K[i++] & 0xFF) });
-
+      k64 = new BigInteger(1, new byte[] {
+          (byte)(K[i++] & 0x01), (byte)(K[i++] & 0xFF),
+          (byte)(K[i++] & 0xFF), (byte)(K[i++] & 0xFF),
+          (byte)(K[i++] & 0x01), (byte)(K[i++] & 0xFF),
+          (byte)(K[i++] & 0xFF), (byte)(K[i++] & 0xFF) });
+      k128 = new BigInteger(1, new byte[] {
+          (byte)(K[i++] & 0x01), (byte)(K[i++] & 0xFF),
+          (byte)(K[i++] & 0xFF), (byte)(K[i++] & 0xFF),
+          (byte)(K[i++] & 0x01), (byte)(K[i++] & 0xFF),
+          (byte)(K[i++] & 0xFF), (byte)(K[i++] & 0xFF),
+          (byte)(K[i++] & 0x01), (byte)(K[i++] & 0xFF),
+          (byte)(K[i++] & 0xFF), (byte)(K[i++] & 0xFF),
+          (byte)(K[i++] & 0x01), (byte)(K[i++] & 0xFF),
+          (byte)(K[i++] & 0xFF), (byte)(K[i++] & 0xFF) });
       y = BigInteger.ONE;
       highBound = false;
       bytesSoFar = 0L;
@@ -694,36 +549,24 @@ public class UHash32 extends BaseMac
         }
     }
 
-    // Class methods
-    // ----------------------------------------------------------------------
-
-    // Instance methods
-    // ----------------------------------------------------------------------
-
-    // java.lang.Cloneable interface implementation -------------------------
-
     public Object clone()
     {
       return new L2Hash32(this);
     }
 
-    // other instance methods -----------------------------------------------
-
     // this is called with either 8-bytes or 16-bytes
     void update(byte[] b, int offset, int len)
     {
       if (len == 0)
-        {
-          return;
-        }
+        return;
 
-      if (!highBound)
-        { // do the first (only?) 8-bytes
+      if (! highBound) // do the first (only?) 8-bytes
+        {
           poly(64, LOWER_RANGE, k64, b, offset, 8);
           bytesSoFar += 8L;
           highBound = (bytesSoFar > BOUNDARY);
-          if (highBound)
-            { // if we just crossed the limit then process y
+          if (highBound) // if we just crossed the limit then process y
+            {
               poly(128, UPPER_RANGE, k128, yTo16bytes(), 0, 16);
               buffer = new ByteArrayOutputStream();
             }
@@ -739,9 +582,7 @@ public class UHash32 extends BaseMac
               byte[] bb = buffer.toByteArray();
               poly(128, UPPER_RANGE, k128, bb, 0, 16);
               if (bb.length > 16)
-                {
-                  buffer.write(bb, 16, bb.length - 16);
-                }
+                buffer.write(bb, 16, bb.length - 16);
             }
         }
     }
@@ -751,19 +592,18 @@ public class UHash32 extends BaseMac
       // If M no more than 2^17 bytes, hash under 64-bit prime,
       // otherwise, hash first 2^17 bytes under 64-bit prime and
       // remainder under 128-bit prime.
-      if (!highBound)
-        { // y is up-to-date
+      if (! highBound) // y is up-to-date
+        {
           // do nothing
         }
-      else
-        { // we may have some bytes in buffer
+      else // we may have some bytes in buffer
+        {
           byte[] bb = buffer.toByteArray();
           byte[] lastBlock = new byte[16];
           System.arraycopy(bb, 0, lastBlock, 0, bb.length);
           lastBlock[bb.length] = (byte) 0x80;
           poly(128, UPPER_RANGE, k128, lastBlock, 0, 16);
         }
-
       byte[] result = yTo16bytes();
       reset();
       return result;
@@ -775,38 +615,29 @@ public class UHash32 extends BaseMac
       highBound = false;
       bytesSoFar = 0L;
       if (buffer != null)
-        {
-          buffer.reset();
-        }
+        buffer.reset();
     }
 
-    // helper methods -------------------------------------------------------
-
     private byte[] yTo16bytes()
     {
       byte[] yy = y.toByteArray();
       byte[] result = new byte[16];
       if (yy.length > 16)
-        {
-          System.arraycopy(yy, yy.length - 16, result, 0, 16);
-        }
+        System.arraycopy(yy, yy.length - 16, result, 0, 16);
       else
-        {
-          System.arraycopy(yy, 0, result, 16 - yy.length, yy.length);
-        }
+        System.arraycopy(yy, 0, result, 16 - yy.length, yy.length);
 
       return result;
     }
 
     /**
-     * 5.3  POLY: Polynomial hash
-     * Function Name: POLY
-     *
+     * 5.3 POLY: Polynomial hash Function Name: POLY
+     * 
      * @param wordbits positive integer divisible by 8: called with 64 or 128.
      * @param maxwordrange positive integer less than 2**wordbits.
      * @param k integer in the range 0 .. prime(wordbits) - 1.
-     * @param M string with length divisible by (wordbits / 8) bytes.
-     * return y, integer in the range 0 .. prime(wordbits) - 1.
+     * @param M string with length divisible by (wordbits / 8) bytes. return y,
+     *          integer in the range 0 .. prime(wordbits) - 1.
      */
     private void poly(int wordbits, BigInteger maxwordrange, BigInteger k,
                       byte[] M, int off, int len)
@@ -814,12 +645,9 @@ public class UHash32 extends BaseMac
       byte[] mag = new byte[len];
       System.arraycopy(M, off, mag, 0, len);
       // Define constants used for fixing out-of-range words
-      //         int wordbytes = wordbits / 8;
-
       BigInteger p = prime(wordbits);
       BigInteger offset = TWO.pow(wordbits).subtract(p); // 2^wordbits - p;
       BigInteger marker = p.subtract(BigInteger.ONE);
-
       // Break M into chunks of length wordbytes bytes
       //         long n = M.length / wordbytes;
       // Let M_1, M_2, ..., M_n be strings of length wordbytes bytes
@@ -829,48 +657,34 @@ public class UHash32 extends BaseMac
       // then hash the words 'marker' and (m - offset), both in range.
       //         for (int i = 0; i < n; i++) {
       BigInteger m = new BigInteger(1, mag);
-      if (m.compareTo(maxwordrange) >= 0)
-        { // m >= maxwordrange
+      if (m.compareTo(maxwordrange) >= 0) // m >= maxwordrange
+        {
           y = y.multiply(k).add(marker).mod(p); // (k * y + marker) % p;
           y = y.multiply(k).add(m.subtract(offset)).mod(p); // (k * y + (m - offset)) % p;
         }
       else
-        {
-          y = y.multiply(k).add(m).mod(p); // (k * y + m) % p;
-        }
-      //         }
-
-      //         return y;
+        y = y.multiply(k).add(m).mod(p); // (k * y + m) % p;
     }
   }
 
-  // =========================================================================
-
   /**
    * Third hash stage of the UHash32 algorithm.
-   *
-   * Input:
-   *    K1 string of length 64 bytes.
-   *    K2 string of length 4 bytes.
-   *    M string of length 16 bytes.
-   * Returns:
-   *    Y, string of length 4 bytes.
+   * <ul>
+   * <li>Input:<br/>
+   * K1 string of length 64 bytes.<br/>
+   * K2 string of length 4 bytes.<br/>
+   * M string of length 16 bytes.</li>
+   * <li>Returns:<br/>
+   * Y, string of length 4 bytes.</li>
+   * </ul>
    */
-  class L3Hash32 implements Cloneable
+  class L3Hash32
+      implements Cloneable
   {
-
-    // Constants and variables
-    // ----------------------------------------------------------------------
-
     private static final long PRIME_36 = 0x0000000FFFFFFFFBL;
-
     private int[] k = new int[9];
 
-    // Constructor(s)
-    // ----------------------------------------------------------------------
-
     /**
-     *
      * @param K1 string of length 64 bytes.
      * @param K2 string of length 4 bytes.
      */
@@ -880,29 +694,26 @@ public class UHash32 extends BaseMac
 
       // pre-conditions
       if (K1.length != 64)
-        {
-          throw new ExceptionInInitializerError("K1 length is not 64");
-        }
+        throw new ExceptionInInitializerError("K1 length is not 64");
       if (K2.length != 4)
-        {
-          throw new ExceptionInInitializerError("K2 length is not 4");
-        }
-
+        throw new ExceptionInInitializerError("K2 length is not 4");
       // Break K1 into 8 chunks and convert to integers
-      //         int i = 0;
-      //         for (int j = 0; i < 8; ) {
       for (int i = 0, j = 0; i < 8; i++)
         {
-          long kk = (K1[j++] & 0xFFL) << 56 | (K1[j++] & 0xFFL) << 48
-                    | (K1[j++] & 0xFFL) << 40 | (K1[j++] & 0xFFL) << 32
-                    | (K1[j++] & 0xFFL) << 24 | (K1[j++] & 0xFFL) << 16
-                    | (K1[j++] & 0xFFL) << 8 | (K1[j++] & 0xFFL);
-          //            k[i++] = (int)(kk % PRIME_36);
-          k[i] = (int) (kk % PRIME_36);
+          long kk = (K1[j++] & 0xFFL) << 56
+                  | (K1[j++] & 0xFFL) << 48
+                  | (K1[j++] & 0xFFL) << 40
+                  | (K1[j++] & 0xFFL) << 32
+                  | (K1[j++] & 0xFFL) << 24
+                  | (K1[j++] & 0xFFL) << 16
+                  | (K1[j++] & 0xFFL) <<  8
+                  | (K1[j++] & 0xFFL);
+          k[i] = (int)(kk % PRIME_36);
         }
-      //         k[i] = K2[0] << 24 | (K2[1] & 0xFF) << 16 | (K2[2] & 0xFF) << 8 | (K2[3] & 0xFF);
-      k[8] = K2[0] << 24 | (K2[1] & 0xFF) << 16 | (K2[2] & 0xFF) << 8
-             | (K2[3] & 0xFF);
+      k[8] =  K2[0]         << 24
+           | (K2[1] & 0xFF) << 16
+           | (K2[2] & 0xFF) << 8
+           | (K2[3] & 0xFF);
     }
 
     private L3Hash32(int[] k)
@@ -912,21 +723,11 @@ public class UHash32 extends BaseMac
       this.k = k;
     }
 
-    // Class methods
-    // ----------------------------------------------------------------------
-
-    // Instance methods
-    // ----------------------------------------------------------------------
-
-    // java.lang.Cloneable interface implementation -------------------------
-
     public Object clone()
     {
       return new L3Hash32((int[]) k.clone());
     }
 
-    // other instance methods -----------------------------------------------
-
     /**
      * @param M string of length 16 bytes.
      * @return Y, string of length 4 bytes.
@@ -934,24 +735,24 @@ public class UHash32 extends BaseMac
     byte[] digest(byte[] M)
     {
       if (M.length != 16)
-        {
-          throw new IllegalArgumentException("M length is not 16");
-        }
+        throw new IllegalArgumentException("M length is not 16");
 
       long m, y = 0L;
       for (int i = 0, j = 0; i < 8; i++)
         {
           // Break M into 8 chunks and convert to integers
           m = (M[j++] & 0xFFL) << 8 | (M[j++] & 0xFFL);
-
           // Inner-product hash, extract last 32 bits and affine-translate
           //            y = (m_1 * k_1 + ... + m_8 * k_8) mod prime(36);
           //            y = y mod 2^32;
           y += (m * (k[i] & 0xFFFFFFFFL)) % PRIME_36;
         }
       int Y = ((int) y) ^ k[8];
-      return new byte[] { (byte) (Y >>> 24), (byte) (Y >>> 16),
-                         (byte) (Y >>> 8), (byte) Y };
+      return new byte[] {
+          (byte)(Y >>> 24),
+          (byte)(Y >>> 16),
+          (byte)(Y >>> 8),
+          (byte) Y };
     }
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/mac/UMac32.java b/libjava/classpath/gnu/javax/crypto/mac/UMac32.java
index 01388885699..8e913db714a 100644
--- a/libjava/classpath/gnu/javax/crypto/mac/UMac32.java
+++ b/libjava/classpath/gnu/javax/crypto/mac/UMac32.java
@@ -53,123 +53,105 @@ import java.util.HashMap;
 import java.util.Map;
 
 /**
- * <p>The implementation of the <i>UMAC</i> (Universal Message Authentication
- * Code).</p>
- *
- * <p>The <i>UMAC</i> algorithms described are <i>parameterized</i>. This means
+ * The implementation of the <i>UMAC</i> (Universal Message Authentication
+ * Code).
+ * <p>
+ * The <i>UMAC</i> algorithms described are <i>parameterized</i>. This means
  * that various low-level choices, like the endian convention and the underlying
  * cryptographic primitive, have not been fixed. One must choose values for
  * these parameters before the authentication tag generated by <i>UMAC</i> (for
- * a given message, key, and nonce) becomes fully-defined. In this document
- * we provide two collections of parameter settings, and have named the sets
- * <i>UMAC16</i> and <i>UMAC32</i>. The parameter sets have been chosen based on
- * experimentation and provide good performance on a wide variety of processors.
- * <i>UMAC16</i> is designed to excel on processors which provide small-scale
- * SIMD parallelism of the type found in Intel's MMX and Motorola's AltiVec
- * instruction sets, while <i>UMAC32</i> is designed to do well on processors
- * with good 32- and 64- bit support. <i>UMAC32</i> may take advantage of SIMD
- * parallelism in future processors.</p>
- *
- * <p><i>UMAC</i> has been designed to allow implementations which accommodate
- * <i>on-line</i> authentication. This means that pieces of the message may
- * be presented to <i>UMAC</i> at different times (but in correct order) and an
+ * a given message, key, and nonce) becomes fully-defined. In this document we
+ * provide two collections of parameter settings, and have named the sets
+ * <i>UMAC16</i> and <i>UMAC32</i>. The parameter sets have been chosen based
+ * on experimentation and provide good performance on a wide variety of
+ * processors. <i>UMAC16</i> is designed to excel on processors which provide
+ * small-scale SIMD parallelism of the type found in Intel's MMX and Motorola's
+ * AltiVec instruction sets, while <i>UMAC32</i> is designed to do well on
+ * processors with good 32- and 64- bit support. <i>UMAC32</i> may take
+ * advantage of SIMD parallelism in future processors.
+ * <p>
+ * <i>UMAC</i> has been designed to allow implementations which accommodate
+ * <i>on-line</i> authentication. This means that pieces of the message may be
+ * presented to <i>UMAC</i> at different times (but in correct order) and an
  * on-line implementation will be able to process the message correctly without
  * the need to buffer more than a few dozen bytes of the message. For
  * simplicity, the algorithms in this specification are presented as if the
- * entire message being authenticated were available at once.</p>
- *
- * <p>To authenticate a message, <code>Msg</code>, one first applies the
+ * entire message being authenticated were available at once.
+ * <p>
+ * To authenticate a message, <code>Msg</code>, one first applies the
  * universal hash function, resulting in a string which is typically much
- * shorter than the original message.  The pseudorandom function is applied to a
+ * shorter than the original message. The pseudorandom function is applied to a
  * nonce, and the result is used in the manner of a Vernam cipher: the
  * authentication tag is the xor of the output from the hash function and the
  * output from the pseudorandom function. Thus, an authentication tag is
- * generated as</p>
- *
+ * generated as
  * <pre>
- *    AuthTag = f(Nonce) xor h(Msg)
+ *     AuthTag = f(Nonce) xor h(Msg)
  * </pre>
- *
- * <p>Here <code>f</code> is the pseudorandom function shared between the sender
+ * <p>
+ * Here <code>f</code> is the pseudorandom function shared between the sender
  * and the receiver, and h is a universal hash function shared by the sender and
  * the receiver. In <i>UMAC</i>, a shared key is used to key the pseudorandom
  * function <code>f</code>, and then <code>f</code> is used for both tag
  * generation and internally to generate all of the bits needed by the universal
- * hash function.</p>
- *
- * <p>The universal hash function that we use is called <code>UHASH</code>. It
+ * hash function.
+ * <p>
+ * The universal hash function that we use is called <code>UHASH</code>. It
  * combines several software-optimized algorithms into a multi-layered
  * structure. The algorithm is moderately complex. Some of this complexity comes
- * from extensive speed optimizations.</p>
- *
- * <p>For the pseudorandom function we use the block cipher of the <i>Advanced
- * Encryption Standard</i> (AES).</p>
- *
- * <p>The UMAC32 parameters, considered in this implementation are:</p>
+ * from extensive speed optimizations.
+ * <p>
+ * For the pseudorandom function we use the block cipher of the <i>Advanced
+ * Encryption Standard</i> (AES).
+ * <p>
+ * The UMAC32 parameters, considered in this implementation are:
  * <pre>
- *                                   UMAC32
- *                                   ------
- *        WORD-LEN                        4
- *        UMAC-OUTPUT-LEN                 8
- *        L1-KEY-LEN                   1024
- *        UMAC-KEY-LEN                   16
- *        ENDIAN-FAVORITE               BIG *
- *        L1-OPERATIONS-SIGN       UNSIGNED
+ *                                    UMAC32
+ *                                    ------
+ *         WORD-LEN                        4
+ *         UMAC-OUTPUT-LEN                 8
+ *         L1-KEY-LEN                   1024
+ *         UMAC-KEY-LEN                   16
+ *         ENDIAN-FAVORITE               BIG *
+ *         L1-OPERATIONS-SIGN       UNSIGNED
  * </pre>
- *
- * <p>Please note that this UMAC32 differs from the one described in the paper
- * by the <i>ENDIAN-FAVORITE</i> value.</p>
- *
- * <p>References:</p>
- *
+ * <p>
+ * Please note that this UMAC32 differs from the one described in the paper by
+ * the <i>ENDIAN-FAVORITE</i> value.
+ * <p>
+ * References:
  * <ol>
- *    <li><a href="http://www.ietf.org/internet-drafts/draft-krovetz-umac-01.txt">
- *    UMAC</a>: Message Authentication Code using Universal Hashing.<br>
- *    T. Krovetz, J. Black, S. Halevi, A. Hevia, H. Krawczyk, and P. Rogaway.</li>
+ * <li><a href="http://www.ietf.org/internet-drafts/draft-krovetz-umac-01.txt">
+ * UMAC</a>: Message Authentication Code using Universal Hashing.<br>
+ * T. Krovetz, J. Black, S. Halevi, A. Hevia, H. Krawczyk, and P. Rogaway.</li>
  * </ol>
  */
-public class UMac32 extends BaseMac
+public class UMac32
+    extends BaseMac
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /**
    * Property name of the user-supplied <i>Nonce</i>. The value associated to
    * this property name is taken to be a byte array.
    */
   public static final String NONCE_MATERIAL = "gnu.crypto.umac.nonce.material";
-
   /** Known test vector. */
-  //   private static final String TV1 = "3E5A0E09198B0F94";
-  //   private static final String TV1 = "5FD764A6D3A9FD9D";
-  //   private static final String TV1 = "48658DE1D9A70304";
+  // private static final String TV1 = "3E5A0E09198B0F94";
+  // private static final String TV1 = "5FD764A6D3A9FD9D";
+  // private static final String TV1 = "48658DE1D9A70304";
   private static final String TV1 = "455ED214A6909F20";
-
   private static final BigInteger MAX_NONCE_ITERATIONS = BigInteger.ONE.shiftLeft(16 * 8);
-
   // UMAC32 parameters
   static final int OUTPUT_LEN = 8;
-
   static final int L1_KEY_LEN = 1024;
-
   static final int KEY_LEN = 16;
-
   /** caches the result of the correctness test, once executed. */
   private static Boolean valid;
-
   private byte[] nonce;
-
   private UHash32 uhash32;
-
   private BigInteger nonceReuseCount;
-
   /** The authentication key for this instance. */
   private transient byte[] K;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial 0-arguments constructor. */
   public UMac32()
   {
@@ -177,8 +159,8 @@ public class UMac32 extends BaseMac
   }
 
   /**
-   * <p>Private constructor for cloning purposes.</p>
-   *
+   * Private constructor for cloning purposes.
+   * 
    * @param that the instance to clone.
    */
   private UMac32(UMac32 that)
@@ -186,136 +168,103 @@ public class UMac32 extends BaseMac
     this();
 
     if (that.K != null)
-      {
-        this.K = (byte[]) that.K.clone();
-      }
+      this.K = (byte[]) that.K.clone();
     if (that.nonce != null)
-      {
-        this.nonce = (byte[]) that.nonce.clone();
-      }
+      this.nonce = (byte[]) that.nonce.clone();
     if (that.uhash32 != null)
-      {
-        this.uhash32 = (UHash32) that.uhash32.clone();
-      }
+      this.uhash32 = (UHash32) that.uhash32.clone();
     this.nonceReuseCount = that.nonceReuseCount;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.lang.Cloneable interface implementation ----------------------------
-
   public Object clone()
   {
     return new UMac32(this);
   }
 
-  // gnu.crypto.mac.IMac interface implementation ----------------------------
-
   public int macSize()
   {
     return OUTPUT_LEN;
   }
 
   /**
-   * <p>Initialising a <i>UMAC</i> instance consists of defining values for
-   * the following parameters:</p>
-   *
+   * Initialising a <i>UMAC</i> instance consists of defining values for the
+   * following parameters:
    * <ol>
-   *    <li>Key Material: as the value of the attribute entry keyed by
-   *    {@link #MAC_KEY_MATERIAL}. The value is taken to be a byte array
-   *    containing the user-specified key material. The length of this array,
-   *    if/when defined SHOULD be exactly equal to {@link #KEY_LEN}.</li>
-   *
-   *    <li>Nonce Material: as the value of the attribute entry keyed by
-   *    {@link #NONCE_MATERIAL}. The value is taken to be a byte array
-   *    containing the user-specified nonce material. The length of this array,
-   *    if/when defined SHOULD be (a) greater than zero, and (b) less or equal
-   *    to 16 (the size of the AES block).</li>
+   * <li>Key Material: as the value of the attribute entry keyed by
+   * {@link #MAC_KEY_MATERIAL}. The value is taken to be a byte array
+   * containing the user-specified key material. The length of this array,
+   * if/when defined SHOULD be exactly equal to {@link #KEY_LEN}.</li>
+   * <li>Nonce Material: as the value of the attribute entry keyed by
+   * {@link #NONCE_MATERIAL}. The value is taken to be a byte array containing
+   * the user-specified nonce material. The length of this array, if/when
+   * defined SHOULD be (a) greater than zero, and (b) less or equal to 16 (the
+   * size of the AES block).</li>
    * </ol>
-   *
-   * <p>For convenience, this implementation accepts that not both parameters
-   * be always specified.</p>
-   *
+   * <p>
+   * For convenience, this implementation accepts that not both parameters be
+   * always specified.
    * <ul>
-   *    <li>If the <i>Key Material</i> is specified, but the <i>Nonce Material</i>
-   *    is not, then this implementation, re-uses the previously set <i>Nonce
-   *    Material</i> after (a) converting the bytes to an unsigned integer,
-   *    (b) incrementing the number by one, and (c) converting it back to 16
-   *    bytes.</li>
-   *
-   *    <li>If the <i>Nonce Material</i> is specified, but the <i>Key Material</i>
-   *    is not, then this implementation re-uses the previously set <i>Key
-   *    Material</i>.</li>
+   * <li>If the <i>Key Material</i> is specified, but the <i>Nonce Material</i>
+   * is not, then this implementation, re-uses the previously set <i>Nonce
+   * Material</i> after (a) converting the bytes to an unsigned integer, (b)
+   * incrementing the number by one, and (c) converting it back to 16 bytes.</li>
+   * <li>If the <i>Nonce Material</i> is specified, but the <i>Key Material</i>
+   * is not, then this implementation re-uses the previously set <i>Key Material</i>.
+   * </li>
    * </ul>
-   *
-   * <p>This method throws an exception if no <i>Key Material</i> is specified
-   * in the input map, and there is no previously set/defined <i>Key Material</i>
+   * <p>
+   * This method throws an exception if no <i>Key Material</i> is specified in
+   * the input map, and there is no previously set/defined <i>Key Material</i>
    * (from an earlier invocation of this method). If a <i>Key Material</i> can
-   * be used, but no <i>Nonce Material</i> is defined or previously set/defined,
-   * then a default value of all-zeroes shall be used.</p>
-   *
+   * be used, but no <i>Nonce Material</i> is defined or previously
+   * set/defined, then a default value of all-zeroes shall be used.
+   * 
    * @param attributes one or both of required parameters.
    * @throws InvalidKeyException the key material specified is not of the
-   * correct length.
+   *           correct length.
    */
   public void init(Map attributes) throws InvalidKeyException,
       IllegalStateException
   {
     byte[] key = (byte[]) attributes.get(MAC_KEY_MATERIAL);
     byte[] n = (byte[]) attributes.get(NONCE_MATERIAL);
-
     boolean newKey = (key != null);
     boolean newNonce = (n != null);
-
     if (newKey)
       {
         if (key.length != KEY_LEN)
-          {
-            throw new InvalidKeyException("Key length: "
-                                          + String.valueOf(key.length));
-          }
+          throw new InvalidKeyException("Key length: "
+                                        + String.valueOf(key.length));
         K = key;
       }
     else
       {
         if (K == null)
-          {
-            throw new InvalidKeyException("Null Key");
-          }
+          throw new InvalidKeyException("Null Key");
       }
-
     if (newNonce)
       {
         if (n.length < 1 || n.length > 16)
+          throw new IllegalArgumentException("Invalid Nonce length: "
+                                             + String.valueOf(n.length));
+        if (n.length < 16) // pad with zeroes
           {
-            throw new IllegalArgumentException("Invalid Nonce length: "
-                                               + String.valueOf(n.length));
-          }
-
-        if (n.length < 16)
-          { // pad with zeroes
             byte[] newN = new byte[16];
             System.arraycopy(n, 0, newN, 0, n.length);
             nonce = newN;
           }
         else
-          {
-            nonce = n;
-          }
+          nonce = n;
 
         nonceReuseCount = BigInteger.ZERO;
       }
-    else if (nonce == null)
-      { // use all-0 nonce if 1st time
+    else if (nonce == null) // use all-0 nonce if 1st time
+      {
         nonce = new byte[16];
         nonceReuseCount = BigInteger.ZERO;
       }
-    else if (!newKey)
-      { // increment nonce if still below max count
+    else if (! newKey) // increment nonce if still below max count
+      {
         nonceReuseCount = nonceReuseCount.add(BigInteger.ONE);
         if (nonceReuseCount.compareTo(MAX_NONCE_ITERATIONS) >= 0)
           {
@@ -326,9 +275,7 @@ public class UMac32 extends BaseMac
         N = N.add(BigInteger.ONE).mod(MAX_NONCE_ITERATIONS);
         n = N.toByteArray();
         if (n.length == 16)
-          {
-            nonce = n;
-          }
+          nonce = n;
         else if (n.length < 16)
           {
             nonce = new byte[16];
@@ -340,15 +287,11 @@ public class UMac32 extends BaseMac
             System.arraycopy(n, n.length - 16, nonce, 0, 16);
           }
       }
-    else
-      { // do nothing, re-use old nonce value
-        nonceReuseCount = BigInteger.ZERO;
-      }
+    else // do nothing, re-use old nonce value
+      nonceReuseCount = BigInteger.ZERO;
 
     if (uhash32 == null)
-      {
-        uhash32 = new UHash32();
-      }
+      uhash32 = new UHash32();
 
     Map map = new HashMap();
     map.put(MAC_KEY_MATERIAL, K);
@@ -370,9 +313,7 @@ public class UMac32 extends BaseMac
     byte[] result = uhash32.digest();
     byte[] pad = pdf(); // pdf(K, nonce);
     for (int i = 0; i < OUTPUT_LEN; i++)
-      {
-        result[i] = (byte) (result[i] ^ pad[i]);
-      }
+      result[i] = (byte)(result[i] ^ pad[i]);
 
     return result;
   }
@@ -380,9 +321,7 @@ public class UMac32 extends BaseMac
   public void reset()
   {
     if (uhash32 != null)
-      {
-        uhash32.reset();
-      }
+      uhash32.reset();
   }
 
   public boolean selfTest()
@@ -412,43 +351,32 @@ public class UMac32 extends BaseMac
             x.printStackTrace(System.err);
             return false;
           }
-
         byte[] data = new byte[128];
         data[0] = (byte) 0x80;
-
         mac.update(data, 0, 128);
         byte[] result = mac.digest();
-        //         System.out.println("UMAC test vector: "+Util.toString(result));
         valid = Boolean.valueOf(TV1.equals(Util.toString(result)));
       }
     return valid.booleanValue();
   }
 
-  // helper methods ----------------------------------------------------------
-
   /**
-   *
    * @return byte array of length 8 (or OUTPUT_LEN) bytes.
    */
   private byte[] pdf()
   {
     // Make Nonce 16 bytes by prepending zeroes. done (see init())
-
     // one AES invocation is enough for more than one PDF invocation
     // number of index bits needed = 1
-
     // Extract index bits and zero low bits of Nonce
     BigInteger Nonce = new BigInteger(1, nonce);
     int nlowbitsnum = Nonce.testBit(0) ? 1 : 0;
     Nonce = Nonce.clearBit(0);
-
     // Generate subkey, AES and extract indexed substring
     IRandom kdf = new UMacGenerator();
     Map map = new HashMap();
     map.put(IBlockCipher.KEY_MATERIAL, K);
-    //      map.put(IBlockCipher.CIPHER_BLOCK_SIZE, new Integer(128/8));
-    map.put(UMacGenerator.INDEX, new Integer(128));
-    //      map.put(UMacGenerator.CIPHER, Registry.AES_CIPHER);
+    map.put(UMacGenerator.INDEX, Integer.valueOf(128));
     kdf.init(map);
     byte[] Kp = new byte[KEY_LEN];
     try
@@ -485,7 +413,6 @@ public class UMac32 extends BaseMac
     aes.encryptBlock(nonce, 0, T, 0);
     byte[] result = new byte[OUTPUT_LEN];
     System.arraycopy(T, nlowbitsnum, result, 0, OUTPUT_LEN);
-
     return result;
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/mode/BaseMode.java b/libjava/classpath/gnu/javax/crypto/mode/BaseMode.java
index 0a9ab2dab1c..6d9418ccafa 100644
--- a/libjava/classpath/gnu/javax/crypto/mode/BaseMode.java
+++ b/libjava/classpath/gnu/javax/crypto/mode/BaseMode.java
@@ -49,46 +49,34 @@ import java.util.Iterator;
 import java.util.Map;
 
 /**
- * <p>A basic abstract class to facilitate implementing block cipher modes of
- * operations.</p>
+ * A basic abstract class to facilitate implementing block cipher modes of
+ * operations.
  */
-public abstract class BaseMode implements IMode
+public abstract class BaseMode
+    implements IMode
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** The canonical name prefix of this mode. */
   protected String name;
-
   /** The state indicator of this instance. */
   protected int state;
-
   /** The underlying block cipher implementation. */
   protected IBlockCipher cipher;
-
   /** The block size, in bytes, to operate the underlying block cipher in. */
   protected int cipherBlockSize;
-
   /** The block size, in bytes, in which to operate the mode instance. */
   protected int modeBlockSize;
-
   /** The initialisation vector value. */
   protected byte[] iv;
-
   /** The instance lock. */
   protected Object lock = new Object();
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Trivial constructor for use by concrete subclasses.</p>
-   *
+   * Trivial constructor for use by concrete subclasses.
+   * 
    * @param name the canonical name prefix of this mode.
    * @param underlyingCipher the implementation of the underlying cipher.
    * @param cipherBlockSize the block size, in bytes, in which to operate the
-   * underlying cipher.
+   *          underlying cipher.
    */
   protected BaseMode(String name, IBlockCipher underlyingCipher,
                      int cipherBlockSize)
@@ -101,14 +89,6 @@ public abstract class BaseMode implements IMode
     state = -1;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // IMode interface implementation ------------------------------------------
-
   public void update(byte[] in, int inOffset, byte[] out, int outOffset)
       throws IllegalStateException
   {
@@ -128,25 +108,23 @@ public abstract class BaseMode implements IMode
       }
   }
 
-  // IBlockCipher interface implementation -----------------------------------
-
   public String name()
   {
-    return new StringBuffer().append(name).append('(').append(cipher.name()).append(
-                                                                                    ')').toString();
+    return new StringBuffer(name).append('(').append(cipher.name()).append(')')
+        .toString();
   }
 
   /**
-   * <p>Returns the default value, in bytes, of the mode's block size. This
-   * value is part of the construction arguments passed to the Factory methods
-   * in {@link ModeFactory}. Unless changed by an invocation of any of the
+   * Returns the default value, in bytes, of the mode's block size. This value
+   * is part of the construction arguments passed to the Factory methods in
+   * {@link ModeFactory}. Unless changed by an invocation of any of the
    * <code>init()</code> methods, a <i>Mode</i> instance would operate with
    * the same block size as its underlying block cipher. As mentioned earlier,
-   * the block size of the underlying block cipher itself is specified in one
-   * of the method(s) available in the factory class.</p>
-   *
+   * the block size of the underlying block cipher itself is specified in one of
+   * the method(s) available in the factory class.
+   * 
    * @return the default value, in bytes, of the mode's block size.
-   * @see gnu.crypto.mode.ModeFactory
+   * @see ModeFactory
    */
   public int defaultBlockSize()
   {
@@ -154,9 +132,9 @@ public abstract class BaseMode implements IMode
   }
 
   /**
-   * <p>Returns the default value, in bytes, of the underlying block cipher
-   * key size.</p>
-   *
+   * Returns the default value, in bytes, of the underlying block cipher key
+   * size.
+   * 
    * @return the default value, in bytes, of the underlying cipher's key size.
    */
   public int defaultKeySize()
@@ -165,29 +143,28 @@ public abstract class BaseMode implements IMode
   }
 
   /**
-   * <p>Returns an {@link Iterator} over the supported block sizes. Each
-   * element returned by this object is an {@link Integer}.</p>
-   *
-   * <p>The default behaviour is to return an iterator with just one value,
-   * which is that currently configured for the underlying block cipher.
-   * Concrete implementations may override this behaviour to signal their
-   * ability to support other values.</p>
-   *
+   * Returns an {@link Iterator} over the supported block sizes. Each element
+   * returned by this object is an {@link Integer}.
+   * <p>
+   * The default behaviour is to return an iterator with just one value, which
+   * is that currently configured for the underlying block cipher. Concrete
+   * implementations may override this behaviour to signal their ability to
+   * support other values.
+   * 
    * @return an {@link Iterator} over the supported block sizes.
    */
   public Iterator blockSizes()
   {
     ArrayList al = new ArrayList();
-    al.add(new Integer(cipherBlockSize));
-
+    al.add(Integer.valueOf(cipherBlockSize));
     return Collections.unmodifiableList(al).iterator();
   }
 
   /**
-   * <p>Returns an {@link Iterator} over the supported underlying block cipher
-   * key sizes. Each element returned by this object is an instance of
-   * {@link Integer}.</p>
-   *
+   * Returns an {@link Iterator} over the supported underlying block cipher key
+   * sizes. Each element returned by this object is an instance of
+   * {@link Integer}.
+   * 
    * @return an {@link Iterator} over the supported key sizes.
    */
   public Iterator keySizes()
@@ -201,10 +178,7 @@ public abstract class BaseMode implements IMode
     synchronized (lock)
       {
         if (state != -1)
-          {
-            throw new IllegalStateException();
-          }
-
+          throw new IllegalStateException();
         Integer want = (Integer) attributes.get(STATE);
         if (want != null)
           {
@@ -220,20 +194,13 @@ public abstract class BaseMode implements IMode
                 throw new IllegalArgumentException();
               }
           }
-
         Integer bs = (Integer) attributes.get(MODE_BLOCK_SIZE);
         modeBlockSize = (bs == null ? cipherBlockSize : bs.intValue());
-
         byte[] iv = (byte[]) attributes.get(IV);
         if (iv != null)
-          {
-            this.iv = (byte[]) iv.clone();
-          }
+          this.iv = (byte[]) iv.clone();
         else
-          {
-            this.iv = new byte[modeBlockSize];
-          }
-
+          this.iv = new byte[modeBlockSize];
         cipher.init(attributes);
         setup();
       }
@@ -242,9 +209,7 @@ public abstract class BaseMode implements IMode
   public int currentBlockSize()
   {
     if (state == -1)
-      {
-        throw new IllegalStateException();
-      }
+      throw new IllegalStateException();
     return modeBlockSize;
   }
 
@@ -255,7 +220,6 @@ public abstract class BaseMode implements IMode
         state = -1;
         iv = null;
         cipher.reset();
-
         teardown();
       }
   }
@@ -268,19 +232,12 @@ public abstract class BaseMode implements IMode
       {
         ks = ((Integer) kit.next()).intValue();
         for (bit = blockSizes(); bit.hasNext();)
-          {
-            if (!testSymmetry(ks, ((Integer) bit.next()).intValue()))
-              {
-                return false;
-              }
-          }
+          if (! testSymmetry(ks, ((Integer) bit.next()).intValue()))
+            return false;
       }
-
     return true;
   }
 
-  // methods to be implemented by concrete subclasses ------------------------
-
   public abstract Object clone();
 
   /** The initialisation phase of the concrete mode implementation. */
@@ -293,8 +250,6 @@ public abstract class BaseMode implements IMode
 
   public abstract void decryptBlock(byte[] in, int i, byte[] out, int o);
 
-  // own methods -------------------------------------------------------------
-
   private boolean testSymmetry(int ks, int bs)
   {
     try
@@ -304,44 +259,30 @@ public abstract class BaseMode implements IMode
         byte[] k = new byte[ks];
         int i;
         for (i = 0; i < ks; i++)
-          {
-            k[i] = (byte) i;
-          }
-
+          k[i] = (byte) i;
         int blockCount = 5;
         int limit = blockCount * bs;
         byte[] pt = new byte[limit];
         for (i = 0; i < limit; i++)
-          {
-            pt[i] = (byte) i;
-          }
+          pt[i] = (byte) i;
         byte[] ct = new byte[limit];
         byte[] cpt = new byte[limit];
-
         Map map = new HashMap();
         map.put(KEY_MATERIAL, k);
-        map.put(CIPHER_BLOCK_SIZE, new Integer(cipherBlockSize));
-        map.put(STATE, new Integer(ENCRYPTION));
+        map.put(CIPHER_BLOCK_SIZE, Integer.valueOf(cipherBlockSize));
+        map.put(STATE, Integer.valueOf(ENCRYPTION));
         map.put(IV, iv);
-        map.put(MODE_BLOCK_SIZE, new Integer(bs));
-
+        map.put(MODE_BLOCK_SIZE, Integer.valueOf(bs));
         mode.reset();
         mode.init(map);
         for (i = 0; i < blockCount; i++)
-          {
-            mode.update(pt, i * bs, ct, i * bs);
-          }
-
+          mode.update(pt, i * bs, ct, i * bs);
         mode.reset();
-        map.put(STATE, new Integer(DECRYPTION));
+        map.put(STATE, Integer.valueOf(DECRYPTION));
         mode.init(map);
         for (i = 0; i < blockCount; i++)
-          {
-            mode.update(ct, i * bs, cpt, i * bs);
-          }
-
+          mode.update(ct, i * bs, cpt, i * bs);
         return Arrays.equals(pt, cpt);
-
       }
     catch (Exception x)
       {
@@ -349,4 +290,4 @@ public abstract class BaseMode implements IMode
         return false;
       }
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/mode/CBC.java b/libjava/classpath/gnu/javax/crypto/mode/CBC.java
index 10578a6ef50..f3b3fb3312f 100644
--- a/libjava/classpath/gnu/javax/crypto/mode/CBC.java
+++ b/libjava/classpath/gnu/javax/crypto/mode/CBC.java
@@ -42,36 +42,31 @@ import gnu.java.security.Registry;
 import gnu.javax.crypto.cipher.IBlockCipher;
 
 /**
- * The Cipher Block Chaining mode. This mode introduces feedback into
- * the cipher by XORing the previous ciphertext block with the plaintext
- * block before encipherment. That is, encrypting looks like this:</p>
- *
- * <blockquote><p>C<sub>i</sub> = E<sub>K</sub>(P<sub>i</sub> ^
- * C<sub>i-1</sub></p></blockquote>
- *
- * <p>Similarly, decrypting is:</p>
- *
- * <blockquote><p>P<sub>i</sub> = C<sub>i-1</sub> ^
- * D<sub>K</sub>(C<sub>i</sub>)</p></blockquote>
+ * The Cipher Block Chaining mode. This mode introduces feedback into the cipher
+ * by XORing the previous ciphertext block with the plaintext block before
+ * encipherment. That is, encrypting looks like this:
+ * 
+ * <pre>
+ *  C<sub>i</sub> = E<sub>K</sub>(P<sub>i</sub>&circ; C<sub>i-1</sub>)
+ * </pre>
+ * <p>
+ * Similarly, decrypting is:
+ * <pre>
+ *  P<sub>i</sub> = C<sub>i-1</sub> &circ; D<sub>K</sub>(C<sub>i</sub>)
+ * </pre>
  */
-public class CBC extends BaseMode implements Cloneable
+public class CBC
+    extends BaseMode
+    implements Cloneable
 {
-
-  // Constants and Variables
-  //------------------------------------------------------------------
-
   /** The last (de|en)crypted block */
   private byte[] lastBlock;
-
   /** An intermediate buffer. */
   private byte[] scratch;
 
-  // Constructors
-  // -----------------------------------------------------------------
-
   /**
    * Package-private constructor for the factory class.
-   *
+   * 
    * @param underlyingCipher The cipher implementation.
    * @param cipherBlockSize The cipher's block size.
    */
@@ -86,31 +81,20 @@ public class CBC extends BaseMode implements Cloneable
     this((IBlockCipher) that.cipher.clone(), that.cipherBlockSize);
   }
 
-  // Cloneable interface implementation
-  // -----------------------------------------------------------------
-
   public Object clone()
   {
     return new CBC(this);
   }
 
-  // Implementation of abstract methods in BaseMode
-  // -----------------------------------------------------------------
-
   public void setup()
   {
     if (modeBlockSize != cipherBlockSize)
-      {
-        throw new IllegalArgumentException();
-      }
+      throw new IllegalArgumentException();
     scratch = new byte[cipherBlockSize];
     lastBlock = new byte[cipherBlockSize];
-
     // lastBlock gets initialized to the initialization vector.
     for (int i = 0; i < lastBlock.length && i < iv.length; i++)
-      {
-        lastBlock[i] = iv[i];
-      }
+      lastBlock[i] = iv[i];
   }
 
   public void teardown()
@@ -122,9 +106,7 @@ public class CBC extends BaseMode implements Cloneable
   public void encryptBlock(byte[] in, int i, byte[] out, int o)
   {
     for (int k = 0; k < scratch.length; k++)
-      {
-        scratch[k] = (byte) (lastBlock[k] ^ in[k + i]);
-      }
+      scratch[k] = (byte)(lastBlock[k] ^ in[k + i]);
     cipher.encryptBlock(scratch, 0, out, o);
     System.arraycopy(out, o, lastBlock, 0, cipherBlockSize);
   }
@@ -135,9 +117,7 @@ public class CBC extends BaseMode implements Cloneable
     System.arraycopy(in, i, buf, 0, cipherBlockSize);
     cipher.decryptBlock(in, i, scratch, 0);
     for (int k = 0; k < scratch.length; k++)
-      {
-        out[o + k] = (byte) (lastBlock[k] ^ scratch[k]);
-      }
+      out[o + k] = (byte)(lastBlock[k] ^ scratch[k]);
     System.arraycopy(buf, 0, lastBlock, 0, cipherBlockSize);
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/mode/CFB.java b/libjava/classpath/gnu/javax/crypto/mode/CFB.java
index fef2b634cf2..6fc00637323 100644
--- a/libjava/classpath/gnu/javax/crypto/mode/CFB.java
+++ b/libjava/classpath/gnu/javax/crypto/mode/CFB.java
@@ -42,58 +42,48 @@ import gnu.java.security.Registry;
 import gnu.javax.crypto.cipher.IBlockCipher;
 
 /**
- * The cipher feedback mode. CFB mode is a stream mode that operates on
- * <i>s</i> bit blocks, where 1 &lt;= <i>s</i> &lt;= <i>b</i>, if
- * <i>b</i> is the underlying cipher's block size. Encryption is:
- *
- <pre>
- I[1] = IV
- I[j] = LSB(b-s, I[j-1]) | C[j-1]   for j = 2...n
- O[j] = CIPH(K, I[j])               for j = 1,2...n
- C[j] = P[j] ^ MSB(s, O[j])         for j = 1,2...n
- </pre>
- *
- * <p>And decryption is:</p>
- * 
- <pre>
- I[1] = IV
- I[j] = LSB(b-s, I[j-1]) | C[j-1]   for j = 2...n
- O[j] = CIPH(K, I[j])               for j = 1,2...n
- P[j] = C[j] ^ MSB(s, O[j])         for j = 1,2...n
- </pre>
- *
- * <p>CFB mode requires an initialization vector, which need not be kept
- * secret.</p>
- *
- * <p>References:</p>
+ * The cipher feedback mode. CFB mode is a stream mode that operates on <i>s</i>
+ * bit blocks, where 1 &lt;= <i>s</i> &lt;= <i>b</i>, if <i>b</i> is the
+ * underlying cipher's block size. Encryption is:
+ * <pre>
+ *  I[1] = IV
+ *  I[j] = LSB(b-s, I[j-1]) | C[j-1]   for j = 2...n
+ *  O[j] = CIPH(K, I[j])               for j = 1,2...n
+ *  C[j] = P[j] &circ; MSB(s, O[j])         for j = 1,2...n
+ * </pre>
+ * <p>
+ * And decryption is:
+ * <pre>
+ *  I[1] = IV
+ *  I[j] = LSB(b-s, I[j-1]) | C[j-1]   for j = 2...n
+ *  O[j] = CIPH(K, I[j])               for j = 1,2...n
+ *  P[j] = C[j] &circ; MSB(s, O[j])         for j = 1,2...n
+ * </pre>
+ * <p>
+ * CFB mode requires an initialization vector, which need not be kept secret.
+ * <p>
+ * References:
  * <ol>
- * <li>Bruce Schneier, <i>Applied Cryptography: Protocols, Algorithms,
- * and Source Code in C, Second Edition</i>. (1996 John Wiley and Sons)
- * ISBN 0-471-11709-9.</li>
- *
- * <li><a href="http://csrc.nist.gov/encryption/modes/Recommendation/Modes01.pdf">
+ * <li>Bruce Schneier, <i>Applied Cryptography: Protocols, Algorithms, and
+ * Source Code in C, Second Edition</i>. (1996 John Wiley and Sons) ISBN
+ * 0-471-11709-9.</li>
+ * <li><a
+ * href="http://csrc.nist.gov/encryption/modes/Recommendation/Modes01.pdf">
  * Recommendation for Block Cipher Modes of Operation Methods and Techniques</a>,
  * Morris Dworkin.</li>
  * </ol>
  */
-public class CFB extends BaseMode
+public class CFB
+    extends BaseMode
 {
-
-  // Constants and variables.
-  // -----------------------------------------------------------------------
-
   /** The shift register, the input block to the block cipher. */
   private byte[] shiftRegister;
-
   /** The output block from the block cipher. */
   private byte[] scratch;
 
-  // Constructors.
-  // -----------------------------------------------------------------------
-
   /**
    * Package-private constructor for the factory class.
-   *
+   * 
    * @param underlyingCipher The cipher implementation.
    * @param cipherBlockSize The cipher's block size.
    */
@@ -104,7 +94,7 @@ public class CFB extends BaseMode
 
   /**
    * Cloneing constructor.
-   *
+   * 
    * @param that The instance being cloned.
    */
   private CFB(CFB that)
@@ -112,9 +102,6 @@ public class CFB extends BaseMode
     this((IBlockCipher) that.cipher.clone(), that.cipherBlockSize);
   }
 
-  // Instance methods implementing BaseMode.
-  // -----------------------------------------------------------------------
-
   public Object clone()
   {
     return new CFB(this);
@@ -123,25 +110,20 @@ public class CFB extends BaseMode
   public void setup()
   {
     if (modeBlockSize > cipherBlockSize)
-      {
-        throw new IllegalArgumentException(
-                                           "CFB block size cannot be larger than the cipher block size");
-      }
+      throw new IllegalArgumentException(
+          "CFB block size cannot be larger than the cipher block size");
     shiftRegister = new byte[cipherBlockSize];
     scratch = new byte[cipherBlockSize];
-    System.arraycopy(iv, 0, shiftRegister, 0, Math.min(iv.length,
-                                                       cipherBlockSize));
+    System.arraycopy(iv, 0,
+                     shiftRegister, 0,
+                     Math.min(iv.length, cipherBlockSize));
   }
 
   public void teardown()
   {
     if (shiftRegister != null)
-      {
-        for (int i = 0; i < shiftRegister.length; i++)
-          {
-            shiftRegister[i] = 0;
-          }
-      }
+      for (int i = 0; i < shiftRegister.length; i++)
+        shiftRegister[i] = 0;
     shiftRegister = null;
   }
 
@@ -149,13 +131,12 @@ public class CFB extends BaseMode
   {
     cipher.encryptBlock(shiftRegister, 0, scratch, 0);
     for (int i = 0; i < modeBlockSize; i++)
-      {
-        out[outOffset + i] = (byte) (in[inOffset + i] ^ scratch[i]);
-      }
-    System.arraycopy(shiftRegister, modeBlockSize, shiftRegister, 0,
+      out[outOffset + i] = (byte)(in[inOffset + i] ^ scratch[i]);
+    System.arraycopy(shiftRegister, modeBlockSize,
+                     shiftRegister, 0,
                      cipherBlockSize - modeBlockSize);
-    System.arraycopy(out, outOffset, shiftRegister, cipherBlockSize
-                                                    - modeBlockSize,
+    System.arraycopy(out, outOffset,
+                     shiftRegister, cipherBlockSize - modeBlockSize,
                      modeBlockSize);
   }
 
@@ -163,13 +144,12 @@ public class CFB extends BaseMode
   {
     cipher.encryptBlock(shiftRegister, 0, scratch, 0);
     for (int i = 0; i < modeBlockSize; i++)
-      {
-        out[outOffset + i] = (byte) (in[inOffset + i] ^ scratch[i]);
-      }
-    System.arraycopy(shiftRegister, modeBlockSize, shiftRegister, 0,
+      out[outOffset + i] = (byte)(in[inOffset + i] ^ scratch[i]);
+    System.arraycopy(shiftRegister, modeBlockSize,
+                     shiftRegister, 0,
                      cipherBlockSize - modeBlockSize);
-    System.arraycopy(in, inOffset, shiftRegister, cipherBlockSize
-                                                  - modeBlockSize,
+    System.arraycopy(in, inOffset,
+                     shiftRegister, cipherBlockSize - modeBlockSize,
                      modeBlockSize);
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/mode/CTR.java b/libjava/classpath/gnu/javax/crypto/mode/CTR.java
index 49f4b9f3c2a..0c856b483ee 100644
--- a/libjava/classpath/gnu/javax/crypto/mode/CTR.java
+++ b/libjava/classpath/gnu/javax/crypto/mode/CTR.java
@@ -40,59 +40,50 @@ package gnu.javax.crypto.mode;
 
 import gnu.java.security.Registry;
 import gnu.java.security.util.Sequence;
-
 import gnu.javax.crypto.cipher.IBlockCipher;
 
-import java.math.BigInteger;
 import java.util.Arrays;
 import java.util.Iterator;
 
 /**
- * <p>The implementation of the Counter Mode.</p>
- *
- * <p>The algorithm steps are formally described as follows:</p>
- *
+ * The implementation of the Counter Mode.
+ * <p>
+ * The algorithm steps are formally described as follows:
+ * 
  * <pre>
- *    CTR Encryption: O[j] = E(K)(T[j]); for j = 1, 2...n;
- *                    C[j] = P[j] ^ O[j]; for j = 1, 2...n.
- *    CTR Decryption: O[j] = E(K)(T[j]); for j = 1, 2...n;
- *                    P[j] = C[j] ^ O[j]; for j = 1, 2...n.
+ *     CTR Encryption: O[j] = E(K)(T[j]); for j = 1, 2...n;
+ *                     C[j] = P[j] &circ; O[j]; for j = 1, 2...n.
+ *     CTR Decryption: O[j] = E(K)(T[j]); for j = 1, 2...n;
+ *                     P[j] = C[j] &circ; O[j]; for j = 1, 2...n.
  * </pre>
- *
- * <p>where <code>P</code> is the plaintext, <code>C</code> is the ciphertext,
+ * 
+ * <p>
+ * where <code>P</code> is the plaintext, <code>C</code> is the ciphertext,
  * <code>E(K)</code> is the underlying block cipher encryption function
- * parametrised with the session key <code>K</code>, and <code>T</code> is the
- * <i>Counter</i>.</p>
- *
- * <p>This implementation, uses a standard incrementing function with a step of
- * 1, and an initial value similar to that described in the NIST document.</p>
- *
- * <p>References:</p>
- *
+ * parametrised with the session key <code>K</code>, and <code>T</code> is
+ * the <i>Counter</i>.
+ * <p>
+ * This implementation, uses a standard incrementing function with a step of 1,
+ * and an initial value similar to that described in the NIST document.
+ * <p>
+ * References:
  * <ol>
- *    <li><a href="http://csrc.nist.gov/encryption/modes/Recommendation/Modes01.pdf">
- *    Recommendation for Block Cipher Modes of Operation Methods and Techniques</a>,
- *    Morris Dworkin.</li>
+ * <li><a
+ * href="http://csrc.nist.gov/encryption/modes/Recommendation/Modes01.pdf">
+ * Recommendation for Block Cipher Modes of Operation Methods and Techniques</a>,
+ * Morris Dworkin.</li>
  * </ol>
  */
-public class CTR extends BaseMode implements Cloneable
+public class CTR
+    extends BaseMode
+    implements Cloneable
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  /** The current counter. */
-  //    private BigInteger T;
   private int off;
-
   private byte[] counter, enc;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Trivial package-private constructor for use by the Factory class.</p>
-   *
+   * Trivial package-private constructor for use by the Factory class.
+   * 
    * @param underlyingCipher the underlying cipher implementation.
    * @param cipherBlockSize the underlying cipher block size to use.
    */
@@ -102,8 +93,8 @@ public class CTR extends BaseMode implements Cloneable
   }
 
   /**
-   * <p>Private constructor for cloning purposes.</p>
-   *
+   * Private constructor for cloning purposes.
+   * 
    * @param that the instance to clone.
    */
   private CTR(CTR that)
@@ -111,61 +102,31 @@ public class CTR extends BaseMode implements Cloneable
     this((IBlockCipher) that.cipher.clone(), that.cipherBlockSize);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Cloneable interface implementation
-  // -------------------------------------------------------------------------
-
   public Object clone()
   {
     return new CTR(this);
   }
 
-  // Implementation of abstract methods in BaseMode
-  // -------------------------------------------------------------------------
-
   public void setup()
   {
     if (modeBlockSize > cipherBlockSize)
-      {
-        throw new IllegalArgumentException(
-                                           "mode size exceeds cipher block size");
-      }
+      throw new IllegalArgumentException("mode size exceeds cipher block size");
     off = 0;
     counter = new byte[cipherBlockSize];
     int i = cipherBlockSize - 1;
     int j = iv.length - 1;
     while (i >= 0 && j >= 0)
-      {
-        counter[i--] = iv[j--];
-      }
+      counter[i--] = iv[j--];
     enc = new byte[cipherBlockSize];
     cipher.encryptBlock(counter, 0, enc, 0);
-    //       if (modeBlockSize != cipherBlockSize) {
-    //          throw new IllegalArgumentException();
-    //       }
-
-    //       byte[] tBytes = new byte[modeBlockSize+1];
-    //       tBytes[0] = (byte) 0x80;
-    //       for (int i = 0; i < modeBlockSize; i++) {
-    //          tBytes[i+1] = (byte)(256 - modeBlockSize + i);
-    //       }
-
-    //       T = new BigInteger(1, tBytes);
   }
 
   public void teardown()
   {
     if (counter != null)
-      {
-        Arrays.fill(counter, (byte) 0);
-      }
+      Arrays.fill(counter, (byte) 0);
     if (enc != null)
-      {
-        Arrays.fill(enc, (byte) 0);
-      }
-    //       T = null;
+      Arrays.fill(enc, (byte) 0);
   }
 
   public void encryptBlock(byte[] in, int i, byte[] out, int o)
@@ -183,21 +144,11 @@ public class CTR extends BaseMode implements Cloneable
     return new Sequence(1, cipherBlockSize).iterator();
   }
 
-  // own methods
-  // -------------------------------------------------------------------------
-
   private void ctr(byte[] in, int inOffset, byte[] out, int outOffset)
   {
-    //       T = T.add(BigInteger.ONE);
-    //       byte[] O = T.toByteArray();
-    //       int ndx = O.length - modeBlockSize;
-    //       cipher.encryptBlock(O, ndx, O, ndx);
-    //       for (int i = 0; i < modeBlockSize; i++) {
-    //          out[outOffset++] = (byte)(in[inOffset++] ^ O[ndx++]);
-    //       }
     for (int i = 0; i < modeBlockSize; i++)
       {
-        out[outOffset++] = (byte) (in[inOffset++] ^ enc[off++]);
+        out[outOffset++] = (byte)(in[inOffset++] ^ enc[off++]);
         if (off == cipherBlockSize)
           {
             int j;
@@ -205,17 +156,13 @@ public class CTR extends BaseMode implements Cloneable
               {
                 counter[j]++;
                 if ((counter[j] & 0xFF) != 0)
-                  {
-                    break;
-                  }
+                  break;
               }
             if (j == 0)
-              {
-                counter[cipherBlockSize - 1]++;
-              }
+              counter[cipherBlockSize - 1]++;
             off = 0;
             cipher.encryptBlock(counter, 0, enc, 0);
           }
       }
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/mode/EAX.java b/libjava/classpath/gnu/javax/crypto/mode/EAX.java
index bf260989825..401616b9f1f 100644
--- a/libjava/classpath/gnu/javax/crypto/mode/EAX.java
+++ b/libjava/classpath/gnu/javax/crypto/mode/EAX.java
@@ -39,13 +39,11 @@ exception statement from your version.  */
 package gnu.javax.crypto.mode;
 
 import gnu.java.security.Registry;
-
 import gnu.javax.crypto.cipher.IBlockCipher;
 import gnu.javax.crypto.mac.IMac;
 import gnu.javax.crypto.mac.MacFactory;
 
 import java.security.InvalidKeyException;
-
 import java.util.Arrays;
 import java.util.Collections;
 import java.util.HashMap;
@@ -53,64 +51,48 @@ import java.util.Iterator;
 import java.util.Map;
 
 /**
- * <p>A conventional two-pass authenticated-encrypted mode, EAX. EAX is a
+ * A conventional two-pass authenticated-encrypted mode, EAX. EAX is a
  * <i>Authenticated Encryption with Additional Data</i> (<b>AEAD</b>) scheme,
  * which provides protection and authentication for the message, and provides
  * authentication of an (optional) header. EAX is composed of the counter mode
  * (CTR) and the one-key CBC MAC (OMAC).
- *
- * <p>This class makes full use of the {@link IAuthenticatedMode} interface,
- * that is, all methods of both {@link IMode} and {@link IMac} can be used
- * as specified in the {@link IAuthenticatedMode} interface.
- *
- * <p>References:</p>
+ * <p>
+ * This class makes full use of the {@link IAuthenticatedMode} interface, that
+ * is, all methods of both {@link IMode} and {@link IMac} can be used as
+ * specified in the {@link IAuthenticatedMode} interface.
+ * <p>
+ * References:
  * <ol>
  * <li>M. Bellare, P. Rogaway, and D. Wagner; <a
  * href="http://www.cs.berkeley.edu/~daw/papers/eprint-short-ae.pdf">A
  * Conventional Authenticated-Encryption Mode</a>.</li>
  * </ol>
  */
-public class EAX implements IAuthenticatedMode
+public class EAX
+    implements IAuthenticatedMode
 {
-
-  // Constants and fields.
-  // ------------------------------------------------------------------------
-
   /** The tag size, in bytes. */
   private int tagSize;
-
   /** The nonce OMAC instance. */
   private IMac nonceOmac;
-
   /** The header OMAC instance. */
   private IMac headerOmac;
-
   /** The message OMAC instance. */
   private IMac msgOmac;
-
   /** The CTR instance. */
   private IMode ctr;
-
   /** The direction state (encrypting or decrypting). */
   private int state;
-
   /** Whether we're initialized or not. */
   private boolean init;
-
   /** The cipher block size. */
   private int cipherBlockSize;
-
   /** The cipher. */
   private IBlockCipher cipher;
-
   /** The [t]_n array. */
   private byte[] t_n;
-
   private static boolean valid = false;
 
-  // Constructor.
-  // ------------------------------------------------------------------------
-
   public EAX(IBlockCipher cipher, int cipherBlockSize)
   {
     this.cipher = cipher;
@@ -118,9 +100,7 @@ public class EAX implements IAuthenticatedMode
     String name = cipher.name();
     int i = name.indexOf('-');
     if (i >= 0)
-      {
-        name = name.substring(0, i);
-      }
+      name = name.substring(0, i);
     String omacname = Registry.OMAC_PREFIX + name;
     nonceOmac = MacFactory.getInstance(omacname);
     headerOmac = MacFactory.getInstance(omacname);
@@ -130,9 +110,6 @@ public class EAX implements IAuthenticatedMode
     init = false;
   }
 
-  // IMode instance methods.
-  // ------------------------------------------------------------------------
-
   public Object clone()
   {
     return new EAX((IBlockCipher) cipher.clone(), cipherBlockSize);
@@ -167,17 +144,12 @@ public class EAX implements IAuthenticatedMode
   {
     byte[] nonce = (byte[]) attrib.get(IV);
     if (nonce == null)
-      {
-        throw new IllegalArgumentException("no nonce provided");
-      }
+      throw new IllegalArgumentException("no nonce provided");
     byte[] key = (byte[]) attrib.get(KEY_MATERIAL);
     if (key == null)
-      {
-        throw new IllegalArgumentException("no key provided");
-      }
+      throw new IllegalArgumentException("no key provided");
 
     Arrays.fill(t_n, (byte) 0);
-
     nonceOmac.reset();
     nonceOmac.init(Collections.singletonMap(MAC_KEY_MATERIAL, key));
     nonceOmac.update(t_n, 0, t_n.length);
@@ -186,57 +158,41 @@ public class EAX implements IAuthenticatedMode
     nonceOmac.reset();
     nonceOmac.update(t_n, 0, t_n.length);
     nonceOmac.update(nonce, 0, nonce.length);
-
     t_n[t_n.length - 1] = 1;
     headerOmac.reset();
     headerOmac.init(Collections.singletonMap(MAC_KEY_MATERIAL, key));
     headerOmac.update(t_n, 0, t_n.length);
-
     t_n[t_n.length - 1] = 2;
     msgOmac.reset();
     msgOmac.init(Collections.singletonMap(MAC_KEY_MATERIAL, key));
     msgOmac.update(t_n, 0, t_n.length);
-
     Integer modeSize = (Integer) attrib.get(MODE_BLOCK_SIZE);
     if (modeSize == null)
-      {
-        modeSize = new Integer(cipherBlockSize);
-      }
+      modeSize = Integer.valueOf(cipherBlockSize);
     HashMap ctrAttr = new HashMap();
     ctrAttr.put(KEY_MATERIAL, key);
     ctrAttr.put(IV, N);
-    ctrAttr.put(STATE, new Integer(ENCRYPTION));
+    ctrAttr.put(STATE, Integer.valueOf(ENCRYPTION));
     ctrAttr.put(MODE_BLOCK_SIZE, modeSize);
     ctr.reset();
     ctr.init(ctrAttr);
-
     Integer st = (Integer) attrib.get(STATE);
     if (st != null)
       {
         state = st.intValue();
         if (state != ENCRYPTION && state != DECRYPTION)
-          {
-            throw new IllegalArgumentException("invalid state");
-          }
+          throw new IllegalArgumentException("invalid state");
       }
     else
-      {
-        state = ENCRYPTION;
-      }
+      state = ENCRYPTION;
 
     Integer ts = (Integer) attrib.get(TRUNCATED_SIZE);
     if (ts != null)
-      {
-        tagSize = ts.intValue();
-      }
+      tagSize = ts.intValue();
     else
-      {
-        tagSize = cipherBlockSize;
-      }
+      tagSize = cipherBlockSize;
     if (tagSize < 0 || tagSize > cipherBlockSize)
-      {
-        throw new IllegalArgumentException("tag size out of range");
-      }
+      throw new IllegalArgumentException("tag size out of range");
     init = true;
   }
 
@@ -247,28 +203,20 @@ public class EAX implements IAuthenticatedMode
 
   public void encryptBlock(byte[] in, int inOff, byte[] out, int outOff)
   {
-    if (!init)
-      {
-        throw new IllegalStateException("not initialized");
-      }
+    if (! init)
+      throw new IllegalStateException("not initialized");
     if (state != ENCRYPTION)
-      {
-        throw new IllegalStateException("not encrypting");
-      }
+      throw new IllegalStateException("not encrypting");
     ctr.update(in, inOff, out, outOff);
     msgOmac.update(out, outOff, ctr.currentBlockSize());
   }
 
   public void decryptBlock(byte[] in, int inOff, byte[] out, int outOff)
   {
-    if (!init)
-      {
-        throw new IllegalStateException("not initialized");
-      }
+    if (! init)
+      throw new IllegalStateException("not initialized");
     if (state != DECRYPTION)
-      {
-        throw new IllegalStateException("not decrypting");
-      }
+      throw new IllegalStateException("not decrypting");
     msgOmac.update(in, inOff, ctr.currentBlockSize());
     ctr.update(in, inOff, out, outOff);
   }
@@ -301,9 +249,6 @@ public class EAX implements IAuthenticatedMode
     return true; // XXX
   }
 
-  // IMac instance methods.
-  // ------------------------------------------------------------------------
-
   public int macSize()
   {
     return tagSize;
@@ -319,34 +264,26 @@ public class EAX implements IAuthenticatedMode
   public void digest(byte[] out, int outOffset)
   {
     if (outOffset < 0 || outOffset + tagSize > out.length)
-      {
-        throw new IndexOutOfBoundsException();
-      }
+      throw new IndexOutOfBoundsException();
     byte[] N = nonceOmac.digest();
     byte[] H = headerOmac.digest();
     byte[] M = msgOmac.digest();
     for (int i = 0; i < tagSize; i++)
-      {
-        out[outOffset + i] = (byte) (N[i] ^ H[i] ^ M[i]);
-      }
+      out[outOffset + i] = (byte)(N[i] ^ H[i] ^ M[i]);
     reset();
   }
 
   public void update(byte b)
   {
-    if (!init)
-      {
-        throw new IllegalStateException("not initialized");
-      }
+    if (! init)
+      throw new IllegalStateException("not initialized");
     headerOmac.update(b);
   }
 
   public void update(byte[] buf, int off, int len)
   {
-    if (!init)
-      {
-        throw new IllegalStateException("not initialized");
-      }
+    if (! init)
+      throw new IllegalStateException("not initialized");
     headerOmac.update(buf, off, len);
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/mode/ECB.java b/libjava/classpath/gnu/javax/crypto/mode/ECB.java
index 3b33a1848fe..665e526ca11 100644
--- a/libjava/classpath/gnu/javax/crypto/mode/ECB.java
+++ b/libjava/classpath/gnu/javax/crypto/mode/ECB.java
@@ -42,44 +42,40 @@ import gnu.java.security.Registry;
 import gnu.javax.crypto.cipher.IBlockCipher;
 
 /**
- * <p>The implementation of the Electronic Codebook mode.</p>
- *
- * <p>The Electronic Codebook (ECB) mode is a confidentiality mode that is
- * defined as follows:</p>
- *
+ * The implementation of the Electronic Codebook mode.
+ * <p>
+ * The Electronic Codebook (ECB) mode is a confidentiality mode that is defined
+ * as follows:
  * <ul>
- *    <li>ECB Encryption: C<sub>j</sub> = CIPH<sub>K</sub>(P<sub>j</sub>) for j = 1...n</li>
- *    <li>ECB Decryption: P<sub>j</sub> = CIPH<sup>-1</sup><sub>K</sub>(C<sub>j</sub>) for j = 1...n</li>
+ * <li>ECB Encryption: C<sub>j</sub> = CIPH<sub>K</sub>(P<sub>j</sub>)
+ * for j = 1...n</li>
+ * <li>ECB Decryption: P<sub>j</sub> = CIPH<sup>-1</sup><sub>K</sub>(C<sub>j</sub>)
+ * for j = 1...n</li>
  * </ul>
- *
- * <p>In ECB encryption, the forward cipher function is applied directly, and
+ * <p>
+ * In ECB encryption, the forward cipher function is applied directly, and
  * independently, to each block of the plaintext. The resulting sequence of
- * output blocks is the ciphertext.</p>
- *
- * <p>In ECB decryption, the inverse cipher function is applied directly, and
+ * output blocks is the ciphertext.
+ * <p>
+ * In ECB decryption, the inverse cipher function is applied directly, and
  * independently, to each block of the ciphertext. The resulting sequence of
- * output blocks is the plaintext.</p>
- *
- * <p>References:</p>
- *
+ * output blocks is the plaintext.
+ * <p>
+ * References:
  * <ol>
- *    <li><a href="http://csrc.nist.gov/encryption/modes/Recommendation/Modes01.pdf">
- *    Recommendation for Block Cipher Modes of Operation Methods and Techniques</a>,
- *    Morris Dworkin.</li>
+ * <li><a
+ * href="http://csrc.nist.gov/encryption/modes/Recommendation/Modes01.pdf">
+ * Recommendation for Block Cipher Modes of Operation Methods and Techniques</a>,
+ * Morris Dworkin.</li>
  * </ol>
  */
-public class ECB extends BaseMode implements Cloneable
+public class ECB
+    extends BaseMode
+    implements Cloneable
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Trivial package-private constructor for use by the Factory class.</p>
-   *
+   * Trivial package-private constructor for use by the Factory class.
+   * 
    * @param underlyingCipher the underlying cipher implementation.
    * @param cipherBlockSize the underlying cipher block size to use.
    */
@@ -89,8 +85,8 @@ public class ECB extends BaseMode implements Cloneable
   }
 
   /**
-   * <p>Private constructor for cloning purposes.</p>
-   *
+   * Private constructor for cloning purposes.
+   * 
    * @param that the mode to clone.
    */
   private ECB(ECB that)
@@ -98,27 +94,15 @@ public class ECB extends BaseMode implements Cloneable
     this((IBlockCipher) that.cipher.clone(), that.cipherBlockSize);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.lang.Cloneable interface implementation ----------------------------
-
   public Object clone()
   {
     return new ECB(this);
   }
 
-  // Implementation of abstract methods in BaseMode --------------------------
-
   public void setup()
   {
     if (modeBlockSize != cipherBlockSize)
-      {
-        throw new IllegalArgumentException(IMode.MODE_BLOCK_SIZE);
-      }
+      throw new IllegalArgumentException(IMode.MODE_BLOCK_SIZE);
   }
 
   public void teardown()
@@ -134,4 +118,4 @@ public class ECB extends BaseMode implements Cloneable
   {
     cipher.decryptBlock(in, i, out, o);
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/mode/IAuthenticatedMode.java b/libjava/classpath/gnu/javax/crypto/mode/IAuthenticatedMode.java
index 989e3edbcd0..703679dc0a6 100644
--- a/libjava/classpath/gnu/javax/crypto/mode/IAuthenticatedMode.java
+++ b/libjava/classpath/gnu/javax/crypto/mode/IAuthenticatedMode.java
@@ -43,16 +43,14 @@ import gnu.javax.crypto.mac.IMac;
 /**
  * The interface for encryption modes that also produce a message authentication
  * tag.
- *
- * <p>This interface is merely the conjuction of the {@link IMode} and
- * {@link IMac} interfaces. Encryption and decryption is done via the
- * {@link IMode#update(byte[],int,byte[],int)} method, tag generation
- * is done via the {@link IMac#digest()} method, and header updating
- * (if supported by the mode) is done via the {@link
- * IMac#update(byte[],int,int)} method.
+ * <p>
+ * This interface is merely the conjuction of the {@link IMode} and {@link IMac}
+ * interfaces. Encryption and decryption is done via the
+ * {@link IMode#update(byte[],int,byte[],int)} method, tag generation is done
+ * via the {@link IMac#digest()} method, and header updating (if supported by
+ * the mode) is done via the {@link IMac#update(byte[],int,int)} method.
  */
-public interface IAuthenticatedMode extends IMode, IMac
+public interface IAuthenticatedMode
+    extends IMode, IMac
 {
-
-  // Trivial conjunction of IMode and IMac.
 }
diff --git a/libjava/classpath/gnu/javax/crypto/mode/ICM.java b/libjava/classpath/gnu/javax/crypto/mode/ICM.java
index d37908b5dfd..833ddb18f7f 100644
--- a/libjava/classpath/gnu/javax/crypto/mode/ICM.java
+++ b/libjava/classpath/gnu/javax/crypto/mode/ICM.java
@@ -44,75 +44,66 @@ import gnu.javax.crypto.cipher.IBlockCipher;
 import java.math.BigInteger;
 
 /**
- * <p>An implementation of <i>David McGrew</i> Integer Counter Mode (ICM) as an
- * {@link IMode}.</p>
- *
- * <p>ICM is a way to define a pseudorandom keystream generator using a block
- * cipher. The keystream can be used for additive encryption, key derivation,
- * or any other application requiring pseudorandom data. In the case of this
- * class, it is used as additive encryption, XOR-ing the keystream with the
- * input text --for both encryption and decryption.</p>
- *
- * <p>In ICM, the keystream is logically broken into segments. Each segment is
+ * An implementation of <i>David McGrew</i> Integer Counter Mode (ICM) as an
+ * {@link IMode}.
+ * <p>
+ * ICM is a way to define a pseudorandom keystream generator using a block
+ * cipher. The keystream can be used for additive encryption, key derivation, or
+ * any other application requiring pseudorandom data. In the case of this class,
+ * it is used as additive encryption, XOR-ing the keystream with the input text
+ * --for both encryption and decryption.
+ * <p>
+ * In ICM, the keystream is logically broken into segments. Each segment is
  * identified with a segment index, and the segments have equal lengths. This
  * segmentation makes ICM especially appropriate for securing packet-based
  * protocols. ICM also allows a variety of configurations based, among other
- * things, on two parameters: the <i>block index length</i> and the
- * <i>segment index length</i>. A constraint on those two values exists: The sum
- * of <i>segment index length</i> and <i>block index length</i> <b>must not</b>
- * half the <i>block size</i> of the underlying cipher. This requirement protects
- * the ICM keystream generator from potentially failing to be pseudorandom.</p>
- *
- * <p>For simplicity, this implementation, fixes these two values to the
- * following:</p>
- *
+ * things, on two parameters: the <i>block index length</i> and the <i>segment
+ * index length</i>. A constraint on those two values exists: The sum of
+ * <i>segment index length</i> and <i>block index length</i> <b>must not</b>
+ * half the <i>block size</i> of the underlying cipher. This requirement
+ * protects the ICM keystream generator from potentially failing to be
+ * pseudorandom.
+ * <p>
+ * For simplicity, this implementation, fixes these two values to the following:
  * <ul>
- *    <li>block index length: is half the underlying cipher block size, and</li>
- *    <li>segment index length: is zero.</li>
+ * <li>block index length: is half the underlying cipher block size, and</li>
+ * <li>segment index length: is zero.</li>
  * </ul>
- *
- * <p>For a 128-bit block cipher, the above values imply a maximum keystream
- * length of 295,147,905,179,352,825,856 octets, since in ICM, each segment must
- * not exceed the value <code>(256 ^ <i>block index length</i>) * <i>block length</i></code>
- * octets.</p>
- *
- * <p>Finally, for this implementation of the ICM, the IV placeholder will be
- * used to pass the value of the <i>Offset</i> in the keystream segment.</p>
- *
- * <p>References:</p>
- *
+ * <p>
+ * For a 128-bit block cipher, the above values imply a maximum keystream length
+ * of 295,147,905,179,352,825,856 octets, since in ICM, each segment must not
+ * exceed the value
+ * <code>(256 ^ <i>block index length</i>) * <i>block length</i></code>
+ * octets.
+ * <p>
+ * Finally, for this implementation of the ICM, the IV placeholder will be used
+ * to pass the value of the <i>Offset</i> in the keystream segment.
+ * <p>
+ * References:
  * <ol>
- *    <li><a href="http://www.ietf.org/internet-drafts/draft-mcgrew-saag-icm-00.txt">
- *    Integer Counter Mode</a>, David A. McGrew.</li>
+ * <li><a
+ * href="http://www.ietf.org/internet-drafts/draft-mcgrew-saag-icm-00.txt">
+ * Integer Counter Mode</a>, David A. McGrew.</li>
  * </ol>
  */
-public class ICM extends BaseMode implements Cloneable
+public class ICM
+    extends BaseMode
+    implements Cloneable
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** The integer value 256 as a BigInteger. */
   private static final BigInteger TWO_FIFTY_SIX = new BigInteger("256");
-
   /** Maximum number of blocks per segment. */
   private BigInteger maxBlocksPerSegment;
-
   /** A work constant. */
   private BigInteger counterRange;
-
   /** The initial counter for a given keystream segment. */
   private BigInteger C0;
-
   /** The index of the next block for a given keystream segment. */
   private BigInteger blockNdx;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Trivial package-private constructor for use by the Factory class.</p>
-   *
+   * Trivial package-private constructor for use by the Factory class.
+   * 
    * @param underlyingCipher the underlying cipher implementation.
    * @param cipherBlockSize the underlying cipher block size to use.
    */
@@ -122,8 +113,8 @@ public class ICM extends BaseMode implements Cloneable
   }
 
   /**
-   * <p>Private constructor for cloning purposes.<p>
-   *
+   * Private constructor for cloning purposes.
+   * 
    * @param that the instance to clone.
    */
   private ICM(ICM that)
@@ -131,27 +122,15 @@ public class ICM extends BaseMode implements Cloneable
     this((IBlockCipher) that.cipher.clone(), that.cipherBlockSize);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Cloneable interface implementation
-  // -------------------------------------------------------------------------
-
   public Object clone()
   {
     return new ICM(this);
   }
 
-  // Implementation of abstract methods in BaseMode
-  // -------------------------------------------------------------------------
-
   public void setup()
   {
     if (modeBlockSize != cipherBlockSize)
-      {
-        throw new IllegalArgumentException();
-      }
-
+      throw new IllegalArgumentException();
     counterRange = TWO_FIFTY_SIX.pow(cipherBlockSize);
     maxBlocksPerSegment = TWO_FIFTY_SIX.pow(cipherBlockSize / 2);
     BigInteger r = new BigInteger(1, iv);
@@ -177,35 +156,13 @@ public class ICM extends BaseMode implements Cloneable
     icm(in, i, out, o);
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   private void icm(byte[] in, int inOffset, byte[] out, int outOffset)
   {
     if (blockNdx.compareTo(maxBlocksPerSegment) >= 0)
       throw new RuntimeException("Maximum blocks for segment reached");
-
-    // encrypt the counter for the current blockNdx
-    // C[i] = (C[0] + i) modulo (256^BLOCK_LENGTH).
-
     BigInteger Ci = C0.add(blockNdx).modPow(BigInteger.ONE, counterRange);
     byte[] result = Ci.toByteArray();
     int limit = result.length;
-    //      if (limit < cipherBlockSize) {
-    //         byte[] data = new byte[cipherBlockSize];
-    //         System.arraycopy(result, 0, data, cipherBlockSize-limit, limit);
-    //         result = data;
-    //      } else if (limit > cipherBlockSize) {
-    //         byte[] data = new byte[cipherBlockSize];
-    //         System.arraycopy(result, limit-cipherBlockSize, data, 0, cipherBlockSize);
-    //         result = data;
-    //      }
-    //
-    //      cipher.encryptBlock(result, 0, result, 0);
-    //      blockNdx = blockNdx.add(BigInteger.ONE); // increment blockNdx
-    //      for (int i = 0; i < modeBlockSize; ) { // xor result with input block
-    //         out[outOffset++] = (byte)(in[inOffset++] ^ result[i++]);
-    //      }
     int ndx = 0;
     if (limit < cipherBlockSize)
       {
@@ -214,15 +171,11 @@ public class ICM extends BaseMode implements Cloneable
         result = data;
       }
     else if (limit > cipherBlockSize)
-      {
-        ndx = limit - cipherBlockSize;
-      }
+      ndx = limit - cipherBlockSize;
 
     cipher.encryptBlock(result, ndx, result, ndx);
     blockNdx = blockNdx.add(BigInteger.ONE); // increment blockNdx
-    for (int i = 0; i < modeBlockSize; i++)
-      { // xor result with input block
-        out[outOffset++] = (byte) (in[inOffset++] ^ result[ndx++]);
-      }
+    for (int i = 0; i < modeBlockSize; i++) // xor result with input block
+      out[outOffset++] = (byte)(in[inOffset++] ^ result[ndx++]);
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/mode/IMode.java b/libjava/classpath/gnu/javax/crypto/mode/IMode.java
index 4cb6ca64bd9..30485117d45 100644
--- a/libjava/classpath/gnu/javax/crypto/mode/IMode.java
+++ b/libjava/classpath/gnu/javax/crypto/mode/IMode.java
@@ -41,105 +41,83 @@ package gnu.javax.crypto.mode;
 import gnu.javax.crypto.cipher.IBlockCipher;
 
 /**
- * <p>The basic visible methods of any block cipher mode.</p>
- *
- * <p>Block ciphers encrypt plaintext in fixed size n-bit blocks. For messages
+ * The basic visible methods of any block cipher mode.
+ * <p>
+ * Block ciphers encrypt plaintext in fixed size n-bit blocks. For messages
  * larger than n bits, the simplest approach is to segment the message into
  * n-bit blocks and process (encrypt and/or decrypt) each one separately
  * (Electronic Codebook or ECB mode). But this approach has disadvantages in
  * most applications. The block cipher modes of operations are one way of
- * working around those disadvantages.</p>
- *
- * <p>A <i>Mode</i> always employs an underlying block cipher for processing its
+ * working around those disadvantages.
+ * <p>
+ * A <i>Mode</i> always employs an underlying block cipher for processing its
  * input. For all intents and purposes, a <i>Mode</i> appears to behave as any
- * other block cipher with the following differences:</p>
- *
+ * other block cipher with the following differences:
  * <ul>
- *    <li>Depending on the specifications of the mode, the block size may be
- *    different that that of the underlying cipher.</li>
- *
- *    <li>While some modes of operations allow operations on block sizes that
- *    can be 1-bit long, this library will only deal with sizes that are
- *    multiple of 8 bits. This is because the <tt>byte</tt> is the smallest,
- *    easy to handle, primitive type in Java.</li>
- *
- *    <li>Some modes need an <i>Initialisation Vector</i> (IV) to be properly
- *    initialised.</li>
+ * <li>Depending on the specifications of the mode, the block size may be
+ * different that that of the underlying cipher.</li>
+ * <li>While some modes of operations allow operations on block sizes that can
+ * be 1-bit long, this library will only deal with sizes that are multiple of 8
+ * bits. This is because the <tt>byte</tt> is the smallest, easy to handle,
+ * primitive type in Java.</li>
+ * <li>Some modes need an <i>Initialisation Vector</i> (IV) to be properly
+ * initialised.</li>
  * </ul>
- *
- * <p>Possible additional initialisation values for an instance of that type
- * are:</p>
- *
+ * <p>
+ * Possible additional initialisation values for an instance of that type are:
  * <ul>
- *    <li>The block size in which to operate this mode instance. This
- *    value is <b>optional</b>, if unspecified, the underlying block cipher's
- *    configured block size shall be used.</li>
- *
- *    <li>Whether this mode will be used for encryption or decryption. This
- *    value is <b>mandatory</b> and should be included in the initialisation
- *    parameters. If it isn't, a {@link java.lang.IllegalStateException} will
- *    be thrown if any method, other than <code>reset()</code> is invoked on the
- *    instance.</li>
- *
- *    <li>The byte array containing the <i>initialisation vector</i>, if
- *    required by this type of mode.</li>
+ * <li>The block size in which to operate this mode instance. This value is
+ * <b>optional</b>, if unspecified, the underlying block cipher's configured
+ * block size shall be used.</li>
+ * <li>Whether this mode will be used for encryption or decryption. This value
+ * is <b>mandatory</b> and should be included in the initialisation parameters.
+ * If it isn't, a {@link java.lang.IllegalStateException} will be thrown if any
+ * method, other than <code>reset()</code> is invoked on the instance.</li>
+ * <li>The byte array containing the <i>initialisation vector</i>, if required
+ * by this type of mode.</li>
  * </ul>
  */
-public interface IMode extends IBlockCipher
+public interface IMode
+    extends IBlockCipher
 {
-
-  // Constants
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Property name of the state in which to operate this mode. The value
+   * Property name of the state in which to operate this mode. The value
    * associated to this property name is taken to be an {@link Integer} which
-   * value is either <code>ENCRYPTION</code> or <code>DECRYPTION</code>.</p>
+   * value is either <code>ENCRYPTION</code> or <code>DECRYPTION</code>.
    */
   String STATE = "gnu.crypto.mode.state";
-
   /**
-   * <p>Property name of the block size in which to operate this mode. The
-   * value associated with this property name is taken to be an {@link Integer}.
-   * If it is not specified, the value of the block size of the underlying
-   * block cipher, used to construct the mode instance, shall be used.</p>
+   * Property name of the block size in which to operate this mode. The value
+   * associated with this property name is taken to be an {@link Integer}. If
+   * it is not specified, the value of the block size of the underlying block
+   * cipher, used to construct the mode instance, shall be used.
    */
   String MODE_BLOCK_SIZE = "gnu.crypto.mode.block.size";
-
   /**
-   * <p>Property name of the initialisation vector to use, if required, with
-   * this instance. The value associated with this property name is taken to
-   * be a byte array. If the concrete instance needs such a parameter, and it
-   * has not been specified as part of the initialissation parameters, an
-   * all-zero byte array of the appropriate size shall be used.</p>
+   * Property name of the initialisation vector to use, if required, with this
+   * instance. The value associated with this property name is taken to be a
+   * byte array. If the concrete instance needs such a parameter, and it has not
+   * been specified as part of the initialissation parameters, an all-zero byte
+   * array of the appropriate size shall be used.
    */
   String IV = "gnu.crypto.mode.iv";
-
-  /**
-   * <p>Constant indicating the instance is being used for <i>encryption</i>.</p>
-   */
+  /** Constant indicating the instance is being used for <i>encryption</i>. */
   int ENCRYPTION = 1;
-
-  /**
-   * <p>Constant indicating the instance is being used for <i>decryption</i>.</p>
-   */
+  /** Constant indicating the instance is being used for <i>decryption</i>. */
   int DECRYPTION = 2;
 
-  // Methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>A convenience method. Effectively invokes the <code>encryptBlock()</code>
+   * A convenience method. Effectively invokes the <code>encryptBlock()</code>
    * or <code>decryptBlock()</code> method depending on the operational state
-   * of the instance.</p>
-   *
+   * of the instance.
+   * 
    * @param in the plaintext.
    * @param inOffset index of <code>in</code> from which to start considering
-   * data.
+   *          data.
    * @param out the ciphertext.
    * @param outOffset index of <code>out</code> from which to store result.
    * @exception IllegalStateException if the instance is not initialised.
    */
   void update(byte[] in, int inOffset, byte[] out, int outOffset)
       throws IllegalStateException;
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/mode/ModeFactory.java b/libjava/classpath/gnu/javax/crypto/mode/ModeFactory.java
index 0e949ed9e96..d1acdf4e599 100644
--- a/libjava/classpath/gnu/javax/crypto/mode/ModeFactory.java
+++ b/libjava/classpath/gnu/javax/crypto/mode/ModeFactory.java
@@ -49,16 +49,12 @@ import java.util.Iterator;
 import java.util.Set;
 
 /**
- * <p>A <i>Factory</i> to instantiate block cipher modes of operations.</p>
+ * A <i>Factory</i> to instantiate block cipher modes of operations.
  */
-public class ModeFactory implements Registry
+public class ModeFactory
+    implements Registry
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
+  private static Set names;
 
   /** Trivial constructor to enforce Singleton pattern. */
   private ModeFactory()
@@ -66,37 +62,29 @@ public class ModeFactory implements Registry
     super();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns an instance of a block cipher mode of operations given its name
-   * and characteristics of the underlying block cipher.</p>
-   *
+   * Returns an instance of a block cipher mode of operations given its name and
+   * characteristics of the underlying block cipher.
+   * 
    * @param mode the case-insensitive name of the mode of operations.
    * @param cipher the case-insensitive name of the block cipher.
    * @param cipherBlockSize the block size, in bytes, of the underlying cipher.
    * @return an instance of the block cipher algorithm, operating in a given
-   * mode of operations, or <code>null</code> if none found.
+   *         mode of operations, or <code>null</code> if none found.
    * @exception InternalError if either the mode or the underlying block cipher
-   * implementation does not pass its self-test.
+   *              implementation does not pass its self-test.
    */
   public static IMode getInstance(String mode, String cipher,
                                   int cipherBlockSize)
   {
     if (mode == null || cipher == null)
-      {
-        return null;
-      }
+      return null;
 
     mode = mode.trim();
     cipher = cipher.trim();
-
     IBlockCipher cipherImpl = CipherFactory.getInstance(cipher);
     if (cipherImpl == null)
-      {
-        return null;
-      }
+      return null;
 
     return getInstance(mode, cipherImpl, cipherBlockSize);
   }
@@ -110,59 +98,36 @@ public class ModeFactory implements Registry
       {
         ok = (cipherBlockSize == ((Integer) it.next()).intValue());
         if (ok)
-          {
-            break;
-          }
-      }
-
-    if (!ok)
-      {
-        throw new IllegalArgumentException("cipherBlockSize");
+          break;
       }
-
+    if (! ok)
+      throw new IllegalArgumentException("cipherBlockSize");
     IMode result = null;
     if (mode.equalsIgnoreCase(ECB_MODE))
-      {
-        result = new ECB(cipher, cipherBlockSize);
-      }
+      result = new ECB(cipher, cipherBlockSize);
     else if (mode.equalsIgnoreCase(CTR_MODE))
-      {
-        result = new CTR(cipher, cipherBlockSize);
-      }
+      result = new CTR(cipher, cipherBlockSize);
     else if (mode.equalsIgnoreCase(ICM_MODE))
-      {
-        result = new ICM(cipher, cipherBlockSize);
-      }
+      result = new ICM(cipher, cipherBlockSize);
     else if (mode.equalsIgnoreCase(OFB_MODE))
-      {
-        result = new OFB(cipher, cipherBlockSize);
-      }
+      result = new OFB(cipher, cipherBlockSize);
     else if (mode.equalsIgnoreCase(CBC_MODE))
-      {
-        result = new CBC(cipher, cipherBlockSize);
-      }
+      result = new CBC(cipher, cipherBlockSize);
     else if (mode.equalsIgnoreCase(CFB_MODE))
-      {
-        result = new CFB(cipher, cipherBlockSize);
-      }
+      result = new CFB(cipher, cipherBlockSize);
     else if (mode.equalsIgnoreCase(EAX_MODE))
-      {
-        result = new EAX(cipher, cipherBlockSize);
-      }
+      result = new EAX(cipher, cipherBlockSize);
 
-    if (result != null && !result.selfTest())
-      {
-        throw new InternalError(result.name());
-      }
+    if (result != null && ! result.selfTest())
+      throw new InternalError(result.name());
 
     return result;
   }
 
   /**
-   * <p>Returns a {@link java.util.Set} of names of mode supported by this
-   * <i>Factory</i>.</p>
-   *
-   * @return a {@link java.util.Set} of mode names (Strings).
+   * Returns a {@link Set} of names of mode supported by this <i>Factory</i>.
+   * 
+   * @return a {@link Set} of mode names (Strings).
    */
   public static final Set getNames()
   {
@@ -178,15 +143,9 @@ public class ModeFactory implements Registry
             hs.add(CBC_MODE);
             hs.add(CFB_MODE);
             hs.add(EAX_MODE);
-
             names = Collections.unmodifiableSet(hs);
           }
       }
     return names;
   }
-
-  private static Set names;
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/mode/OFB.java b/libjava/classpath/gnu/javax/crypto/mode/OFB.java
index 68065d10b9c..c8b6d7e97e7 100644
--- a/libjava/classpath/gnu/javax/crypto/mode/OFB.java
+++ b/libjava/classpath/gnu/javax/crypto/mode/OFB.java
@@ -39,33 +39,33 @@ exception statement from your version.  */
 package gnu.javax.crypto.mode;
 
 import gnu.java.security.Registry;
-
 import gnu.javax.crypto.cipher.IBlockCipher;
 
 /**
- * <p>The Output Feedback (OFB) mode is a confidentiality mode that requires a
+ * The Output Feedback (OFB) mode is a confidentiality mode that requires a
  * unique <code>IV</code> for every message that is ever encrypted under the
- * given key. The OFB mode is defined as follows:</p>
- *
+ * given key. The OFB mode is defined as follows:
+ * <ul>
+ * <li>OFB Encryption:
  * <ul>
- *    <li>OFB Encryption:
- *    <ul>
- *       <li>I<sub>1</sub> = IV;</li>
- *       <li>I<sub>j</sub> = O<sub>j -1</sub> for j = 2...n;</li>
- *       <li>O<sub>j</sub> = CIPH<sub>K</sub>(I<sub>j</sub>) for j = 1, 2...n;</li>
- *       <li>C<sub>j</sub> = P<sub>j</sub> XOR O<sub>j</sub> for j = 1, 2...n.</li>
- *    </ul></li>
+ * <li>I<sub>1</sub> = IV;</li>
+ * <li>I<sub>j</sub> = O<sub>j -1</sub> for j = 2...n;</li>
+ * <li>O<sub>j</sub> = CIPH<sub>K</sub>(I<sub>j</sub>) for j = 1, 2...n;</li>
+ * <li>C<sub>j</sub> = P<sub>j</sub> XOR O<sub>j</sub> for j = 1, 2...n.</li>
+ * </ul>
+ * </li>
  * <li>OFB Decryption:
- *    <ul>
- *       <li>I<sub>1</sub> = IV;</li>
- *       <li>I<sub>j</sub> = O<sub>j -1</sub> for j = 2...n;</li>
- *       <li>O<sub>j</sub> = CIPH<sub>K</sub>(I<sub>j</sub>) for j = 1, 2...n;</li>
- *       <li>P<sub>j</sub> = C<sub>j</sub> XOR O<sub>j</sub> for j = 1, 2...n.</li>
- *    </ul></li>
+ * <ul>
+ * <li>I<sub>1</sub> = IV;</li>
+ * <li>I<sub>j</sub> = O<sub>j -1</sub> for j = 2...n;</li>
+ * <li>O<sub>j</sub> = CIPH<sub>K</sub>(I<sub>j</sub>) for j = 1, 2...n;</li>
+ * <li>P<sub>j</sub> = C<sub>j</sub> XOR O<sub>j</sub> for j = 1, 2...n.</li>
  * </ul>
- *
- * <p>In OFB encryption, the <code>IV</code> is transformed by the forward
- * cipher function to produce the first output block. The first output block is
+ * </li>
+ * </ul>
+ * <p>
+ * In OFB encryption, the <code>IV</code> is transformed by the forward cipher
+ * function to produce the first output block. The first output block is
  * exclusive-ORed with the first plaintext block to produce the first ciphertext
  * block. The first output block is then transformed by the forward cipher
  * function to produce the second output block. The second output block is
@@ -74,9 +74,9 @@ import gnu.javax.crypto.cipher.IBlockCipher;
  * cipher function to produce the third output block. Thus, the successive
  * output blocks are produced from enciphering the previous output blocks, and
  * the output blocks are exclusive-ORed with the corresponding plaintext blocks
- * to produce the ciphertext blocks.</p>
- *
- * <p>In OFB decryption, the <code>IV</code> is transformed by the forward cipher
+ * to produce the ciphertext blocks.
+ * <p>
+ * In OFB decryption, the <code>IV</code> is transformed by the forward cipher
  * function to produce the first output block. The first output block is
  * exclusive-ORed with the first ciphertext block to recover the first plaintext
  * block. The first output block is then transformed by the forward cipher
@@ -86,51 +86,46 @@ import gnu.javax.crypto.cipher.IBlockCipher;
  * forward cipher function to produce the third output block. Thus, the
  * successive output blocks are produced from enciphering the previous output
  * blocks, and the output blocks are exclusive-ORed with the corresponding
- * ciphertext blocks to recover the plaintext blocks.</p>
- *
- * <p>In both OFB encryption and OFB decryption, each forward cipher function
+ * ciphertext blocks to recover the plaintext blocks.
+ * <p>
+ * In both OFB encryption and OFB decryption, each forward cipher function
  * (except the first) depends on the results of the previous forward cipher
- * function; therefore, multiple forward cipher functions cannot be performed
- * in parallel. However, if the <code>IV</code> is known, the output blocks can
- * be generated prior to the availability of the plaintext or ciphertext data.</p>
- *
- * <p>The OFB mode requires a unique <code>IV</code> for every message that is
+ * function; therefore, multiple forward cipher functions cannot be performed in
+ * parallel. However, if the <code>IV</code> is known, the output blocks can
+ * be generated prior to the availability of the plaintext or ciphertext data.
+ * <p>
+ * The OFB mode requires a unique <code>IV</code> for every message that is
  * ever encrypted under the given key. If, contrary to this requirement, the
  * same <code>IV</code> is used for the encryption of more than one message,
  * then the confidentiality of those messages may be compromised. In particular,
  * if a plaintext block of any of these messages is known, say, the j<sup>th</sup>
  * plaintext block, then the j<sup>th</sup> output of the forward cipher
- * function can be determined easily from the j<sup>th</sup> ciphertext block of
- * the message. This information allows the j<sup>th</sup> plaintext block of
- * any other message that is encrypted using the same <code>IV</code> to be
- * easily recovered from the jth ciphertext block of that message.</p>
- *
- * <p>Confidentiality may similarly be compromised if any of the input blocks to
+ * function can be determined easily from the j<sup>th</sup> ciphertext block
+ * of the message. This information allows the j<sup>th</sup> plaintext block
+ * of any other message that is encrypted using the same <code>IV</code> to be
+ * easily recovered from the jth ciphertext block of that message.
+ * <p>
+ * Confidentiality may similarly be compromised if any of the input blocks to
  * the forward cipher function for the encryption of a message is used as the
- * <code>IV</code> for the encryption of another message under the given key.</p>
- *
- * <p>References:</p>
- *
+ * <code>IV</code> for the encryption of another message under the given key.
+ * <p>
+ * References:
  * <ol>
- *    <li><a href="http://csrc.nist.gov/encryption/modes/Recommendation/Modes01.pdf">
- *    Recommendation for Block Cipher Modes of Operation Methods and Techniques</a>,
- *    Morris Dworkin.</li>
+ * <li><a
+ * href="http://csrc.nist.gov/encryption/modes/Recommendation/Modes01.pdf">
+ * Recommendation for Block Cipher Modes of Operation Methods and Techniques</a>,
+ * Morris Dworkin.</li>
  * </ol>
  */
-public class OFB extends BaseMode implements Cloneable
+public class OFB
+    extends BaseMode
+    implements Cloneable
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   private byte[] outputBlock;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Trivial package-private constructor for use by the Factory class.</p>
-   *
+   * Trivial package-private constructor for use by the Factory class.
+   * 
    * @param underlyingCipher the underlying cipher implementation.
    * @param cipherBlockSize the underlying cipher block size to use.
    */
@@ -140,8 +135,8 @@ public class OFB extends BaseMode implements Cloneable
   }
 
   /**
-   * <p>Private constructor for cloning purposes.</p>
-   *
+   * Private constructor for cloning purposes.
+   * 
    * @param that the mode to clone.
    */
   private OFB(OFB that)
@@ -149,28 +144,15 @@ public class OFB extends BaseMode implements Cloneable
     this((IBlockCipher) that.cipher.clone(), that.cipherBlockSize);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // java.lang.Cloneable interface implementation ----------------------------
-
   public Object clone()
   {
     return new OFB(this);
   }
 
-  // Implementation of abstract methods in BaseMode --------------------------
-
   public void setup()
   {
     if (modeBlockSize != cipherBlockSize)
-      {
-        throw new IllegalArgumentException(IMode.MODE_BLOCK_SIZE);
-      }
-
+      throw new IllegalArgumentException(IMode.MODE_BLOCK_SIZE);
     outputBlock = (byte[]) iv.clone();
   }
 
@@ -182,13 +164,11 @@ public class OFB extends BaseMode implements Cloneable
   {
     cipher.encryptBlock(outputBlock, 0, outputBlock, 0);
     for (int j = 0; j < cipherBlockSize;)
-      {
-        out[o++] = (byte) (in[i++] ^ outputBlock[j++]);
-      }
+      out[o++] = (byte)(in[i++] ^ outputBlock[j++]);
   }
 
   public void decryptBlock(byte[] in, int i, byte[] out, int o)
   {
     this.encryptBlock(in, i, out, o);
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/pad/BasePad.java b/libjava/classpath/gnu/javax/crypto/pad/BasePad.java
index 49c5d050a85..8b475d2d8cb 100644
--- a/libjava/classpath/gnu/javax/crypto/pad/BasePad.java
+++ b/libjava/classpath/gnu/javax/crypto/pad/BasePad.java
@@ -38,24 +38,24 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.pad;
 
+import gnu.java.security.Configuration;
+
+import java.util.Map;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+
 /**
- * <p>An abstract class to facilitate implementing padding algorithms.</p>
+ * An abstract class to facilitate implementing padding algorithms.
  */
-public abstract class BasePad implements IPad
+public abstract class BasePad
+    implements IPad
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
+  private static final Logger log = Logger.getLogger(BasePad.class.getName());
   /** The canonical name prefix of the padding algorithm. */
   protected String name;
-
   /** The block size, in bytes, for this instance. */
   protected int blockSize;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial constructor for use by concrete subclasses. */
   protected BasePad(final String name)
   {
@@ -65,84 +65,122 @@ public abstract class BasePad implements IPad
     blockSize = -1;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // IPad interface implementation -------------------------------------------
-
   public String name()
   {
     final StringBuffer sb = new StringBuffer(name);
     if (blockSize != -1)
-      {
-        sb.append('-').append(String.valueOf(8 * blockSize));
-      }
+      sb.append('-').append(String.valueOf(8 * blockSize));
     return sb.toString();
   }
 
   public void init(final int bs) throws IllegalStateException
   {
     if (blockSize != -1)
-      {
-        throw new IllegalStateException();
-      }
+      throw new IllegalStateException();
     blockSize = bs;
     setup();
   }
 
+  /**
+   * Initialises the algorithm with designated attributes. Names, valid and/or
+   * recognisable by all concrete implementations are described in {@link IPad}
+   * class documentation. Other algorithm-specific attributes MUST be documented
+   * in the implementation class of that padding algorithm.
+   * <p>
+   * For compatibility reasons, this method is not declared <i>abstract</i>.
+   * Furthermore, and unless overridden, the default implementation will throw
+   * an {@link UnsupportedOperationException}. Concrete padding algorithms MUST
+   * override this method if they wish to offer an initialisation method that
+   * allows for other than the padding block size parameter to be specified.
+   * 
+   * @param attributes a set of name-value pairs that describes the desired
+   *          future behaviour of this instance.
+   * @exception IllegalStateException if the instance is already initialised.
+   * @exception IllegalArgumentException if the block size value is invalid.
+   */
+  public void init(Map attributes) throws IllegalStateException
+  {
+    throw new UnsupportedOperationException();
+  }
+
   public void reset()
   {
     blockSize = -1;
   }
 
+  /**
+   * A default implementation of a correctness test that exercises the padder
+   * implementation, using block sizes varying from 2 to 256 bytes.
+   * 
+   * @return <code>true</code> if the concrete implementation correctly unpads
+   *         what it pads for all tested block sizes. Returns <code>false</code>
+   *         if the test fails for any block size.
+   */
   public boolean selfTest()
   {
+    final byte[] in = new byte[1024];
+    for (int bs = 2; bs < 256; bs++)
+      if (! test1BlockSize(bs, in))
+        return false;
+    return true;
+  }
+
+  /**
+   * The basic symmetric test for a padder given a specific block size.
+   * <p>
+   * The code ensures that the implementation is capable of unpadding what it
+   * pads.
+   * 
+   * @param size the block size to test.
+   * @param buffer a work buffer. It is exposed as an argument for this method
+   *          to reduce un-necessary object allocations.
+   * @return <code>true</code> if the test passes; <code>false</code>
+   *         otherwise.
+   */
+  protected boolean test1BlockSize(int size, byte[] buffer)
+  {
     byte[] padBytes;
     final int offset = 5;
-    final int limit = 1024;
-    final byte[] in = new byte[limit];
-    for (int bs = 2; bs < 256; bs++)
+    final int limit = buffer.length;
+    this.init(size);
+    for (int i = 0; i < limit - offset - blockSize; i++)
       {
-        this.init(bs);
-        for (int i = 0; i < limit - offset - blockSize; i++)
+        padBytes = pad(buffer, offset, i);
+        if (((i + padBytes.length) % blockSize) != 0)
           {
-            padBytes = pad(in, offset, i);
-            if (((i + padBytes.length) % blockSize) != 0)
-              {
-                new RuntimeException(name()).printStackTrace(System.err);
-                return false;
-              }
-
-            System.arraycopy(padBytes, 0, in, offset + i, padBytes.length);
-            try
-              {
-                if (padBytes.length != unpad(in, offset, i + padBytes.length))
-                  {
-                    new RuntimeException(name()).printStackTrace(System.err);
-                    return false;
-                  }
-              }
-            catch (WrongPaddingException x)
+            if (Configuration.DEBUG)
+              log.log(Level.SEVERE,
+                      "Length of padded text MUST be a multiple of "
+                      + blockSize, new RuntimeException(name()));
+            return false;
+          }
+        System.arraycopy(padBytes, 0, buffer, offset + i, padBytes.length);
+        try
+          {
+            if (padBytes.length != unpad(buffer, offset, i + padBytes.length))
               {
-                x.printStackTrace(System.err);
+                if (Configuration.DEBUG)
+                  log.log(Level.SEVERE,
+                          "IPad [" + name() + "] failed symmetric operation",
+                          new RuntimeException(name()));
                 return false;
               }
           }
-        this.reset();
+        catch (WrongPaddingException x)
+          {
+            if (Configuration.DEBUG)
+              log.throwing(this.getClass().getName(), "test1BlockSize", x);
+            return false;
+          }
       }
-
+    this.reset();
     return true;
   }
 
-  // abstract methods to implement by subclasses -----------------------------
-
   /**
-   * <p>If any additional checks or resource setup must be done by the
-   * subclass, then this is the hook for it. This method will be called before
-   * the {@link #init(int)} method returns.</p>
+   * If any additional checks or resource setup must be done by the subclass,
+   * then this is the hook for it. This method will be called before the
+   * {@link #init(int)} method returns.
    */
   public abstract void setup();
 
@@ -150,4 +188,4 @@ public abstract class BasePad implements IPad
 
   public abstract int unpad(byte[] in, int off, int len)
       throws WrongPaddingException;
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/pad/IPad.java b/libjava/classpath/gnu/javax/crypto/pad/IPad.java
index 4b4c925e622..0e3db7db19e 100644
--- a/libjava/classpath/gnu/javax/crypto/pad/IPad.java
+++ b/libjava/classpath/gnu/javax/crypto/pad/IPad.java
@@ -38,29 +38,32 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.pad;
 
+import java.util.Map;
+
 /**
- * <p>The basic visible methods of any padding algorithm.</p>
- *
- * <p>Padding algorithms serve to <i>pad</i> and <i>unpad</i> byte arrays usually
+ * The basic visible methods, and attribute names, of every padding algorithm.
+ * <p>
+ * Padding algorithms serve to <i>pad</i> and <i>unpad</i> byte arrays usually
  * as the last step in an <i>encryption</i> or respectively a <i>decryption</i>
  * operation. Their input buffers are usually those processed by instances of
- * {@link gnu.crypto.mode.IMode} and/or {@link gnu.crypto.cipher.IBlockCipher}.</p>
+ * {@link gnu.javax.crypto.mode.IMode} and/or
+ * {@link gnu.javax.crypto.cipher.IBlockCipher}.
  */
 public interface IPad
 {
-
-  // Constants
-  // -------------------------------------------------------------------------
-
-  // Methods
-  // -------------------------------------------------------------------------
+  /**
+   * Property name of the block size in which to operate the padding algorithm.
+   * The value associated with this property name is taken to be a positive 
+   * {@link Integer} greater than zero.
+   */
+  String PADDING_BLOCK_SIZE = "gnu.crypto.pad.block.size";
 
   /** @return the canonical name of this instance. */
   String name();
 
   /**
    * Initialises the padding scheme with a designated block size.
-   *
+   * 
    * @param bs the designated block size.
    * @exception IllegalStateException if the instance is already initialised.
    * @exception IllegalArgumentException if the block size value is invalid.
@@ -68,29 +71,43 @@ public interface IPad
   void init(int bs) throws IllegalStateException;
 
   /**
+   * Initialises the algorithm with designated attributes. Names, valid and/or
+   * recognisable by all concrete implementations are described in the class
+   * documentation above. Other algorithm-specific attributes MUST be documented
+   * in the implementation class of that padding algorithm.
+   * 
+   * @param attributes a set of name-value pairs that describes the desired
+   *          future behaviour of this instance.
+   * @exception IllegalStateException if the instance is already initialised.
+   * @exception IllegalArgumentException if the block size value is invalid.
+   */
+  void init(Map attributes) throws IllegalStateException;
+
+  /**
    * Returns the byte sequence that should be appended to the designated input.
-   *
+   * 
    * @param in the input buffer containing the bytes to pad.
    * @param offset the starting index of meaningful data in <i>in</i>.
    * @param length the number of meaningful bytes in <i>in</i>.
    * @return the possibly 0-byte long sequence to be appended to the designated
-   * input.
+   *         input.
    */
   byte[] pad(byte[] in, int offset, int length);
 
   /**
    * Returns the number of bytes to discard from a designated input buffer.
-   *
+   * 
    * @param in the input buffer containing the bytes to unpad.
    * @param offset the starting index of meaningful data in <i>in</i>.
    * @param length the number of meaningful bytes in <i>in</i>.
    * @return the number of bytes to discard, to the left of index position
-   * <tt>offset + length</tt> in <i>in</i>. In other words, if the return
-   * value of a successful invocation of this method is <tt>result</tt>, then
-   * the unpadded byte sequence will be <tt>offset + length - result</tt> bytes
-   * in <i>in</i>, starting from index position <tt>offset</tt>.
+   *         <code>offset + length</code> in <i>in</i>. In other words, if
+   *         the return value of a successful invocation of this method is
+   *         <code>result</code>, then the unpadded byte sequence will be
+   *         <code>offset + length - result</code> bytes in <i>in</i>,
+   *         starting from index position <code>offset</code>.
    * @exception WrongPaddingException if the data is not terminated with the
-   * expected padding bytes.
+   *              expected padding bytes.
    */
   int unpad(byte[] in, int offset, int length) throws WrongPaddingException;
 
@@ -102,9 +119,9 @@ public interface IPad
 
   /**
    * A basic symmetric pad/unpad test.
-   *
-   * @return <tt>true</tt> if the implementation passes a basic symmetric
-   * self-test. Returns <tt>false</tt> otherwise.
+   * 
+   * @return <code>true</code> if the implementation passes a basic symmetric
+   *         self-test. Returns <code>false</code> otherwise.
    */
   boolean selfTest();
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/pad/ISO10126.java b/libjava/classpath/gnu/javax/crypto/pad/ISO10126.java
new file mode 100644
index 00000000000..8e8c59254fc
--- /dev/null
+++ b/libjava/classpath/gnu/javax/crypto/pad/ISO10126.java
@@ -0,0 +1,109 @@
+/* ISO10126.java -- An implementation of the ISO 10126-2 padding scheme
+   Copyright (C) 2006  Free Software Foundation, Inc.
+
+This file is a part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or (at
+your option) any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; if not, write to the Free Software
+Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
+USA
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version.  */
+
+
+package gnu.javax.crypto.pad;
+
+import gnu.java.security.Registry;
+import gnu.java.security.util.PRNG;
+
+/**
+ * The implementation of the ISO 10126-2 padding algorithm.
+ * <p>
+ * The last byte of the padding block is the number of padding bytes, all other
+ * padding bytes are random.
+ * <p>
+ * References:
+ * <ol>
+ *    <li><a href="http://www.w3.org/TR/xmlenc-core/">XML Encryption Syntax and
+ *    Processing</a> Section "5.2 Block Encryption Algorithms"; "Padding".</li>
+ * </ol>
+ */
+public final class ISO10126
+    extends BasePad
+{
+  /** Used to generate random numbers for padding bytes. */
+  private PRNG prng;
+
+  ISO10126()
+  {
+    super(Registry.ISO10126_PAD);
+    prng = PRNG.getInstance();
+  }
+
+  public void setup()
+  {
+    // Nothing to do here
+  }
+
+  public byte[] pad(byte[] in, int offset, int length)
+  {
+    int padLength = blockSize - (length % blockSize);
+    final byte[] pad = new byte[padLength];
+
+    // generate random numbers for the padding bytes except for the last byte
+    prng.nextBytes(pad, 0, padLength - 1);
+    // the last byte contains the number of padding bytes
+    pad[padLength - 1] = (byte) padLength;
+
+    return pad;
+  }
+
+  public int unpad(byte[] in, int offset, int length)
+      throws WrongPaddingException
+  {
+    // the last byte contains the number of padding bytes
+    int padLength = in[offset + length - 1] & 0xFF;
+    if (padLength > length)
+      throw new WrongPaddingException();
+
+    return padLength;
+  }
+
+  /**
+   * The default self-test in the super-class would take too long to finish
+   * with this type of padder --due to the large amount of random data needed.
+   * We override the default test and replace it with a simple one for a 16-byte
+   * block-size (default AES block-size). The Mauve test TestOfISO10126 will
+   * exercise all block-sizes that the default self-test uses for the other
+   * padders.
+   */
+  public boolean selfTest()
+  {
+    return test1BlockSize(16, new byte[1024]);
+  }
+}
diff --git a/libjava/classpath/gnu/javax/crypto/pad/PKCS1_V1_5.java b/libjava/classpath/gnu/javax/crypto/pad/PKCS1_V1_5.java
index 03c3d61a303..9ddc6098949 100644
--- a/libjava/classpath/gnu/javax/crypto/pad/PKCS1_V1_5.java
+++ b/libjava/classpath/gnu/javax/crypto/pad/PKCS1_V1_5.java
@@ -38,73 +38,47 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.pad;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.Registry;
 import gnu.java.security.sig.rsa.EME_PKCS1_V1_5;
 import gnu.java.security.util.PRNG;
 import gnu.java.security.util.Util;
 
-import java.io.PrintWriter;
+import java.util.logging.Level;
+import java.util.logging.Logger;
 
 /**
- * <p>A padding algorithm implementation of the EME-PKCS1-V1.5 encoding/decoding
+ * A padding algorithm implementation of the EME-PKCS1-V1.5 encoding/decoding
  * algorithm as described in section 7.2 of RFC-3447. This is effectively an
  * <i>Adapter</i> over an instance of {@link EME_PKCS1_V1_5} initialised with
- * the RSA public shared modulus length (in bytes).</p>
- *
- * <p>References:</p>
+ * the RSA public shared modulus length (in bytes).
+ * <p>
+ * References:
  * <ol>
- *    <li><a href="http://www.ietf.org/rfc/rfc3447.txt">Public-Key Cryptography
- *    Standards (PKCS) #1:</a><br>
- *    RSA Cryptography Specifications Version 2.1.<br>
- *    Jakob Jonsson and Burt Kaliski.</li>
+ * <li><a href="http://www.ietf.org/rfc/rfc3447.txt">Public-Key Cryptography
+ * Standards (PKCS) #1:</a><br>
+ * RSA Cryptography Specifications Version 2.1.<br>
+ * Jakob Jonsson and Burt Kaliski.</li>
  * </ol>
- *
+ * 
  * @see EME_PKCS1_V1_5
  */
-public class PKCS1_V1_5 extends BasePad
+public class PKCS1_V1_5
+    extends BasePad
 {
-
-  // Debugging methods and variables
-  // -------------------------------------------------------------------------
-
-  private static final String NAME = Registry.EME_PKCS1_V1_5_PAD;
-
-  private static final boolean DEBUG = false;
-
-  private static final int debuglevel = 9;
-
-  private static final PrintWriter err = new PrintWriter(System.out, true);
-
-  private static void debug(final String s)
-  {
-    err.println(">>> " + NAME + ": " + s);
-  }
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
+  private static final Logger log = Logger.getLogger(PKCS1_V1_5.class.getName());
   private EME_PKCS1_V1_5 codec;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Trivial package-private constructor for use by the <i>Factory</i> class.
-   * </p>
+   * Trivial package-private constructor for use by the <i>Factory</i> class.
    *
-   * @see gnu.crypto.pad.PadFactory
+   * @see PadFactory
    */
   PKCS1_V1_5()
   {
     super(Registry.EME_PKCS1_V1_5_PAD);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Implementation of abstract methods in BasePad
-  // -------------------------------------------------------------------------
-
   public void setup()
   {
     codec = EME_PKCS1_V1_5.getInstance(blockSize);
@@ -117,10 +91,8 @@ public class PKCS1_V1_5 extends BasePad
     final byte[] EM = codec.encode(M);
     final byte[] result = new byte[blockSize - length];
     System.arraycopy(EM, 0, result, 0, result.length);
-    if (DEBUG && debuglevel > 8)
-      {
-        debug("padding: 0x" + Util.toString(result));
-      }
+    if (Configuration.DEBUG)
+      log.fine("padding: 0x" + Util.toString(result));
     return result;
   }
 
@@ -130,15 +102,11 @@ public class PKCS1_V1_5 extends BasePad
     final byte[] EM = new byte[length];
     System.arraycopy(in, offset, EM, 0, length);
     final int result = length - codec.decode(EM).length;
-    if (DEBUG && debuglevel > 8)
-      {
-        debug("padding length: " + String.valueOf(result));
-      }
+    if (Configuration.DEBUG)
+      log.fine("padding length: " + String.valueOf(result));
     return result;
   }
 
-  // overloaded methods ------------------------------------------------------
-
   public boolean selfTest()
   {
     final int[] mLen = new int[] { 16, 20, 32, 48, 64 };
@@ -156,29 +124,33 @@ public class PKCS1_V1_5 extends BasePad
             p = pad(M, 0, j);
             if (j + p.length != blockSize)
               {
-                new RuntimeException(name()).printStackTrace(System.err);
+                if (Configuration.DEBUG)
+                  log.log(Level.SEVERE,
+                          "Length of padded text MUST be a multiple of "
+                          + blockSize, new RuntimeException(name()));
                 return false;
               }
-
             System.arraycopy(p, 0, EM, 0, p.length);
             System.arraycopy(M, 0, EM, p.length, j);
             try
               {
                 if (p.length != unpad(EM, 0, blockSize))
                   {
-                    new RuntimeException(name()).printStackTrace(System.err);
+                    if (Configuration.DEBUG)
+                      log.log(Level.SEVERE, "Failed symmetric operation",
+                              new RuntimeException(name()));
                     return false;
                   }
               }
             catch (WrongPaddingException x)
               {
-                x.printStackTrace(System.err);
+                if (Configuration.DEBUG)
+                  log.throwing(this.getClass().getName(), "selfTest", x);
                 return false;
               }
           }
         reset();
       }
-
     return true;
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/pad/PKCS7.java b/libjava/classpath/gnu/javax/crypto/pad/PKCS7.java
index 5697aff2712..bef1784eeb3 100644
--- a/libjava/classpath/gnu/javax/crypto/pad/PKCS7.java
+++ b/libjava/classpath/gnu/javax/crypto/pad/PKCS7.java
@@ -1,129 +1,98 @@
 /* PKCS7.java -- 
-   Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc.
-
-This file is a part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2 of the License, or (at
-your option) any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; if not, write to the Free Software
-Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
-USA
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version.  */
+ Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc.
+
+ This file is a part of GNU Classpath.
+
+ GNU Classpath is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or (at
+ your option) any later version.
+
+ GNU Classpath is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with GNU Classpath; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
+ USA
+
+ Linking this library statically or dynamically with other modules is
+ making a combined work based on this library.  Thus, the terms and
+ conditions of the GNU General Public License cover the whole
+ combination.
+
+ As a special exception, the copyright holders of this library give you
+ permission to link this library with independent modules to produce an
+ executable, regardless of the license terms of these independent
+ modules, and to copy and distribute the resulting executable under
+ terms of your choice, provided that you also meet, for each linked
+ independent module, the terms and conditions of the license of that
+ module.  An independent module is a module which is not derived from
+ or based on this library.  If you modify this library, you may extend
+ this exception to your version of the library, but you are not
+ obligated to do so.  If you do not wish to do so, delete this
+ exception statement from your version.  */
 
 
 package gnu.javax.crypto.pad;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.Registry;
 import gnu.java.security.util.Util;
 
-import java.io.PrintWriter;
+import java.util.logging.Logger;
 
 /**
- * <p>The implementation of the PKCS7 padding algorithm.</p>
- *
- * <p>This algorithm is described for 8-byte blocks in [RFC-1423] and extended to
- * block sizes of up to 256 bytes in [PKCS-7].</p>
- *
- * References:<br>
- * <a href="http://www.ietf.org/rfc/rfc1423.txt">RFC-1423</a>: Privacy
+ * The implementation of the PKCS7 padding algorithm.
+ * <p>
+ * This algorithm is described for 8-byte blocks in [RFC-1423] and extended to
+ * block sizes of up to 256 bytes in [PKCS-7].
+ * <p>
+ * References:
+ * <ol>
+ * <li><a href="http://www.ietf.org/rfc/rfc1423.txt">RFC-1423</a>: Privacy
  * Enhancement for Internet Electronic Mail: Part III: Algorithms, Modes, and
- * Identifiers.<br>
- * <a href="http://www.ietf.org/">IETF</a>.
- * <a href="http://www.rsasecurity.com/rsalabs/pkcs/pkcs-7/">[PKCS-7]</a>PKCS #7:
- * Cryptographic Message Syntax Standard - An RSA Laboratories Technical Note.<br>
- * <a href="http://www.rsasecurity.com/">RSA Security</a>.<p>
+ * Identifiers.</li>
+ * <li><a href="http://www.ietf.org/">IETF</a>.</li>
+ * <li><a href="http://www.rsasecurity.com/rsalabs/pkcs/pkcs-7/">[PKCS-7]</a>
+ * PKCS #7: Cryptographic Message Syntax Standard - An RSA Laboratories
+ * Technical Note.</li>
+ * <li><a href="http://www.rsasecurity.com/">RSA Security</a>.</li>
+ * </ol>
  */
-public final class PKCS7 extends BasePad
+public final class PKCS7
+    extends BasePad
 {
-
-  // Debugging methods and variables
-  // -------------------------------------------------------------------------
-
-  private static final String NAME = "pkcs7";
-
-  private static final boolean DEBUG = false;
-
-  private static final int debuglevel = 9;
-
-  private static final PrintWriter err = new PrintWriter(System.out, true);
-
-  private static void debug(String s)
-  {
-    err.println(">>> " + NAME + ": " + s);
-  }
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
+  private static final Logger log = Logger.getLogger(PKCS7.class.getName());
 
   /**
-   * Trivial package-private constructor for use by the <i>Factory</i> class.<p>
-   *
-   * @see gnu.crypto.pad.PadFactory
+   * Trivial package-private constructor for use by the <i>Factory</i> class.
+   * 
+   * @see PadFactory
    */
   PKCS7()
   {
     super(Registry.PKCS7_PAD);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Implementation of abstract methods in BasePad
-  // -------------------------------------------------------------------------
-
   public void setup()
   {
     if (blockSize < 2 || blockSize > 256)
-      {
-        throw new IllegalArgumentException();
-      }
+      throw new IllegalArgumentException();
   }
 
   public byte[] pad(byte[] in, int offset, int length)
   {
     int padLength = blockSize;
     if (length % blockSize != 0)
-      {
-        padLength = blockSize - length % blockSize;
-      }
+      padLength = blockSize - length % blockSize;
     byte[] result = new byte[padLength];
     for (int i = 0; i < padLength;)
-      {
-        result[i++] = (byte) padLength;
-      }
-
-    if (DEBUG && debuglevel > 8)
-      {
-        debug("padding: 0x" + Util.toString(result));
-      }
+      result[i++] = (byte) padLength;
+    if (Configuration.DEBUG)
+      log.fine("padding: 0x" + Util.toString(result));
     return result;
   }
 
@@ -133,17 +102,10 @@ public final class PKCS7 extends BasePad
     int limit = offset + length;
     int result = in[limit - 1] & 0xFF;
     for (int i = 0; i < result; i++)
-      {
-        if (result != (in[--limit] & 0xFF))
-          {
-            throw new WrongPaddingException();
-          }
-      }
-
-    if (DEBUG && debuglevel > 8)
-      {
-        debug("padding length: " + String.valueOf(result));
-      }
+      if (result != (in[--limit] & 0xFF))
+        throw new WrongPaddingException();
+    if (Configuration.DEBUG)
+      log.fine("padding length: " + result);
     return result;
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/pad/PadFactory.java b/libjava/classpath/gnu/javax/crypto/pad/PadFactory.java
index 913d69dcbaf..eaa78112e09 100644
--- a/libjava/classpath/gnu/javax/crypto/pad/PadFactory.java
+++ b/libjava/classpath/gnu/javax/crypto/pad/PadFactory.java
@@ -45,16 +45,13 @@ import java.util.HashSet;
 import java.util.Set;
 
 /**
- * <p>A Factory to instantiate padding schemes.</p>
+ * A Factory to instantiate padding schemes.
  */
-public class PadFactory implements Registry
+public class PadFactory
+    implements Registry
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
+  /** Collection of padding algorithm names --cached for speed. */
+  private static Set names;
 
   /** Trivial constructor to enforce Singleton pattern. */
   private PadFactory()
@@ -62,76 +59,62 @@ public class PadFactory implements Registry
     super();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns an instance of a padding algorithm given its name.</p>
-   *
+   * Returns an instance of a padding algorithm given its name.
+   * 
    * @param pad the case-insensitive name of the padding algorithm.
-   * @return an instance of the padding algorithm, operating with a given
-   * block size, or <code>null</code> if none found.
+   * @return an instance of the padding algorithm, operating with a given block
+   *         size, or <code>null</code> if none found.
    * @throws InternalError if the implementation does not pass its self-test.
    */
   public static final IPad getInstance(String pad)
   {
     if (pad == null)
-      {
-        return null;
-      }
+      return null;
 
     pad = pad.trim().toLowerCase();
     if (pad.endsWith("padding"))
       pad = pad.substring(0, pad.length() - "padding".length());
     IPad result = null;
     if (pad.equals(PKCS7_PAD) || pad.equals(PKCS5_PAD))
-      {
-        result = new PKCS7();
-      }
+      result = new PKCS7();
     else if (pad.equals(TBC_PAD))
-      {
-        result = new TBC();
-      }
+      result = new TBC();
     else if (pad.equals(EME_PKCS1_V1_5_PAD))
-      {
-        result = new PKCS1_V1_5();
-      }
+      result = new PKCS1_V1_5();
     else if (pad.equals(SSL3_PAD))
-      {
-        result = new SSL3();
-      }
+      result = new SSL3();
     else if (pad.equals(TLS1_PAD))
-      {
-        result = new TLS1();
-      }
+      result = new TLS1();
+    else if (pad.equals(ISO10126_PAD))
+      result = new ISO10126();
 
-    if (result != null && !result.selfTest())
-      {
-        throw new InternalError(result.name());
-      }
+    if (result != null && ! result.selfTest())
+      throw new InternalError(result.name());
 
     return result;
   }
 
   /**
-   * <p>Returns a {@link java.util.Set} of names of padding algorithms
-   * supported by this <i>Factory</i>.</p>
-   *
+   * Returns a {@link Set} of names of padding algorithms supported by this
+   * <i>Factory</i>.
+   * 
    * @return a {@link Set} of padding algorithm names (Strings).
    */
   public static final Set getNames()
   {
-    HashSet hs = new HashSet();
-    hs.add(PKCS5_PAD);
-    hs.add(PKCS7_PAD);
-    hs.add(TBC_PAD);
-    hs.add(EME_PKCS1_V1_5_PAD);
-    hs.add(SSL3_PAD);
-    hs.add(TLS1_PAD);
-
-    return Collections.unmodifiableSet(hs);
+    if (names == null)
+      {
+        HashSet hs = new HashSet();
+        hs.add(PKCS5_PAD);
+        hs.add(PKCS7_PAD);
+        hs.add(TBC_PAD);
+        hs.add(EME_PKCS1_V1_5_PAD);
+        hs.add(SSL3_PAD);
+        hs.add(TLS1_PAD);
+        hs.add(ISO10126_PAD);
+        names = Collections.unmodifiableSet(hs);
+      }
+    return names;
   }
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/javax/crypto/pad/SSL3.java b/libjava/classpath/gnu/javax/crypto/pad/SSL3.java
index 25aeefa13d0..78964d6193a 100644
--- a/libjava/classpath/gnu/javax/crypto/pad/SSL3.java
+++ b/libjava/classpath/gnu/javax/crypto/pad/SSL3.java
@@ -39,39 +39,31 @@ exception statement from your version.  */
 package gnu.javax.crypto.pad;
 
 /**
- * The padding scheme used by the Secure Sockets Layer, version 3. This
- * padding scheme is used in the block-ciphered struct, e.g.:
- *
+ * The padding scheme used by the Secure Sockets Layer, version 3. This padding
+ * scheme is used in the block-ciphered struct, e.g.:
  * <pre>
- * block-ciphered struct {
- *   opaque content[SSLCompressed.length];
- *   opaque MAC[CipherSpec.hash_size];
- *   uint8 padding[GenericBlockCipher.padding_length];
- *   uint8 padding_length;
- * } GenericBlockCipher;
+ *  block-ciphered struct {
+ *    opaque content[SSLCompressed.length];
+ *    opaque MAC[CipherSpec.hash_size];
+ *    uint8 padding[GenericBlockCipher.padding_length];
+ *    uint8 padding_length;
+ *  } GenericBlockCipher;
  * </pre>
- *
- * <p>Where <i>padding_length</i> is <i>cipher_block_size</i> -
- * ((<i>SSLCompressed.length</i> + <i>CipherSpec.hash_size</i>)
- * % <i>cipher_block_size</i>) - 1. That is, the padding is enough bytes
- * to make the plaintext a multiple of the block size minus one, plus one
- * additional byte for the padding length. The padding can be any arbitrary
- * data.</p>
+ * <p>
+ * Where <i>padding_length</i> is <i>cipher_block_size</i> -
+ * ((<i>SSLCompressed.length</i> + <i>CipherSpec.hash_size</i>) %
+ * <i>cipher_block_size</i>) - 1. That is, the padding is enough bytes to make
+ * the plaintext a multiple of the block size minus one, plus one additional
+ * byte for the padding length. The padding can be any arbitrary data.
  */
-public class SSL3 extends BasePad
+public class SSL3
+    extends BasePad
 {
-
-  // Constructors.
-  // -------------------------------------------------------------------------
-
   public SSL3()
   {
     super("ssl3");
   }
 
-  // Instance methods.
-  // -------------------------------------------------------------------------
-
   public void setup()
   {
     if (blockSize <= 0 || blockSize > 255)
@@ -83,7 +75,7 @@ public class SSL3 extends BasePad
     int padlen = blockSize - (len % blockSize);
     byte[] pad = new byte[padlen];
     for (int i = 0; i < padlen; i++)
-      pad[i] = (byte) (padlen - 1);
+      pad[i] = (byte)(padlen - 1);
     return pad;
   }
 
@@ -95,4 +87,4 @@ public class SSL3 extends BasePad
       throw new WrongPaddingException();
     return padlen + 1;
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/pad/TBC.java b/libjava/classpath/gnu/javax/crypto/pad/TBC.java
index 25c3e4286bc..e5ff4b5dcb6 100644
--- a/libjava/classpath/gnu/javax/crypto/pad/TBC.java
+++ b/libjava/classpath/gnu/javax/crypto/pad/TBC.java
@@ -38,95 +38,63 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.pad;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.Registry;
 import gnu.java.security.util.Util;
 
-import java.io.PrintWriter;
+import java.util.logging.Logger;
 
 /**
- * <p>The implementation of the Trailing Bit Complement (TBC) padding algorithm.</p>
- *
- * <p>In this mode, "...the data string is padded at the trailing end with the
+ * The implementation of the Trailing Bit Complement (TBC) padding algorithm.
+ * <p>
+ * In this mode, "...the data string is padded at the trailing end with the
  * complement of the trailing bit of the unpadded message: if the trailing bit
- * is <tt>1</tt>, then <tt>0</tt> bits are appended, and if the trailing bit is
- * <tt>0</tt>, then <tt>1</tt> bits are appended. As few bits are added as are
- * necessary to meet the formatting size requirement."</p>
- *
- * References:<br>
- * <a href="http://csrc.nist.gov/encryption/modes/Recommendation/Modes01.pdf">
- * Recommendation for Block Cipher Modes of Operation Methods and Techniques</a>,
- * Morris Dworkin.<p>
+ * is <tt>1</tt>, then <tt>0</tt> bits are appended, and if the trailing
+ * bit is <tt>0</tt>, then <tt>1</tt> bits are appended. As few bits are
+ * added as are necessary to meet the formatting size requirement."
+ * <p>
+ * References:
+ * <ol>
+ * <li><a
+ * href="http://csrc.nist.gov/encryption/modes/Recommendation/Modes01.pdf">
+ * Recommendation for Block Cipher Modes of Operation Methods and
+ * Techniques</a>, Morris Dworkin.</li>
+ * </ol>
  */
-public final class TBC extends BasePad
+public final class TBC
+    extends BasePad
 {
-
-  // Debugging methods and variables
-  // -------------------------------------------------------------------------
-
-  private static final String NAME = "tbc";
-
-  private static final boolean DEBUG = false;
-
-  private static final int debuglevel = 9;
-
-  private static final PrintWriter err = new PrintWriter(System.out, true);
-
-  private static void debug(String s)
-  {
-    err.println(">>> " + NAME + ": " + s);
-  }
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
+  private static final Logger log = Logger.getLogger(TBC.class.getName());
 
   /**
-   * Trivial package-private constructor for use by the <i>Factory</i> class.<p>
-   *
-   * @see gnu.crypto.pad.PadFactory
+   * Trivial package-private constructor for use by the <i>Factory</i> class.
+   * 
+   * @see PadFactory
    */
   TBC()
   {
     super(Registry.TBC_PAD);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Implementation of abstract methods in BasePad
-  // -------------------------------------------------------------------------
-
   public void setup()
   {
     if (blockSize < 1 || blockSize > 256)
-      {
-        throw new IllegalArgumentException();
-      }
+      throw new IllegalArgumentException();
   }
 
   public byte[] pad(byte[] in, int offset, int length)
   {
     int padLength = blockSize;
     if (length % blockSize != 0)
-      {
-        padLength = blockSize - length % blockSize;
-      }
+      padLength = blockSize - length % blockSize;
     byte[] result = new byte[padLength];
     int lastBit = in[offset + length - 1] & 0x01;
     if (lastBit == 0)
-      {
-        for (int i = 0; i < padLength;)
-          {
-            result[i++] = 0x01;
-          }
-      } // else it's already set to zeroes by virtue of initialisation
-
-    if (DEBUG && debuglevel > 8)
-      {
-        debug("padding: 0x" + Util.toString(result));
-      }
+      for (int i = 0; i < padLength;)
+        result[i++] = 0x01;
+    // else it's already set to zeroes by virtue of initialisation
+    if (Configuration.DEBUG)
+      log.fine("padding: 0x" + Util.toString(result));
     return result;
   }
 
@@ -141,16 +109,10 @@ public final class TBC extends BasePad
         result++;
         limit--;
       }
-
     if (result > length)
-      {
-        throw new WrongPaddingException();
-      }
-
-    if (DEBUG && debuglevel > 8)
-      {
-        debug("padding length: " + String.valueOf(result));
-      }
+      throw new WrongPaddingException();
+    if (Configuration.DEBUG)
+      log.fine("padding length: " + result);
     return result;
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/pad/TLS1.java b/libjava/classpath/gnu/javax/crypto/pad/TLS1.java
index 00a538f882a..1d690dd599c 100644
--- a/libjava/classpath/gnu/javax/crypto/pad/TLS1.java
+++ b/libjava/classpath/gnu/javax/crypto/pad/TLS1.java
@@ -38,42 +38,32 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.pad;
 
-import gnu.java.security.util.Util;
-
 /**
- * The padding scheme used by the Transport Layer Security protocol,
- * version 1. This padding scheme is used in the block-ciphered struct,
- * e.g.:
- *
+ * The padding scheme used by the Transport Layer Security protocol, version 1.
+ * This padding scheme is used in the block-ciphered struct, e.g.:
  * <pre>
- * block-ciphered struct {
- *   opaque content[TLSCompressed.length];
- *   opaque MAC[CipherSpec.hash_size];
- *   uint8 padding[GenericBlockCipher.padding_length];
- *   uint8 padding_length;
- * } GenericBlockCipher;
+ *  block-ciphered struct {
+ *    opaque content[TLSCompressed.length];
+ *    opaque MAC[CipherSpec.hash_size];
+ *    uint8 padding[GenericBlockCipher.padding_length];
+ *    uint8 padding_length;
+ *  } GenericBlockCipher;
  * </pre>
- *
- * <p>Where <i>padding_length</i> is any multiple of <i>cipher_block_size</i> -
- * ((<i>SSLCompressed.length</i> + <i>CipherSpec.hash_size</i>)
- * % <i>cipher_block_size</i>) - 1 that is less than 255. Every byte of the
+ * <p>
+ * Where <i>padding_length</i> is any multiple of <i>cipher_block_size</i> -
+ * ((<i>SSLCompressed.length</i> + <i>CipherSpec.hash_size</i>) %
+ * <i>cipher_block_size</i>) - 1 that is less than 255. Every byte of the
  * padding must be equal to <i>padding_length</i>. That is, the end of the
- * plaintext is <i>n</i> + 1 copies of the unsigned byte <i>n</i>.</p>
+ * plaintext is <i>n</i> + 1 copies of the unsigned byte <i>n</i>.
  */
-public class TLS1 extends BasePad
+public class TLS1
+    extends BasePad
 {
-
-  // Constructors.
-  // -------------------------------------------------------------------------
-
   public TLS1()
   {
     super("tls1");
   }
 
-  // Instance methods.
-  // -------------------------------------------------------------------------
-
   public void setup()
   {
     if (blockSize <= 0 || blockSize > 255)
@@ -85,9 +75,7 @@ public class TLS1 extends BasePad
     int padlen = blockSize - (len % blockSize);
     byte[] pad = new byte[padlen];
     for (int i = 0; i < padlen; i++)
-      {
-        pad[i] = (byte) (padlen - 1);
-      }
+      pad[i] = (byte)(padlen - 1);
     return pad;
   }
 
@@ -96,10 +84,8 @@ public class TLS1 extends BasePad
   {
     int padlen = in[off + len - 1] & 0xFF;
     for (int i = off + (len - padlen - 1); i < off + len - 1; i++)
-      {
-        if ((in[i] & 0xFF) != padlen)
-          throw new WrongPaddingException();
-      }
+      if ((in[i] & 0xFF) != padlen)
+        throw new WrongPaddingException();
     return padlen + 1;
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/pad/WrongPaddingException.java b/libjava/classpath/gnu/javax/crypto/pad/WrongPaddingException.java
index e477cf303c7..090d021ebfd 100644
--- a/libjava/classpath/gnu/javax/crypto/pad/WrongPaddingException.java
+++ b/libjava/classpath/gnu/javax/crypto/pad/WrongPaddingException.java
@@ -39,23 +39,10 @@ exception statement from your version.  */
 package gnu.javax.crypto.pad;
 
 /**
- * <p>A checked exception that indicates that a padding algorithm did not find the
- * expected padding bytes when unpadding some data.</p>
+ * A checked exception that indicates that a padding algorithm did not find the
+ * expected padding bytes when unpadding some data.
  */
-public class WrongPaddingException extends Exception
+public class WrongPaddingException
+    extends Exception
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
-  // implicit 0-arguments constructor
-
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instant methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/javax/crypto/prng/ARCFour.java b/libjava/classpath/gnu/javax/crypto/prng/ARCFour.java
index 22316ec8b9b..b7265294268 100644
--- a/libjava/classpath/gnu/javax/crypto/prng/ARCFour.java
+++ b/libjava/classpath/gnu/javax/crypto/prng/ARCFour.java
@@ -45,88 +45,65 @@ import gnu.java.security.prng.LimitReachedException;
 import java.util.Map;
 
 /**
- * RC4 is a stream cipher developed by Ron Rivest. Until 1994 RC4 was a
- * trade secret of RSA Data Security, Inc., when it was released
- * anonymously to a mailing list. This version is a descendent of that
- * code, and since there is no proof that the leaked version was in fact
- * RC4 and because "RC4" is a trademark, it is called "ARCFOUR", short for
- * "Allegedly RC4".
- *
- * <p>This class only implements the <i>keystream</i> of ARCFOUR. To use
- * this as a stream cipher, one would say:</p>
- *
- * <pre>    out = in ^ arcfour.nextByte();</pre>
- *
- * <p>This operation works for encryption and decryption.</p>
- *
- * <p>References:</p>
- *
+ * RC4 is a stream cipher developed by Ron Rivest. Until 1994 RC4 was a trade
+ * secret of RSA Data Security, Inc., when it was released anonymously to a
+ * mailing list. This version is a descendent of that code, and since there is
+ * no proof that the leaked version was in fact RC4 and because "RC4" is a
+ * trademark, it is called "ARCFOUR", short for "Allegedly RC4".
+ * <p>
+ * This class only implements the <i>keystream</i> of ARCFOUR. To use this as a
+ * stream cipher, one would say:
+ * <pre>
+ * out = in &circ; arcfour.nextByte();
+ * </pre>
+ * <p>
+ * This operation works for encryption and decryption.
+ * <p>
+ * References:
  * <ol>
- * <li>Schneier, Bruce: <i>Applied Cryptography: Protocols, Algorithms,
- * and Source Code in C, Second Edition.</i> (1996 John Wiley and Sons),
- * pp. 397--398. ISBN 0-471-11709-9</li>
+ * <li>Schneier, Bruce: <i>Applied Cryptography: Protocols, Algorithms, and
+ * Source Code in C, Second Edition.</i> (1996 John Wiley and Sons), pp.
+ * 397--398. ISBN 0-471-11709-9</li>
  * <li>K. Kaukonen and R. Thayer, "A Stream Cipher Encryption Algorithm
  * 'Arcfour'", Internet Draft (expired), <a
  * href="http://www.mozilla.org/projects/security/pki/nss/draft-kaukonen-cipher-arcfour-03.txt">draft-kaukonen-cipher-arcfour-03.txt</a></li>
  * </ol>
  */
-public class ARCFour extends BasePRNG implements Cloneable
+public class ARCFour
+    extends BasePRNG
+    implements Cloneable
 {
-
-  // Constants and variables.
-  // -----------------------------------------------------------------------
-
   /** The attributes property name for the key bytes. */
   public static final String ARCFOUR_KEY_MATERIAL = "gnu.crypto.prng.arcfour.key-material";
-
   /** The size of the internal S-box. */
   public static final int ARCFOUR_SBOX_SIZE = 256;
-
   /** The S-box. */
   private byte[] s;
-
   private byte m, n;
 
-  // Constructors.
-  // -----------------------------------------------------------------------
-
   /** Default 0-arguments constructor. */
   public ARCFour()
   {
     super(Registry.ARCFOUR_PRNG);
   }
 
-  // Methods implementing BasePRNG.
-  // -----------------------------------------------------------------------
-
   public void setup(Map attributes)
   {
     byte[] kb = (byte[]) attributes.get(ARCFOUR_KEY_MATERIAL);
-
     if (kb == null)
-      {
-        throw new IllegalArgumentException("ARCFOUR needs a key");
-      }
-
+      throw new IllegalArgumentException("ARCFOUR needs a key");
     s = new byte[ARCFOUR_SBOX_SIZE];
     m = n = 0;
     byte[] k = new byte[ARCFOUR_SBOX_SIZE];
-
     for (int i = 0; i < ARCFOUR_SBOX_SIZE; i++)
-      {
-        s[i] = (byte) i;
-      }
-
+      s[i] = (byte) i;
     if (kb.length > 0)
-      {
-        for (int i = 0, j = 0; i < ARCFOUR_SBOX_SIZE; i++)
-          {
-            k[i] = kb[j++];
-            if (j >= kb.length)
-              j = 0;
-          }
-      }
-
+      for (int i = 0, j = 0; i < ARCFOUR_SBOX_SIZE; i++)
+        {
+          k[i] = kb[j++];
+          if (j >= kb.length)
+            j = 0;
+        }
     for (int i = 0, j = 0; i < ARCFOUR_SBOX_SIZE; i++)
       {
         j = j + s[i] + k[i];
@@ -134,7 +111,6 @@ public class ARCFour extends BasePRNG implements Cloneable
         s[i] = s[j & 0xff];
         s[j & 0xff] = temp;
       }
-
     buffer = new byte[ARCFOUR_SBOX_SIZE];
     try
       {
@@ -150,12 +126,12 @@ public class ARCFour extends BasePRNG implements Cloneable
     for (int i = 0; i < buffer.length; i++)
       {
         m++;
-        n = (byte) (n + s[m & 0xff]);
+        n = (byte)(n + s[m & 0xff]);
         byte temp = s[m & 0xff];
         s[m & 0xff] = s[n & 0xff];
         s[n & 0xff] = temp;
-        temp = (byte) (s[m & 0xff] + s[n & 0xff]);
+        temp = (byte)(s[m & 0xff] + s[n & 0xff]);
         buffer[i] = s[temp & 0xff];
       }
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/prng/CSPRNG.java b/libjava/classpath/gnu/javax/crypto/prng/CSPRNG.java
index 6585dcb907a..2cf75a96644 100644
--- a/libjava/classpath/gnu/javax/crypto/prng/CSPRNG.java
+++ b/libjava/classpath/gnu/javax/crypto/prng/CSPRNG.java
@@ -38,6 +38,7 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.prng;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.Properties;
 import gnu.java.security.Registry;
 import gnu.java.security.hash.HashFactory;
@@ -48,7 +49,6 @@ import gnu.java.security.prng.IRandom;
 import gnu.java.security.prng.LimitReachedException;
 import gnu.java.security.util.SimpleList;
 import gnu.java.security.util.Util;
-
 import gnu.javax.crypto.cipher.CipherFactory;
 import gnu.javax.crypto.cipher.IBlockCipher;
 
@@ -56,15 +56,11 @@ import java.io.ByteArrayOutputStream;
 import java.io.FileInputStream;
 import java.io.InputStream;
 import java.io.PrintStream;
-
 import java.net.MalformedURLException;
 import java.net.URL;
-
 import java.security.AccessController;
 import java.security.InvalidKeyException;
 import java.security.PrivilegedAction;
-
-import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collections;
 import java.util.HashMap;
@@ -73,115 +69,85 @@ import java.util.LinkedList;
 import java.util.List;
 import java.util.Map;
 import java.util.StringTokenizer;
+import java.util.logging.Level;
+import java.util.logging.Logger;
 
 /**
- * <p>An entropy pool-based pseudo-random number generator based on the PRNG
- * in Peter Gutmann's cryptlib (<a
- * href="http://www.cs.auckland.ac.nz/~pgut001/cryptlib/">http://www.cs.auckland.ac.nz/~pgut001/cryptlib/</a>).</p>
- *
- * <p>The basic properties of this generator are:</p>
- *
+ * An entropy pool-based pseudo-random number generator based on the PRNG in
+ * Peter Gutmann's cryptlib (<a
+ * href="http://www.cs.auckland.ac.nz/~pgut001/cryptlib/">http://www.cs.auckland.ac.nz/~pgut001/cryptlib/</a>).
+ * <p>
+ * The basic properties of this generator are:
  * <ol>
  * <li>The internal state cannot be determined by knowledge of the input.</li>
  * <li>It is resistant to bias introduced by specific inputs.</li>
  * <li>The output does not reveal the state of the generator.</li>
  * </ol>
  */
-public class CSPRNG extends BasePRNG
+public class CSPRNG
+    extends BasePRNG
 {
-
-  // Constants and fields.
-  // -------------------------------------------------------------------------
-
-  private static final boolean DEBUG = false;
-
-  private static void debug(String msg)
-  {
-    System.err.print(">>> CSPRNG: ");
-    System.err.println(msg);
-  }
-
+  private static final Logger log = Logger.getLogger(CSPRNG.class.getName());
   /**
-   * Property name for the list of files to read for random values. The
-   * mapped value is a list with the following values:
-   *
+   * Property name for the list of files to read for random values. The mapped
+   * value is a list with the following values:
    * <ol>
    * <li>A {@link Double}, indicating the suggested <i>quality</i> of this
    * source. This value must be between 0 and 100.</li>
-   * <li>An {@link Integer}, indicating the number of bytes to skip in the file
-   * before reading bytes. This can be any nonnegative value.</li>
+   * <li>An {@link Integer}, indicating the number of bytes to skip in the
+   * file before reading bytes. This can be any nonnegative value.</li>
    * <li>An {@link Integer}, indicating the number of bytes to read.</li>
    * <li>A {@link String}, indicating the path to the file.</li>
    * </ol>
-   *
-   * @see gnu.crypto.util.SimpleList
+   * 
+   * @see gnu.java.security.util.SimpleList
    */
   public static final String FILE_SOURCES = "gnu.crypto.prng.pool.files";
-
   /**
-   * Property name for the list of URLs to poll for random values. The
-   * mapped value is a list formatted similarly as in {@link #FILE_SOURCES},
-   * but the fourth member is a {@link URL}.
+   * Property name for the list of URLs to poll for random values. The mapped
+   * value is a list formatted similarly as in {@link #FILE_SOURCES}, but the
+   * fourth member is a {@link URL}.
    */
   public static final String URL_SOURCES = "gnu.crypto.prng.pool.urls";
-
   /**
-   * Property name for the list of programs to execute, and use the output
-   * as new random bytes. The mapped property is formatted similarly an in
-   * {@link #FILE_SOURCES} and {@link #URL_SOURCES}, except the fourth
-   * member is a {@link String} of the program to execute.
+   * Property name for the list of programs to execute, and use the output as
+   * new random bytes. The mapped property is formatted similarly an in
+   * {@link #FILE_SOURCES} and {@link #URL_SOURCES}, except the fourth member
+   * is a {@link String} of the program to execute.
    */
   public static final String PROGRAM_SOURCES = "gnu.crypto.prng.pool.programs";
-
   /**
-   * Property name for a list of other sources of entropy. The mapped
-   * value must be a list of {@link EntropySource} objects.
+   * Property name for a list of other sources of entropy. The mapped value must
+   * be a list of {@link EntropySource} objects.
    */
   public static final String OTHER_SOURCES = "gnu.crypto.prng.pool.other";
-
   /**
-   * Property name for whether or not to wait for the slow poll to
-   * complete, passed as a {@link Boolean}. The default value is true.
+   * Property name for whether or not to wait for the slow poll to complete,
+   * passed as a {@link Boolean}. The default value is true.
    */
   public static final String BLOCKING = "gnu.crypto.prng.pool.blocking";
-
   private static final String FILES = "gnu.crypto.csprng.file.";
-
   private static final String URLS = "gnu.crypto.csprng.url.";
-
   private static final String PROGS = "gnu.crypto.csprng.program.";
-
   private static final String OTHER = "gnu.crypto.csprng.other.";
-
   private static final String BLOCK = "gnu.crypto.csprng.blocking";
-
   private static final int POOL_SIZE = 256;
-
   private static final int ALLOC_SIZE = 260;
-
   private static final int OUTPUT_SIZE = POOL_SIZE / 2;
-
   private static final int X917_POOL_SIZE = 16;
-
   private static final String HASH_FUNCTION = Registry.SHA160_HASH;
-
   private static final String CIPHER = Registry.AES_CIPHER;
-
   private static final int MIX_COUNT = 10;
-
   private static final int X917_LIFETIME = 8192;
-
   // FIXME this should be configurable.
   private static final int SPINNER_COUNT = 8;
-
   /**
    * The spinner group singleton. We use this to add a small amount of
-   * randomness (in addition to the current time and the amount of
-   * free memory) based on the randomness (if any) present due to
-   * system load and thread scheduling.
+   * randomness (in addition to the current time and the amount of free memory)
+   * based on the randomness (if any) present due to system load and thread
+   * scheduling.
    */
   private static final Spinner[] SPINNERS = new Spinner[SPINNER_COUNT];
-
   private static final Thread[] SPINNER_THREADS = new Thread[SPINNER_COUNT];
   static
     {
@@ -194,87 +160,38 @@ public class CSPRNG extends BasePRNG
           SPINNER_THREADS[i].start();
         }
     }
-
-  /**
-   * The message digest (SHA-1) used in the mixing function.
-   */
+  /** The message digest (SHA-1) used in the mixing function. */
   private final IMessageDigest hash;
-
-  /**
-   * The cipher (AES) used in the output masking function.
-   */
+  /** The cipher (AES) used in the output masking function. */
   private final IBlockCipher cipher;
-
-  /**
-   * The number of times the pool has been mixed.
-   */
+  /** The number of times the pool has been mixed. */
   private int mixCount;
-
-  /**
-   * The entropy pool.
-   */
+  /** The entropy pool. */
   private final byte[] pool;
-
-  /**
-   * The quality of the random pool (percentage).
-   */
+  /** The quality of the random pool (percentage). */
   private double quality;
-
-  /**
-   * The index of the next byte in the entropy pool.
-   */
+  /** The index of the next byte in the entropy pool. */
   private int index;
-
-  /**
-   * The pool for the X9.17-like generator.
-   */
+  /** The pool for the X9.17-like generator. */
   private byte[] x917pool;
-
-  /**
-   * The number of iterations of the X9.17-like generators.
-   */
+  /** The number of iterations of the X9.17-like generators. */
   private int x917count;
-
-  /**
-   * Whether or not the X9.17-like generator is initialized.
-   */
+  /** Whether or not the X9.17-like generator is initialized. */
   private boolean x917init;
-
-  /**
-   * The list of file soures.
-   */
+  /** The list of file soures. */
   private final List files;
-
-  /**
-   * The list of URL sources.
-   */
+  /** The list of URL sources. */
   private final List urls;
-
-  /**
-   * The list of program sources.
-   */
+  /** The list of program sources. */
   private final List progs;
-
-  /**
-   * The list of other sources.
-   */
+  /** The list of other sources. */
   private final List other;
-
-  /**
-   * Whether or not to wait for the slow poll to complete.
-   */
+  /** Whether or not to wait for the slow poll to complete. */
   private boolean blocking;
-
-  /**
-   * The thread that polls for random data.
-   */
+  /** The thread that polls for random data. */
   private Poller poller;
-
   private Thread pollerThread;
 
-  // Constructor.
-  // -------------------------------------------------------------------------
-
   public CSPRNG()
   {
     super("CSPRNG");
@@ -294,69 +211,75 @@ public class CSPRNG extends BasePRNG
     other = new LinkedList();
   }
 
-  // Class methods.
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Create and initialize a CSPRNG instance with the "system" parameters;
-   * the files, URLs, programs, and {@link EntropySource} sources used by
-   * the instance are derived from properties set in the system {@link
-   * Properties}.</p>
-   *
-   * <p>All properties are of the from <i>name</i>.</i>N</i>, where <i>name</i>
+   * Create and initialize a CSPRNG instance with the "system" parameters; the
+   * files, URLs, programs, and {@link EntropySource} sources used by the
+   * instance are derived from properties set in the system {@link Properties}.
+   * <p>
+   * All properties are of the from <i>name</i>.</i>N</i>, where <i>name</i>
    * is the name of the source, and <i>N</i> is an integer (staring at 1) that
-   * indicates the preference number for that source.</p>
-   *
-   * <p>The following vales for <i>name</i> are used here:</p>
-   *
+   * indicates the preference number for that source.
+   * <p>
+   * The following vales for <i>name</i> are used here:
    * <dl>
    * <dt>gnu.crypto.csprng.file</dt>
-   * <dd><p>These properties are file sources, passed as the {@link #FILE_SOURCES}
-   * parameter of the instance. The property value is a 4-tuple formatted as:</p>
-   *
+   * <dd>
+   * <p>
+   * These properties are file sources, passed as the {@link #FILE_SOURCES}
+   * parameter of the instance. The property value is a 4-tuple formatted as:
+   * </p>
    * <blockquote><i>quality</i> ; <i>offset</i> ; <i>count</i> ; <i>path</i></blockquote>
-   *
-   * <p>The parameters are mapped to the parameters defined for {@link
-   * #FILE_SOURCES}. Leading or trailing spaces on any item are trimmed
-   * off.</p></dd>
-   *
+   * <p>
+   * The parameters are mapped to the parameters defined for {@link
+   * #FILE_SOURCES}. Leading or trailing spaces on any item are trimmed off.
+   * </p>
+   * </dd>
    * <dt>gnu.crypto.csprng.url</dt>
-   * <dd><p>These properties are URL sources, passed as the {@link #URL_SOURCES}
+   * <dd>
+   * <p>
+   * These properties are URL sources, passed as the {@link #URL_SOURCES}
    * parameter of the instance. The property is formatted the same way as file
-   * sources, but the <i>path</i> argument must be a valid URL.</p></dd>
-   *
+   * sources, but the <i>path</i> argument must be a valid URL.
+   * </p>
+   * </dd>
    * <dt>gnu.crypto.csprng.program</dt>
-   * <dd><p>These properties are program sources, passed as the {@link
-   * #PROGRAM_SOURCES} parameter of the instance. This property is formatted
-   * the same way as file and URL sources, but the last argument is a program
-   * and its arguments.</p></dd>
-   *
+   * <dd>
+   * <p>
+   * These properties are program sources, passed as the {@link
+   * #PROGRAM_SOURCES} parameter of the instance. This property is formatted the
+   * same way as file and URL sources, but the last argument is a program and
+   * its arguments.
+   * </p>
+   * </dd>
    * <dt>gnu.crypto.cspring.other</dt>
-   * <dd><p>These properties are other sources, passed as the {@link OTHER_SOURCES}
-   * parameter of the instance. The property value must be the full name
-   * of a class that implements the {@link EntropySource} interface and has a
-   * public no-argument constructor.</p></dd>
+   * <dd>
+   * <p>
+   * These properties are other sources, passed as the {@link #OTHER_SOURCES}
+   * parameter of the instance. The property value must be the full name of a
+   * class that implements the {@link EntropySource} interface and has a public
+   * no-argument constructor.
+   * </p>
+   * </dd>
    * </dl>
-   *
-   * <p>Finally, a boolean property "gnu.crypto.csprng.blocking" can be set to
-   * the desired value of {@link #BLOCKING}.</p>
-   *
-   * <p>An example of valid properties would be:</p>
-   *
+   * <p>
+   * Finally, a boolean property "gnu.crypto.csprng.blocking" can be set to the
+   * desired value of {@link #BLOCKING}.
+   * <p>
+   * An example of valid properties would be:
    * <pre>
-   * gnu.crypto.csprng.blocking=true
-   *
-   * gnu.crypto.csprng.file.1=75.0;0;256;/dev/random
-   * gnu.crypto.csprng.file.2=10.0;0;100;/home/user/file
-   *
-   * gnu.crypto.csprng.url.1=5.0;0;256;http://www.random.org/cgi-bin/randbyte?nbytes=256
-   * gnu.crypto.csprng.url.2=0;256;256;http://slashdot.org/
-   *
-   * gnu.crypto.csprng.program.1=0.5;0;10;last -n 50
-   * gnu.crypto.csprng.program.2=0.5;0;10;tcpdump -c 5
-   *
-   * gnu.crypto.csprng.other.1=foo.bar.MyEntropySource
-   * gnu.crypto.csprng.other.2=com.company.OtherEntropySource
+   *  gnu.crypto.csprng.blocking=true
+   * 
+   *  gnu.crypto.csprng.file.1=75.0;0;256;/dev/random
+   *  gnu.crypto.csprng.file.2=10.0;0;100;/home/user/file
+   * 
+   *  gnu.crypto.csprng.url.1=5.0;0;256;http://www.random.org/cgi-bin/randbyte?nbytes=256
+   *  gnu.crypto.csprng.url.2=0;256;256;http://slashdot.org/
+   * 
+   *  gnu.crypto.csprng.program.1=0.5;0;10;last -n 50
+   *  gnu.crypto.csprng.program.2=0.5;0;10;tcpdump -c 5
+   * 
+   *  gnu.crypto.csprng.other.1=foo.bar.MyEntropySource
+   *  gnu.crypto.csprng.other.2=com.company.OtherEntropySource
    * </pre>
    */
   public static IRandom getSystemInstance() throws ClassNotFoundException,
@@ -366,70 +289,57 @@ public class CSPRNG extends BasePRNG
     HashMap attrib = new HashMap();
     attrib.put(BLOCKING, Boolean.valueOf(getProperty(BLOCK)));
     String s = null;
-
     // Get each file source "gnu.crypto.csprng.file.N".
     List l = new LinkedList();
     for (int i = 0; (s = getProperty(FILES + i)) != null; i++)
-      {
-        try
-          {
-            l.add(parseString(s.trim()));
-          }
-        catch (NumberFormatException nfe)
-          {
-          }
-      }
+      try
+        {
+          l.add(parseString(s.trim()));
+        }
+      catch (NumberFormatException nfe)
+        {
+        }
     attrib.put(FILE_SOURCES, l);
-
     l = new LinkedList();
     for (int i = 0; (s = getProperty(URLS + i)) != null; i++)
-      {
-        try
-          {
-            l.add(parseURL(s.trim()));
-          }
-        catch (NumberFormatException nfe)
-          {
-          }
-        catch (MalformedURLException mue)
-          {
-          }
-      }
+      try
+        {
+          l.add(parseURL(s.trim()));
+        }
+      catch (NumberFormatException nfe)
+        {
+        }
+      catch (MalformedURLException mue)
+        {
+        }
     attrib.put(URL_SOURCES, l);
-
     l = new LinkedList();
     for (int i = 0; (s = getProperty(PROGS + i)) != null; i++)
-      {
-        try
-          {
-            l.add(parseString(s.trim()));
-          }
-        catch (NumberFormatException nfe)
-          {
-          }
-      }
+      try
+        {
+          l.add(parseString(s.trim()));
+        }
+      catch (NumberFormatException nfe)
+        {
+        }
     attrib.put(PROGRAM_SOURCES, l);
-
     l = new LinkedList();
     for (int i = 0; (s = getProperty(OTHER + i)) != null; i++)
-      {
-        try
-          {
-            Class c = Class.forName(s.trim());
-            l.add(c.newInstance());
-          }
-        catch (ClassNotFoundException cnfe)
-          {
-          }
-        catch (InstantiationException ie)
-          {
-          }
-        catch (IllegalAccessException iae)
-          {
-          }
-      }
+      try
+        {
+          Class c = Class.forName(s.trim());
+          l.add(c.newInstance());
+        }
+      catch (ClassNotFoundException cnfe)
+        {
+        }
+      catch (InstantiationException ie)
+        {
+        }
+      catch (IllegalAccessException iae)
+        {
+        }
     attrib.put(OTHER_SOURCES, l);
-
     instance.init(attrib);
     return instance;
   }
@@ -449,9 +359,7 @@ public class CSPRNG extends BasePRNG
   {
     StringTokenizer tok = new StringTokenizer(s, ";");
     if (tok.countTokens() != 4)
-      {
-        throw new IllegalArgumentException("malformed property");
-      }
+      throw new IllegalArgumentException("malformed property");
     Double quality = new Double(tok.nextToken());
     Integer offset = new Integer(tok.nextToken());
     Integer length = new Integer(tok.nextToken());
@@ -464,9 +372,7 @@ public class CSPRNG extends BasePRNG
   {
     StringTokenizer tok = new StringTokenizer(s, ";");
     if (tok.countTokens() != 4)
-      {
-        throw new IllegalArgumentException("malformed property");
-      }
+      throw new IllegalArgumentException("malformed property");
     Double quality = new Double(tok.nextToken());
     Integer offset = new Integer(tok.nextToken());
     Integer length = new Integer(tok.nextToken());
@@ -474,9 +380,6 @@ public class CSPRNG extends BasePRNG
     return new SimpleList(quality, offset, length, url);
   }
 
-  // Instance methods.
-  // -------------------------------------------------------------------------
-
   public Object clone()
   {
     return new CSPRNG();
@@ -485,34 +388,25 @@ public class CSPRNG extends BasePRNG
   public void setup(Map attrib)
   {
     List list = null;
-
-    if (DEBUG)
-      {
-        debug(String.valueOf(attrib));
-      }
+    if (Configuration.DEBUG)
+      log.fine("attrib=" + String.valueOf(attrib));
     try
       {
         list = (List) attrib.get(FILE_SOURCES);
-        if (DEBUG)
-          {
-            debug(String.valueOf(list));
-          }
+        if (Configuration.DEBUG)
+          log.fine("list=" + String.valueOf(list));
         if (list != null)
           {
             files.clear();
             for (Iterator it = list.iterator(); it.hasNext();)
               {
                 List l = (List) it.next();
-                if (DEBUG)
-                  {
-                    debug("l=" + l);
-                  }
+                if (Configuration.DEBUG)
+                  log.fine("l=" + l);
                 if (l.size() != 4)
                   {
-                    if (DEBUG)
-                      {
-                        debug("file list too small: " + l.size());
-                      }
+                    if (Configuration.DEBUG)
+                      log.fine("file list too small: " + l.size());
                     throw new IllegalArgumentException("invalid file list");
                   }
                 Double quality = (Double) l.get(0);
@@ -525,37 +419,27 @@ public class CSPRNG extends BasePRNG
       }
     catch (ClassCastException cce)
       {
-        if (DEBUG)
-          {
-            debug("bad file list: " + cce.getMessage());
-            cce.printStackTrace();
-          }
+        if (Configuration.DEBUG)
+          log.log(Level.FINE, "bad file list", cce);
         throw new IllegalArgumentException("invalid file list");
       }
-
     try
       {
         list = (List) attrib.get(URL_SOURCES);
-        if (DEBUG)
-          {
-            debug(String.valueOf(list));
-          }
+        if (Configuration.DEBUG)
+          log.fine("list=" + String.valueOf(list));
         if (list != null)
           {
             urls.clear();
             for (Iterator it = list.iterator(); it.hasNext();)
               {
                 List l = (List) it.next();
-                if (DEBUG)
-                  {
-                    debug("l=" + l);
-                  }
+                if (Configuration.DEBUG)
+                  log.fine("l=" + l);
                 if (l.size() != 4)
                   {
-                    if (DEBUG)
-                      {
-                        debug("URL list too small: " + l.size());
-                      }
+                    if (Configuration.DEBUG)
+                      log.fine("URL list too small: " + l.size());
                     throw new IllegalArgumentException("invalid URL list");
                   }
                 Double quality = (Double) l.get(0);
@@ -568,37 +452,27 @@ public class CSPRNG extends BasePRNG
       }
     catch (ClassCastException cce)
       {
-        if (DEBUG)
-          {
-            debug("bad URL list: " + cce.getMessage());
-            cce.printStackTrace();
-          }
+        if (Configuration.DEBUG)
+          log.log(Level.FINE, "bad URL list", cce);
         throw new IllegalArgumentException("invalid URL list");
       }
-
     try
       {
         list = (List) attrib.get(PROGRAM_SOURCES);
-        if (DEBUG)
-          {
-            debug(String.valueOf(list));
-          }
+        if (Configuration.DEBUG)
+          log.fine("list=" + String.valueOf(list));
         if (list != null)
           {
             progs.clear();
             for (Iterator it = list.iterator(); it.hasNext();)
               {
                 List l = (List) it.next();
-                if (DEBUG)
-                  {
-                    debug("l=" + l);
-                  }
+                if (Configuration.DEBUG)
+                  log.fine("l=" + l);
                 if (l.size() != 4)
                   {
-                    if (DEBUG)
-                      {
-                        debug("program list too small: " + l.size());
-                      }
+                    if (Configuration.DEBUG)
+                      log.fine("program list too small: " + l.size());
                     throw new IllegalArgumentException("invalid program list");
                   }
                 Double quality = (Double) l.get(0);
@@ -611,35 +485,25 @@ public class CSPRNG extends BasePRNG
       }
     catch (ClassCastException cce)
       {
-        if (DEBUG)
-          {
-            debug("bad program list: " + cce.getMessage());
-            cce.printStackTrace();
-          }
+        if (Configuration.DEBUG)
+          log.log(Level.FINE, "bad program list", cce);
         throw new IllegalArgumentException("invalid program list");
       }
-
     try
       {
         list = (List) attrib.get(OTHER_SOURCES);
-        if (DEBUG)
-          {
-            debug(String.valueOf(list));
-          }
+        if (Configuration.DEBUG)
+          log.fine("list=" + String.valueOf(list));
         if (list != null)
           {
             other.clear();
             for (Iterator it = list.iterator(); it.hasNext();)
               {
                 EntropySource src = (EntropySource) it.next();
-                if (DEBUG)
-                  {
-                    debug("src=" + src);
-                  }
+                if (Configuration.DEBUG)
+                  log.fine("src=" + src);
                 if (src == null)
-                  {
-                    throw new NullPointerException("null source in source list");
-                  }
+                  throw new NullPointerException("null source in source list");
                 other.add(src);
               }
           }
@@ -653,19 +517,14 @@ public class CSPRNG extends BasePRNG
       {
         Boolean block = (Boolean) attrib.get(BLOCKING);
         if (block != null)
-          {
-            blocking = block.booleanValue();
-          }
+          blocking = block.booleanValue();
         else
-          {
-            blocking = true;
-          }
+          blocking = true;
       }
     catch (ClassCastException cce)
       {
         throw new IllegalArgumentException("invalid blocking parameter");
       }
-
     poller = new Poller(files, urls, progs, other, this);
     try
       {
@@ -679,27 +538,21 @@ public class CSPRNG extends BasePRNG
 
   public void fillBlock() throws LimitReachedException
   {
-    if (DEBUG)
-      {
-        debug("fillBlock");
-      }
+    if (Configuration.DEBUG)
+      log.fine("fillBlock");
     if (getQuality() < 100.0)
       {
-        if (DEBUG)
-          {
-            debug("doing slow poll");
-          }
+        if (Configuration.DEBUG)
+          log.fine("doing slow poll");
         slowPoll();
       }
-
     do
       {
         fastPoll();
         mixRandomPool();
       }
     while (mixCount < MIX_COUNT);
-
-    if (!x917init || x917count >= X917_LIFETIME)
+    if (! x917init || x917count >= X917_LIFETIME)
       {
         mixRandomPool(pool);
         Map attr = new HashMap();
@@ -715,59 +568,45 @@ public class CSPRNG extends BasePRNG
           {
             throw new Error(ike.toString());
           }
-
         mixRandomPool(pool);
         generateX917(pool);
         mixRandomPool(pool);
         generateX917(pool);
-
         if (x917init)
-          {
-            quality = 0.0;
-          }
+          quality = 0.0;
         x917init = true;
         x917count = 0;
       }
-
     byte[] export = new byte[ALLOC_SIZE];
     for (int i = 0; i < ALLOC_SIZE; i++)
-      {
-        export[i] = (byte) (pool[i] ^ 0xFF);
-      }
-
+      export[i] = (byte)(pool[i] ^ 0xFF);
     mixRandomPool();
     mixRandomPool(export);
-
     generateX917(export);
-
     for (int i = 0; i < OUTPUT_SIZE; i++)
-      {
-        buffer[i] = (byte) (export[i] ^ export[i + OUTPUT_SIZE]);
-      }
+      buffer[i] = (byte)(export[i] ^ export[i + OUTPUT_SIZE]);
     Arrays.fill(export, (byte) 0);
   }
 
   /**
-   * Add an array of bytes into the randomness pool. Note that this method
-   * will <i>not</i> increment the pool's quality counter (this can only be
-   * done via a source provided to the setup method).
-   *
+   * Add an array of bytes into the randomness pool. Note that this method will
+   * <i>not</i> increment the pool's quality counter (this can only be done via
+   * a source provided to the setup method).
+   * 
    * @param buf The byte array.
    * @param off The offset from whence to start reading bytes.
    * @param len The number of bytes to add.
    * @throws ArrayIndexOutOfBoundsException If <i>off</i> or <i>len</i> are
-   * out of the range of <i>buf</i>.
+   *           out of the range of <i>buf</i>.
    */
   public synchronized void addRandomBytes(byte[] buf, int off, int len)
   {
     if (off < 0 || len < 0 || off + len > buf.length)
+      throw new ArrayIndexOutOfBoundsException();
+    if (Configuration.DEBUG)
       {
-        throw new ArrayIndexOutOfBoundsException();
-      }
-    if (DEBUG)
-      {
-        debug("adding random bytes:");
-        debug(Util.toString(buf, off, len));
+        log.fine("adding random bytes:");
+        log.fine(Util.toString(buf, off, len));
       }
     final int count = off + len;
     for (int i = off; i < count; i++)
@@ -782,18 +621,16 @@ public class CSPRNG extends BasePRNG
   }
 
   /**
-   * Add a single random byte to the randomness pool. Note that this method
-   * will <i>not</i> increment the pool's quality counter (this can only be
-   * done via a source provided to the setup method).
-   *
+   * Add a single random byte to the randomness pool. Note that this method will
+   * <i>not</i> increment the pool's quality counter (this can only be done via
+   * a source provided to the setup method).
+   * 
    * @param b The byte to add.
    */
   public synchronized void addRandomByte(byte b)
   {
-    if (DEBUG)
-      {
-        debug("adding byte " + Integer.toHexString(b));
-      }
+    if (Configuration.DEBUG)
+      log.fine("adding byte " + Integer.toHexString(b));
     pool[index++] ^= b;
     if (index >= pool.length)
       {
@@ -802,23 +639,14 @@ public class CSPRNG extends BasePRNG
       }
   }
 
-  // Package methods.
-  // -------------------------------------------------------------------------
-
   synchronized void addQuality(double quality)
   {
-    if (DEBUG)
-      {
-        debug("adding quality " + quality);
-      }
+    if (Configuration.DEBUG)
+      log.fine("adding quality " + quality);
     if (this.quality < 100)
-      {
-        this.quality += quality;
-      }
-    if (DEBUG)
-      {
-        debug("quality now " + this.quality);
-      }
+      this.quality += quality;
+    if (Configuration.DEBUG)
+      log.fine("quality now " + this.quality);
   }
 
   synchronized double getQuality()
@@ -826,13 +654,10 @@ public class CSPRNG extends BasePRNG
     return quality;
   }
 
-  // Own methods.
-  // -------------------------------------------------------------------------
-
   /**
-   * The mix operation. This method will, for every 20-byte block in the
-   * random pool, hash that block, the previous 20 bytes, and the next
-   * 44 bytes with SHA-1, writing the result back into that block.
+   * The mix operation. This method will, for every 20-byte block in the random
+   * pool, hash that block, the previous 20 bytes, and the next 44 bytes with
+   * SHA-1, writing the result back into that block.
    */
   private void mixRandomPool(byte[] buf)
   {
@@ -841,25 +666,17 @@ public class CSPRNG extends BasePRNG
       {
         // First update the bytes [p-19..p-1].
         if (i == 0)
-          {
-            hash.update(buf, buf.length - hashSize, hashSize);
-          }
+          hash.update(buf, buf.length - hashSize, hashSize);
         else
-          {
-            hash.update(buf, i - hashSize, hashSize);
-          }
-
+          hash.update(buf, i - hashSize, hashSize);
         // Now the next 64 bytes.
         if (i + 64 < buf.length)
-          {
-            hash.update(buf, i, 64);
-          }
+          hash.update(buf, i, 64);
         else
           {
             hash.update(buf, i, buf.length - i);
             hash.update(buf, 0, 64 - (buf.length - i));
           }
-
         byte[] digest = hash.digest();
         System.arraycopy(digest, 0, buf, i, hashSize);
       }
@@ -878,28 +695,22 @@ public class CSPRNG extends BasePRNG
       {
         int copy = Math.min(buf.length - i, X917_POOL_SIZE);
         for (int j = 0; j < copy; j++)
-          {
-            x917pool[j] ^= pool[off + j];
-          }
-
+          x917pool[j] ^= pool[off + j];
         cipher.encryptBlock(x917pool, 0, x917pool, 0);
         System.arraycopy(x917pool, 0, buf, off, copy);
         cipher.encryptBlock(x917pool, 0, x917pool, 0);
-
         off += copy;
         x917count++;
       }
   }
 
   /**
-   * Add random data always immediately available into the random pool, such
-   * as the values of the eight asynchronous counters, the current time, the
-   * current memory usage, the calling thread name, and the current stack
-   * trace.
-   *
-   * <p>This method does not alter the quality counter, and is provided more
-   * to maintain randomness, not to seriously improve the current random
-   * state.
+   * Add random data always immediately available into the random pool, such as
+   * the values of the eight asynchronous counters, the current time, the
+   * current memory usage, the calling thread name, and the current stack trace.
+   * <p>
+   * This method does not alter the quality counter, and is provided more to
+   * maintain randomness, not to seriously improve the current random state.
    */
   private void fastPoll()
   {
@@ -909,14 +720,12 @@ public class CSPRNG extends BasePRNG
     addRandomByte(b);
     addRandomByte((byte) System.currentTimeMillis());
     addRandomByte((byte) Runtime.getRuntime().freeMemory());
-
     String s = Thread.currentThread().getName();
     if (s != null)
       {
         byte[] buf = s.getBytes();
         addRandomBytes(buf, 0, buf.length);
       }
-
     ByteArrayOutputStream bout = new ByteArrayOutputStream(1024);
     PrintStream pout = new PrintStream(bout);
     Throwable t = new Throwable();
@@ -928,12 +737,10 @@ public class CSPRNG extends BasePRNG
 
   private void slowPoll() throws LimitReachedException
   {
-    if (DEBUG)
-      {
-        debug("poller is alive? "
-              + (pollerThread == null ? false : pollerThread.isAlive()));
-      }
-    if (pollerThread == null || !pollerThread.isAlive())
+    if (Configuration.DEBUG)
+      log.fine("poller is alive? "
+               + (pollerThread == null ? false : pollerThread.isAlive()));
+    if (pollerThread == null || ! pollerThread.isAlive())
       {
         boolean interrupted = false;
         pollerThread = new Thread(poller);
@@ -941,27 +748,21 @@ public class CSPRNG extends BasePRNG
         pollerThread.setPriority(Thread.NORM_PRIORITY - 1);
         pollerThread.start();
         if (blocking)
-          {
-            try
-              {
-                pollerThread.join();
-              }
-            catch (InterruptedException ie)
-              {
-                interrupted = true;
-              }
-          }
-
+          try
+            {
+              pollerThread.join();
+            }
+          catch (InterruptedException ie)
+            {
+              interrupted = true;
+            }
         // If the full slow poll has completed after we waited for it,
         // and there in insufficient randomness, throw an exception.
-        if (!interrupted && blocking && quality < 100.0)
+        if (! interrupted && blocking && quality < 100.0)
           {
-            if (DEBUG)
-              {
-                debug("insufficient quality: " + quality);
-              }
-            throw new LimitReachedException(
-                                            "insufficient randomness was polled");
+            if (Configuration.DEBUG)
+              log.fine("insufficient quality: " + quality);
+            throw new LimitReachedException("insufficient randomness was polled");
           }
       }
   }
@@ -979,33 +780,21 @@ public class CSPRNG extends BasePRNG
     Arrays.fill(buffer, (byte) 0);
   }
 
-  // Inner classes.
-  // -------------------------------------------------------------------------
-
   /**
-   * A simple thread that constantly updates a byte counter. This class is
-   * used in a group of lowest-priority threads and the values of their
-   * counters (updated in competition with all other threads) is used as a
-   * source of entropy bits.
+   * A simple thread that constantly updates a byte counter. This class is used
+   * in a group of lowest-priority threads and the values of their counters
+   * (updated in competition with all other threads) is used as a source of
+   * entropy bits.
    */
-  private static class Spinner implements Runnable
+  private static class Spinner
+      implements Runnable
   {
-
-    // Field.
-    // -----------------------------------------------------------------------
-
-    private byte counter;
-
-    // Constructor.
-    // -----------------------------------------------------------------------
+    protected byte counter;
 
     private Spinner()
     {
     }
 
-    // Instance methods.
-    // -----------------------------------------------------------------------
-
     public void run()
     {
       while (true)
@@ -1022,27 +811,16 @@ public class CSPRNG extends BasePRNG
     }
   }
 
-  private final class Poller implements Runnable
+  private final class Poller
+      implements Runnable
   {
-
-    // Fields.
-    // -----------------------------------------------------------------------
-
     private final List files;
-
     private final List urls;
-
     private final List progs;
-
     private final List other;
-
     private final CSPRNG pool;
-
     private boolean running;
 
-    // Constructor.
-    // -----------------------------------------------------------------------
-
     Poller(List files, List urls, List progs, List other, CSPRNG pool)
     {
       super();
@@ -1053,17 +831,14 @@ public class CSPRNG extends BasePRNG
       this.pool = pool;
     }
 
-    // Instance methods.
-    // -----------------------------------------------------------------------
-
     public void run()
     {
       running = true;
-      if (DEBUG)
+      if (Configuration.DEBUG)
         {
-          debug("files: " + files);
-          debug("URLs: " + urls);
-          debug("progs: " + progs);
+          log.fine("files: " + files);
+          log.fine("URLs: " + urls);
+          log.fine("progs: " + progs);
         }
       Iterator files_it = files.iterator();
       Iterator urls_it = urls.iterator();
@@ -1073,190 +848,132 @@ public class CSPRNG extends BasePRNG
       while (files_it.hasNext() || urls_it.hasNext() || prog_it.hasNext()
              || other_it.hasNext())
         {
-
           // There is enough random data. Go away.
-          if (pool.getQuality() >= 100.0 || !running)
-            {
-              return;
-            }
-
+          if (pool.getQuality() >= 100.0 || ! running)
+            return;
           if (files_it.hasNext())
-            {
-              try
-                {
-                  List l = (List) files_it.next();
-                  if (DEBUG)
-                    {
-                      debug(l.toString());
-                    }
-                  double qual = ((Double) l.get(0)).doubleValue();
-                  int offset = ((Integer) l.get(1)).intValue();
-                  int count = ((Integer) l.get(2)).intValue();
-                  String src = (String) l.get(3);
-                  InputStream in = new FileInputStream(src);
-                  byte[] buf = new byte[count];
-                  if (offset > 0)
-                    {
-                      in.skip(offset);
-                    }
-                  int len = in.read(buf);
-                  if (len >= 0)
-                    {
-                      pool.addRandomBytes(buf, 0, len);
-                      pool.addQuality(qual * ((double) len / (double) count));
-                    }
-                  if (DEBUG)
-                    {
-                      debug("got " + len + " bytes from " + src);
-                    }
-                }
-              catch (Exception x)
-                {
-                  if (DEBUG)
-                    {
-                      debug(x.toString());
-                      x.printStackTrace();
-                    }
-                }
-            }
-
-          if (pool.getQuality() >= 100.0 || !running)
-            {
-              return;
-            }
-
+            try
+              {
+                List l = (List) files_it.next();
+                if (Configuration.DEBUG)
+                  log.fine(l.toString());
+                double qual = ((Double) l.get(0)).doubleValue();
+                int offset = ((Integer) l.get(1)).intValue();
+                int count = ((Integer) l.get(2)).intValue();
+                String src = (String) l.get(3);
+                InputStream in = new FileInputStream(src);
+                byte[] buf = new byte[count];
+                if (offset > 0)
+                  in.skip(offset);
+                int len = in.read(buf);
+                if (len >= 0)
+                  {
+                    pool.addRandomBytes(buf, 0, len);
+                    pool.addQuality(qual * ((double) len / (double) count));
+                  }
+                if (Configuration.DEBUG)
+                  log.fine("got " + len + " bytes from " + src);
+              }
+            catch (Exception x)
+              {
+                if (Configuration.DEBUG)
+                  log.throwing(this.getClass().getName(), "run", x);
+              }
+          if (pool.getQuality() >= 100.0 || ! running)
+            return;
           if (urls_it.hasNext())
-            {
-              try
-                {
-                  List l = (List) urls_it.next();
-                  if (DEBUG)
-                    {
-                      debug(l.toString());
-                    }
-                  double qual = ((Double) l.get(0)).doubleValue();
-                  int offset = ((Integer) l.get(1)).intValue();
-                  int count = ((Integer) l.get(2)).intValue();
-                  URL src = (URL) l.get(3);
-                  InputStream in = src.openStream();
-                  byte[] buf = new byte[count];
-                  if (offset > 0)
-                    {
-                      in.skip(offset);
-                    }
-                  int len = in.read(buf);
-                  if (len >= 0)
-                    {
-                      pool.addRandomBytes(buf, 0, len);
-                      pool.addQuality(qual * ((double) len / (double) count));
-                    }
-                  if (DEBUG)
-                    {
-                      debug("got " + len + " bytes from " + src);
-                    }
-                }
-              catch (Exception x)
-                {
-                  if (DEBUG)
-                    {
-                      debug(x.toString());
-                      x.printStackTrace();
-                    }
-                }
-            }
-
-          if (pool.getQuality() >= 100.0 || !running)
-            {
-              return;
-            }
-
+            try
+              {
+                List l = (List) urls_it.next();
+                if (Configuration.DEBUG)
+                  log.fine(l.toString());
+                double qual = ((Double) l.get(0)).doubleValue();
+                int offset = ((Integer) l.get(1)).intValue();
+                int count = ((Integer) l.get(2)).intValue();
+                URL src = (URL) l.get(3);
+                InputStream in = src.openStream();
+                byte[] buf = new byte[count];
+                if (offset > 0)
+                  in.skip(offset);
+                int len = in.read(buf);
+                if (len >= 0)
+                  {
+                    pool.addRandomBytes(buf, 0, len);
+                    pool.addQuality(qual * ((double) len / (double) count));
+                  }
+                if (Configuration.DEBUG)
+                  log.fine("got " + len + " bytes from " + src);
+              }
+            catch (Exception x)
+              {
+                if (Configuration.DEBUG)
+                  log.throwing(this.getClass().getName(), "run", x);
+              }
+          if (pool.getQuality() >= 100.0 || ! running)
+            return;
           Process proc = null;
           if (prog_it.hasNext())
-            {
-              try
-                {
-                  List l = (List) prog_it.next();
-                  if (DEBUG)
-                    {
-                      debug(l.toString());
-                    }
-                  double qual = ((Double) l.get(0)).doubleValue();
-                  int offset = ((Integer) l.get(1)).intValue();
-                  int count = ((Integer) l.get(2)).intValue();
-                  String src = (String) l.get(3);
-                  proc = null;
-                  proc = Runtime.getRuntime().exec(src);
-                  InputStream in = proc.getInputStream();
-                  byte[] buf = new byte[count];
-                  if (offset > 0)
-                    {
-                      in.skip(offset);
-                    }
-                  int len = in.read(buf);
-                  if (len >= 0)
-                    {
-                      pool.addRandomBytes(buf, 0, len);
-                      pool.addQuality(qual * ((double) len / (double) count));
-                    }
-                  proc.destroy();
-                  proc.waitFor();
-                  if (DEBUG)
-                    {
-                      debug("got " + len + " bytes from " + src);
-                    }
-                }
-              catch (Exception x)
-                {
-                  if (DEBUG)
-                    {
-                      debug(x.toString());
-                      x.printStackTrace();
-                    }
-                  try
-                    {
-                      if (proc != null)
-                        {
-                          proc.destroy();
-                          proc.waitFor();
-                        }
-                    }
-                  catch (Exception ignored)
-                    {
-                    }
-                }
-            }
-
-          if (pool.getQuality() >= 100.0 || !running)
-            {
-              return;
-            }
-
+            try
+              {
+                List l = (List) prog_it.next();
+                if (Configuration.DEBUG)
+                  log.finer(l.toString());
+                double qual = ((Double) l.get(0)).doubleValue();
+                int offset = ((Integer) l.get(1)).intValue();
+                int count = ((Integer) l.get(2)).intValue();
+                String src = (String) l.get(3);
+                proc = null;
+                proc = Runtime.getRuntime().exec(src);
+                InputStream in = proc.getInputStream();
+                byte[] buf = new byte[count];
+                if (offset > 0)
+                  in.skip(offset);
+                int len = in.read(buf);
+                if (len >= 0)
+                  {
+                    pool.addRandomBytes(buf, 0, len);
+                    pool.addQuality(qual * ((double) len / (double) count));
+                  }
+                proc.destroy();
+                proc.waitFor();
+                if (Configuration.DEBUG)
+                  log.fine("got " + len + " bytes from " + src);
+              }
+            catch (Exception x)
+              {
+                if (Configuration.DEBUG)
+                  log.throwing(this.getClass().getName(), "run", x);
+                try
+                  {
+                    if (proc != null)
+                      {
+                        proc.destroy();
+                        proc.waitFor();
+                      }
+                  }
+                catch (Exception ignored)
+                  {
+                  }
+              }
+          if (pool.getQuality() >= 100.0 || ! running)
+            return;
           if (other_it.hasNext())
-            {
-              try
-                {
-                  EntropySource src = (EntropySource) other_it.next();
-                  byte[] buf = src.nextBytes();
-                  if (pool == null)
-                    {
-                      return;
-                    }
-                  pool.addRandomBytes(buf, 0, buf.length);
-                  pool.addQuality(src.quality());
-                  if (DEBUG)
-                    {
-                      debug("got " + buf.length + " bytes from " + src);
-                    }
-                }
-              catch (Exception x)
-                {
-                  if (DEBUG)
-                    {
-                      debug(x.toString());
-                      x.printStackTrace();
-                    }
-                }
-            }
+            try
+              {
+                EntropySource src = (EntropySource) other_it.next();
+                byte[] buf = src.nextBytes();
+                if (pool == null)
+                  return;
+                pool.addRandomBytes(buf, 0, buf.length);
+                pool.addQuality(src.quality());
+                if (Configuration.DEBUG)
+                  log.fine("got " + buf.length + " bytes from " + src);
+              }
+            catch (Exception x)
+              {
+                if (Configuration.DEBUG)
+                  log.throwing(this.getClass().getName(), "run", x);
+              }
         }
     }
 
@@ -1265,4 +982,4 @@ public class CSPRNG extends BasePRNG
       running = false;
     }
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/prng/Fortuna.java b/libjava/classpath/gnu/javax/crypto/prng/Fortuna.java
index 69ce860f451..8aec9ab7d6d 100644
--- a/libjava/classpath/gnu/javax/crypto/prng/Fortuna.java
+++ b/libjava/classpath/gnu/javax/crypto/prng/Fortuna.java
@@ -45,7 +45,6 @@ import gnu.java.security.prng.BasePRNG;
 import gnu.java.security.prng.LimitReachedException;
 import gnu.java.security.prng.RandomEvent;
 import gnu.java.security.prng.RandomEventListener;
-
 import gnu.javax.crypto.cipher.CipherFactory;
 import gnu.javax.crypto.cipher.IBlockCipher;
 
@@ -53,9 +52,7 @@ import java.io.IOException;
 import java.io.ObjectInputStream;
 import java.io.ObjectOutputStream;
 import java.io.Serializable;
-
 import java.security.InvalidKeyException;
-
 import java.util.Arrays;
 import java.util.Collections;
 import java.util.Iterator;
@@ -63,68 +60,54 @@ import java.util.Map;
 
 /**
  * The Fortuna continuously-seeded pseudo-random number generator. This
- * generator is composed of two major pieces: the entropy accumulator
- * and the generator function. The former takes in random bits and
- * incorporates them into the generator's state. The latter takes this
- * base entropy and generates pseudo-random bits from it.
- *
- * <p>There are some things users of this class <em>must</em> be aware of:
- *
+ * generator is composed of two major pieces: the entropy accumulator and the
+ * generator function. The former takes in random bits and incorporates them
+ * into the generator's state. The latter takes this base entropy and generates
+ * pseudo-random bits from it.
+ * <p>
+ * There are some things users of this class <em>must</em> be aware of:
  * <dl>
  * <dt>Adding Random Data</dt>
  * <dd>This class does not do any polling of random sources, but rather
- * provides an interface for adding random events. Applications that use
- * this code <em>must</em> provide this mechanism. We use this design
- * because an application writer who knows the system he is targeting
- * is in a better position to judge what random data is available.</dd>
- *
+ * provides an interface for adding random events. Applications that use this
+ * code <em>must</em> provide this mechanism. We use this design because an
+ * application writer who knows the system he is targeting is in a better
+ * position to judge what random data is available.</dd>
  * <dt>Storing the Seed</dt>
- * <dd>This class implements {@link Serializable} in such a way that it
- * writes a 64 byte seed to the stream, and reads it back again when being
- * deserialized. This is the extent of seed file management, however, and
- * those using this class are encouraged to think deeply about when, how
- * often, and where to store the seed.</dd>
+ * <dd>This class implements {@link Serializable} in such a way that it writes
+ * a 64 byte seed to the stream, and reads it back again when being
+ * deserialized. This is the extent of seed file management, however, and those
+ * using this class are encouraged to think deeply about when, how often, and
+ * where to store the seed.</dd>
  * </dl>
- *
- * <p><b>References:</b></p>
- *
+ * <p>
+ * <b>References:</b>
  * <ul>
- * <li>Niels Ferguson and Bruce Schneier, <i>Practical Cryptography</i>,
- * pp. 155--184. Wiley Publishing, Indianapolis. (2003 Niels Ferguson and
- * Bruce Schneier). ISBN 0-471-22357-3.</li>
+ * <li>Niels Ferguson and Bruce Schneier, <i>Practical Cryptography</i>, pp.
+ * 155--184. Wiley Publishing, Indianapolis. (2003 Niels Ferguson and Bruce
+ * Schneier). ISBN 0-471-22357-3.</li>
  * </ul>
  */
-public class Fortuna extends BasePRNG implements Serializable,
-    RandomEventListener
+public class Fortuna
+    extends BasePRNG
+    implements Serializable, RandomEventListener
 {
-
   private static final long serialVersionUID = 0xFACADE;
-
   private static final int SEED_FILE_SIZE = 64;
-
   private static final int NUM_POOLS = 32;
-
   private static final int MIN_POOL_SIZE = 64;
-
   private final Generator generator;
-
   private final IMessageDigest[] pools;
-
   private long lastReseed;
-
   private int pool;
-
   private int pool0Count;
-
   private int reseedCount;
-
   public static final String SEED = "gnu.crypto.prng.fortuna.seed";
 
   public Fortuna()
   {
     super(Registry.FORTUNA_PRNG);
-    generator = new Generator(
-                              CipherFactory.getInstance(Registry.RIJNDAEL_CIPHER),
+    generator = new Generator(CipherFactory.getInstance(Registry.RIJNDAEL_CIPHER),
                               HashFactory.getInstance(Registry.SHA256_HASH));
     pools = new IMessageDigest[NUM_POOLS];
     for (int i = 0; i < NUM_POOLS; i++)
@@ -144,11 +127,11 @@ public class Fortuna extends BasePRNG implements Serializable,
     generator.init(attributes);
     try
       {
-        fillBlock ();
+        fillBlock();
       }
     catch (LimitReachedException shouldNotHappen)
       {
-        throw new RuntimeException (shouldNotHappen);
+        throw new RuntimeException(shouldNotHappen);
       }
   }
 
@@ -160,10 +143,8 @@ public class Fortuna extends BasePRNG implements Serializable,
         reseedCount++;
         byte[] seed = new byte[0];
         for (int i = 0; i < NUM_POOLS; i++)
-          {
-            if (reseedCount % (1 << i) == 0)
-              generator.addRandomBytes(pools[i].digest());
-          }
+          if (reseedCount % (1 << i) == 0)
+            generator.addRandomBytes(pools[i].digest());
         lastReseed = System.currentTimeMillis();
         pool0Count = 0;
       }
@@ -223,23 +204,19 @@ public class Fortuna extends BasePRNG implements Serializable,
   }
 
   /**
-   * The Fortuna generator function. The generator is a PRNG in its own
-   * right; Fortuna itself is basically a wrapper around this generator
-   * that manages reseeding in a secure way.
+   * The Fortuna generator function. The generator is a PRNG in its own right;
+   * Fortuna itself is basically a wrapper around this generator that manages
+   * reseeding in a secure way.
    */
-  public static class Generator extends BasePRNG implements Cloneable
+  public static class Generator
+      extends BasePRNG
+      implements Cloneable
   {
-
     private static final int LIMIT = 1 << 20;
-
     private final IBlockCipher cipher;
-
     private final IMessageDigest hash;
-
     private final byte[] counter;
-
     private final byte[] key;
-
     private boolean seeded;
 
     public Generator(final IBlockCipher cipher, final IMessageDigest hash)
@@ -270,9 +247,8 @@ public class Fortuna extends BasePRNG implements Serializable,
 
     public void nextBytes(byte[] out, int offset, int length)
     {
-      if (!seeded)
+      if (! seeded)
         throw new IllegalStateException("generator not seeded");
-
       int count = 0;
       do
         {
@@ -286,7 +262,6 @@ public class Fortuna extends BasePRNG implements Serializable,
               throw new Error(shouldNeverHappen);
             }
           count += amount;
-
           for (int i = 0; i < key.length; i += counter.length)
             {
               fillBlock();
@@ -318,7 +293,7 @@ public class Fortuna extends BasePRNG implements Serializable,
 
     public void fillBlock()
     {
-      if (!seeded)
+      if (! seeded)
         throw new IllegalStateException("generator not seeded");
       cipher.encryptBlock(counter, 0, buffer, 0);
       incrementCounter();
@@ -332,13 +307,12 @@ public class Fortuna extends BasePRNG implements Serializable,
       byte[] seed = (byte[]) attributes.get(SEED);
       if (seed != null)
         addRandomBytes(seed);
-      fillBlock ();
+      fillBlock();
     }
 
     /**
-     * Resets the cipher's key. This is done after every reseed, which
-     * combines the old key and the seed, and processes that throigh the
-     * hash function.
+     * Resets the cipher's key. This is done after every reseed, which combines
+     * the old key and the seed, and processes that throigh the hash function.
      */
     private void resetKey()
     {
@@ -359,8 +333,8 @@ public class Fortuna extends BasePRNG implements Serializable,
     }
 
     /**
-     * Increment `counter' as a sixteen-byte little-endian unsigned integer
-     * by one.
+     * Increment `counter' as a sixteen-byte little-endian unsigned integer by
+     * one.
      */
     private void incrementCounter()
     {
@@ -372,4 +346,4 @@ public class Fortuna extends BasePRNG implements Serializable,
         }
     }
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/prng/ICMGenerator.java b/libjava/classpath/gnu/javax/crypto/prng/ICMGenerator.java
index 7d4f4c9a32c..5b0bd4f8b1e 100644
--- a/libjava/classpath/gnu/javax/crypto/prng/ICMGenerator.java
+++ b/libjava/classpath/gnu/javax/crypto/prng/ICMGenerator.java
@@ -41,9 +41,8 @@ package gnu.javax.crypto.prng;
 import gnu.java.security.Registry;
 import gnu.java.security.prng.BasePRNG;
 import gnu.java.security.prng.LimitReachedException;
-
-import gnu.javax.crypto.cipher.IBlockCipher;
 import gnu.javax.crypto.cipher.CipherFactory;
+import gnu.javax.crypto.cipher.IBlockCipher;
 
 import java.math.BigInteger;
 import java.security.InvalidKeyException;
@@ -51,171 +50,132 @@ import java.util.HashMap;
 import java.util.Map;
 
 /**
- * <p>Counter Mode is a way to define a pseudorandom keystream generator using
- * a block cipher. The keystream can be used for additive encryption, key
- * derivation, or any other application requiring pseudorandom data.</p>
- *
- * <p>In ICM, the keystream is logically broken into segments. Each segment is
+ * Counter Mode is a way to define a pseudorandom keystream generator using a
+ * block cipher. The keystream can be used for additive encryption, key
+ * derivation, or any other application requiring pseudorandom data.
+ * <p>
+ * In ICM, the keystream is logically broken into segments. Each segment is
  * identified with a segment index, and the segments have equal lengths. This
  * segmentation makes ICM especially appropriate for securing packet-based
- * protocols.</p>
- *
- * <p>This implementation adheres to the definition of the ICM keystream
- * generation function that allows for any symetric key block cipher algorithm
- * (initialisation parameter <code>gnu.crypto.prng.icm.cipher.name</code> taken
- * to be an instance of {@link java.lang.String}) to be used. If such a
+ * protocols.
+ * <p>
+ * This implementation adheres to the definition of the ICM keystream generation
+ * function that allows for any symetric key block cipher algorithm
+ * (initialisation parameter <code>gnu.crypto.prng.icm.cipher.name</code>
+ * taken to be an instance of {@link java.lang.String}) to be used. If such a
  * parameter is not defined/included in the initialisation <code>Map</code>,
  * then the "Rijndael" algorithm is used. Furthermore, if the initialisation
  * parameter <code>gnu.crypto.cipher.block.size</code> (taken to be a instance
  * of {@link java.lang.Integer}) is missing or undefined in the initialisation
- * <code>Map</code>, then the cipher's <em>default</em> block size is used.</p>
- *
- * <p>The practical limits and constraints of such generator are:</p>
+ * <code>Map</code>, then the cipher's <em>default</em> block size is used.
+ * <p>
+ * The practical limits and constraints of such generator are:
  * <ul>
- *    <li>The number of blocks in any segment <b>MUST NOT</b> exceed <code>
- *    256 ** BLOCK_INDEX_LENGTH</code>. The number of segments <b>MUST NOT</b>
- *    exceed <code>256 ** SEGMENT_INDEX_LENGTH</code>. These restrictions ensure
- *    the uniqueness of each block cipher input.</li>
- *
- *    <li>Each segment contains <code>SEGMENT_LENGTH</code> octets; this value
- *    <b>MUST NOT</b> exceed the value <code>(256 ** BLOCK_INDEX_LENGTH) *
+ * <li>The number of blocks in any segment <b>MUST NOT</b> exceed <code>
+ *    256 ** BLOCK_INDEX_LENGTH</code>.
+ * The number of segments <b>MUST NOT</b> exceed
+ * <code>256 ** SEGMENT_INDEX_LENGTH</code>. These restrictions ensure the
+ * uniqueness of each block cipher input.</li>
+ * <li>Each segment contains <code>SEGMENT_LENGTH</code> octets; this value
+ * <b>MUST NOT</b> exceed the value <code>(256 ** BLOCK_INDEX_LENGTH) *
  *    BLOCK_LENGTH</code>.</li>
- *
- *    <li>The sum of <code>SEGMENT_INDEX_LENGTH</code> and
- *    <code>BLOCK_INDEX_LENGTH</code> <b>MUST NOT</b> exceed <code>BLOCK_LENGTH
- *    / 2</code>. This requirement protects the ICM keystream generator from
- *    potentially failing to be pseudorandom.</li>
+ * <li>The sum of <code>SEGMENT_INDEX_LENGTH</code> and
+ * <code>BLOCK_INDEX_LENGTH</code> <b>MUST NOT</b> exceed <code>BLOCK_LENGTH
+ *    / 2</code>.
+ * This requirement protects the ICM keystream generator from potentially
+ * failing to be pseudorandom.</li>
  * </ul>
- *
- * <p><b>NOTE</b>: Rijndael is used as the default symmetric key block cipher
+ * <p>
+ * <b>NOTE</b>: Rijndael is used as the default symmetric key block cipher
  * algorithm because, with its default block and key sizes, it is the AES. Yet
  * being Rijndael, the algorithm offers more versatile block and key sizes which
- * may prove to be useful for generating <em>longer</em> key streams.</p>
- *
- * <p>References:</p>
- *
+ * may prove to be useful for generating <em>longer</em> key streams.
+ * <p>
+ * References:
  * <ol>
- *    <li><a href="http://www.ietf.org/internet-drafts/draft-mcgrew-saag-icm-00.txt">
- *    Integer Counter Mode</a>, David A. McGrew.</li>
+ * <li><a
+ * href="http://www.ietf.org/internet-drafts/draft-mcgrew-saag-icm-00.txt">
+ * Integer Counter Mode</a>, David A. McGrew.</li>
  * </ol>
  */
-public class ICMGenerator extends BasePRNG implements Cloneable
+public class ICMGenerator
+    extends BasePRNG
+    implements Cloneable
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** Property name of underlying block cipher for this ICM generator. */
   public static final String CIPHER = "gnu.crypto.prng.icm.cipher.name";
-
   /** Property name of ICM's block index length. */
-  public static final String BLOCK_INDEX_LENGTH = "gnu.crypto.prng.icm.block.index.length";
-
+  public static final String BLOCK_INDEX_LENGTH =
+      "gnu.crypto.prng.icm.block.index.length";
   /** Property name of ICM's segment index length. */
-  public static final String SEGMENT_INDEX_LENGTH = "gnu.crypto.prng.icm.segment.index.length";
-
+  public static final String SEGMENT_INDEX_LENGTH =
+      "gnu.crypto.prng.icm.segment.index.length";
   /** Property name of ICM's offset. */
   public static final String OFFSET = "gnu.crypto.prng.icm.offset";
-
   /** Property name of ICM's segment index. */
   public static final String SEGMENT_INDEX = "gnu.crypto.prng.icm.segment.index";
-
   /** The integer value 256 as a BigInteger. */
   private static final BigInteger TWO_FIFTY_SIX = new BigInteger("256");
-
   /** The underlying cipher implementation. */
   private IBlockCipher cipher;
-
   /** This keystream block index length in bytes. */
   private int blockNdxLength = -1;
-
   /** This keystream segment index length in bytes. */
   private int segmentNdxLength = -1;
-
   /** The index of the next block for a given keystream segment. */
   private BigInteger blockNdx = BigInteger.ZERO;
-
   /** The segment index for this keystream. */
   private BigInteger segmentNdx;
-
   /** The initial counter for a given keystream segment. */
   private BigInteger C0;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial 0-arguments constructor. */
   public ICMGenerator()
   {
     super(Registry.ICM_PRNG);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // Implementation of abstract methods in BasePRNG --------------------------
-
-  // Conceptually, ICM is a keystream generator that takes a secret key
-  // and a segment index as an input and then outputs a keystream
-  // segment.  The segmentation lends itself to packet encryption, as
-  // each keystream segment can be used to encrypt a distinct packet.
-  //
-  // An ICM key consists of the block cipher key and an Offset.  The
-  // Offset is an integer with BLOCK_LENGTH octets...
+  // Conceptually, ICM is a keystream generator that takes a secret key and a
+  // segment index as an input and then outputs a keystream segment. The
+  // segmentation lends itself to packet encryption, as each keystream segment
+  // can be used to encrypt a distinct packet.
   //
+  // An ICM key consists of the block cipher key and an Offset. The Offset is
+  // an integer with BLOCK_LENGTH octets...
   public void setup(Map attributes)
   {
     // find out which cipher algorithm to use
     boolean newCipher = true;
     String underlyingCipher = (String) attributes.get(CIPHER);
     if (underlyingCipher == null)
-      {
-        if (cipher == null)
-          { // happy birthday
-            // ensure we have a reliable implementation of this cipher
-            cipher = CipherFactory.getInstance(Registry.RIJNDAEL_CIPHER);
-          }
-        else
-          { // we already have one. use it as is
-            newCipher = false;
-          }
-      }
-    else
-      { // ensure we have a reliable implementation of this cipher
-        cipher = CipherFactory.getInstance(underlyingCipher);
-      }
+      if (cipher == null) // happy birthday
+        // ensure we have a reliable implementation of this cipher
+        cipher = CipherFactory.getInstance(Registry.RIJNDAEL_CIPHER);
+      else
+        // we already have one. use it as is
+        newCipher = false;
+    else // ensure we have a reliable implementation of this cipher
+      cipher = CipherFactory.getInstance(underlyingCipher);
 
     // find out what block size we should use it in
     int cipherBlockSize = 0;
     Integer bs = (Integer) attributes.get(IBlockCipher.CIPHER_BLOCK_SIZE);
     if (bs != null)
-      {
-        cipherBlockSize = bs.intValue();
-      }
+      cipherBlockSize = bs.intValue();
     else
       {
-        if (newCipher)
-          { // assume we'll use its default block size
-            cipherBlockSize = cipher.defaultBlockSize();
-          } // else use as is
+        if (newCipher) // assume we'll use its default block size
+          cipherBlockSize = cipher.defaultBlockSize();
+        // else use as is
       }
-
     // get the key material
     byte[] key = (byte[]) attributes.get(IBlockCipher.KEY_MATERIAL);
     if (key == null)
-      {
-        throw new IllegalArgumentException(IBlockCipher.KEY_MATERIAL);
-      }
-
+      throw new IllegalArgumentException(IBlockCipher.KEY_MATERIAL);
     // now initialise the cipher
     HashMap map = new HashMap();
-    if (cipherBlockSize != 0)
-      { // only needed if new or changed
-        map.put(IBlockCipher.CIPHER_BLOCK_SIZE, new Integer(cipherBlockSize));
-      }
+    if (cipherBlockSize != 0) // only needed if new or changed
+      map.put(IBlockCipher.CIPHER_BLOCK_SIZE, Integer.valueOf(cipherBlockSize));
     map.put(IBlockCipher.KEY_MATERIAL, key);
     try
       {
@@ -225,135 +185,96 @@ public class ICMGenerator extends BasePRNG implements Cloneable
       {
         throw new IllegalArgumentException(IBlockCipher.KEY_MATERIAL);
       }
-
     // at this point we have an initialised (new or otherwise) cipher
     // ensure that remaining params make sense
-
     cipherBlockSize = cipher.currentBlockSize();
     BigInteger counterRange = TWO_FIFTY_SIX.pow(cipherBlockSize);
-
     // offset, like the underlying cipher key is not cloneable
     // always look for it and throw an exception if it's not there
     Object obj = attributes.get(OFFSET);
     // allow either a byte[] or a BigInteger
     BigInteger r;
     if (obj instanceof BigInteger)
+      r = (BigInteger) obj;
+    else // assume byte[]. should be same length as cipher block size
       {
-        r = (BigInteger) obj;
-      }
-    else
-      { // assume byte[]. should be same length as cipher block size
         byte[] offset = (byte[]) obj;
         if (offset.length != cipherBlockSize)
-          {
-            throw new IllegalArgumentException(OFFSET);
-          }
-
+          throw new IllegalArgumentException(OFFSET);
         r = new BigInteger(1, offset);
       }
-
     int wantBlockNdxLength = -1; // number of octets in the block index
     Integer i = (Integer) attributes.get(BLOCK_INDEX_LENGTH);
     if (i != null)
       {
         wantBlockNdxLength = i.intValue();
         if (wantBlockNdxLength < 1)
-          {
-            throw new IllegalArgumentException(BLOCK_INDEX_LENGTH);
-          }
+          throw new IllegalArgumentException(BLOCK_INDEX_LENGTH);
       }
-
     int wantSegmentNdxLength = -1; // number of octets in the segment index
     i = (Integer) attributes.get(SEGMENT_INDEX_LENGTH);
     if (i != null)
       {
         wantSegmentNdxLength = i.intValue();
         if (wantSegmentNdxLength < 1)
-          {
-            throw new IllegalArgumentException(SEGMENT_INDEX_LENGTH);
-          }
+          throw new IllegalArgumentException(SEGMENT_INDEX_LENGTH);
       }
-
     // if both are undefined check if it's a reuse
     if ((wantBlockNdxLength == -1) && (wantSegmentNdxLength == -1))
       {
-        if (blockNdxLength == -1)
-          { // new instance
-            throw new IllegalArgumentException(BLOCK_INDEX_LENGTH + ", "
-                                               + SEGMENT_INDEX_LENGTH);
-          } // else reuse old values
+        if (blockNdxLength == -1) // new instance
+          throw new IllegalArgumentException(BLOCK_INDEX_LENGTH + ", "
+                                             + SEGMENT_INDEX_LENGTH);
+        // else reuse old values
       }
-    else
-      { // only one is undefined, set it to BLOCK_LENGTH/2 minus the other
+    else // only one is undefined, set it to BLOCK_LENGTH/2 minus the other
+      {
         int limit = cipherBlockSize / 2;
         if (wantBlockNdxLength == -1)
-          {
-            wantBlockNdxLength = limit - wantSegmentNdxLength;
-          }
+          wantBlockNdxLength = limit - wantSegmentNdxLength;
         else if (wantSegmentNdxLength == -1)
-          {
-            wantSegmentNdxLength = limit - wantBlockNdxLength;
-          }
+          wantSegmentNdxLength = limit - wantBlockNdxLength;
         else if ((wantSegmentNdxLength + wantBlockNdxLength) > limit)
-          {
-            throw new IllegalArgumentException(BLOCK_INDEX_LENGTH + ", "
-                                               + SEGMENT_INDEX_LENGTH);
-          }
+          throw new IllegalArgumentException(BLOCK_INDEX_LENGTH + ", "
+                                             + SEGMENT_INDEX_LENGTH);
         // save new values
         blockNdxLength = wantBlockNdxLength;
         segmentNdxLength = wantSegmentNdxLength;
       }
-
     // get the segment index as a BigInteger
     BigInteger s = (BigInteger) attributes.get(SEGMENT_INDEX);
     if (s == null)
       {
-        if (segmentNdx == null)
-          { // segment index was never set
-            throw new IllegalArgumentException(SEGMENT_INDEX);
-          }
+        if (segmentNdx == null) // segment index was never set
+          throw new IllegalArgumentException(SEGMENT_INDEX);
         // reuse; check if still valid
         if (segmentNdx.compareTo(TWO_FIFTY_SIX.pow(segmentNdxLength)) > 0)
-          {
-            throw new IllegalArgumentException(SEGMENT_INDEX);
-          }
+          throw new IllegalArgumentException(SEGMENT_INDEX);
       }
     else
       {
         if (s.compareTo(TWO_FIFTY_SIX.pow(segmentNdxLength)) > 0)
-          {
-            throw new IllegalArgumentException(SEGMENT_INDEX);
-          }
+          throw new IllegalArgumentException(SEGMENT_INDEX);
         segmentNdx = s;
       }
-
     // The initial counter of the keystream segment with segment index s is
     // defined as follows, where r denotes the Offset:
     //
     // C[0] = (s * (256^BLOCK_INDEX_LENGTH) + r) modulo (256^BLOCK_LENGTH)
-    //
-    C0 = segmentNdx.multiply(TWO_FIFTY_SIX.pow(blockNdxLength)).add(r).modPow(
-                                                                              BigInteger.ONE,
-                                                                              counterRange);
+    C0 = segmentNdx.multiply(TWO_FIFTY_SIX.pow(blockNdxLength))
+                   .add(r).modPow(BigInteger.ONE, counterRange);
   }
 
   public void fillBlock() throws LimitReachedException
   {
     if (C0 == null)
-      {
-        throw new IllegalStateException();
-      }
+      throw new IllegalStateException();
     if (blockNdx.compareTo(TWO_FIFTY_SIX.pow(blockNdxLength)) >= 0)
-      {
-        throw new LimitReachedException();
-      }
-
+      throw new LimitReachedException();
     int cipherBlockSize = cipher.currentBlockSize();
     BigInteger counterRange = TWO_FIFTY_SIX.pow(cipherBlockSize);
-
     // encrypt the counter for the current blockNdx
     // C[i] = (C[0] + i) modulo (256^BLOCK_LENGTH).
-
     BigInteger Ci = C0.add(blockNdx).modPow(BigInteger.ONE, counterRange);
     buffer = Ci.toByteArray();
     int limit = buffer.length;
@@ -370,7 +291,6 @@ public class ICMGenerator extends BasePRNG implements Cloneable
                          cipherBlockSize);
         buffer = data;
       }
-
     cipher.encryptBlock(buffer, 0, buffer, 0);
     blockNdx = blockNdx.add(BigInteger.ONE); // increment blockNdx
   }
diff --git a/libjava/classpath/gnu/javax/crypto/prng/PBKDF2.java b/libjava/classpath/gnu/javax/crypto/prng/PBKDF2.java
index d39cd0a6597..0f91d4add72 100644
--- a/libjava/classpath/gnu/javax/crypto/prng/PBKDF2.java
+++ b/libjava/classpath/gnu/javax/crypto/prng/PBKDF2.java
@@ -49,51 +49,42 @@ import java.util.HashMap;
 import java.util.Map;
 
 /**
- * <p>An implementation of the <i>key derivation function</i> KDF2 from PKCS #5:
+ * An implementation of the <i>key derivation function</i> KDF2 from PKCS #5:
  * Password-Based Cryptography (<b>PBE</b>). This KDF is essentially a way to
  * transform a password and a salt into a stream of random bytes, which may then
- * be used to initialize a cipher or a MAC.</p>
- *
- * <p>This version uses a MAC as its pseudo-random function, and the password is
- * used as the key.</p>
- *
- * <p>References:</p>
+ * be used to initialize a cipher or a MAC.
+ * <p>
+ * This version uses a MAC as its pseudo-random function, and the password is
+ * used as the key.
+ * <p>
+ * References:
  * <ol>
- *    <li>B. Kaliski, <a href="http://www.ietf.org/rfc/rfc2898.txt">RFC 2898:
- *    Password-Based Cryptography Specification, Version 2.0</a></li>
+ * <li>B. Kaliski, <a href="http://www.ietf.org/rfc/rfc2898.txt">RFC 2898:
+ * Password-Based Cryptography Specification, Version 2.0</a></li>
  * </ol>
  */
-public class PBKDF2 extends BasePRNG implements Cloneable
+public class PBKDF2
+    extends BasePRNG
+    implements Cloneable
 {
-
-  // Contstants and variables
-  // -------------------------------------------------------------------------
-
   /**
-   * The bytes fed into the MAC. This is initially the concatenation of the
-   * salt and the block number.
+   * The bytes fed into the MAC. This is initially the concatenation of the salt
+   * and the block number.
    */
   private byte[] in;
-
   /** The iteration count. */
   private int iterationCount;
-
   /** The salt. */
   private byte[] salt;
-
   /** The MAC (the pseudo-random function we use). */
   private IMac mac;
-
   /** The number of hLen-sized blocks generated. */
   private long count;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Creates a new PBKDF2 object. The argument is the MAC that will serve as
-   * the pseudo-random function. The MAC does not need to be initialized.</p>
-   *
+   * Creates a new PBKDF2 object. The argument is the MAC that will serve as the
+   * pseudo-random function. The MAC does not need to be initialized.
+   * 
    * @param mac The pseudo-random function.
    */
   public PBKDF2(IMac mac)
@@ -103,30 +94,19 @@ public class PBKDF2 extends BasePRNG implements Cloneable
     iterationCount = -1;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   public void setup(Map attributes)
   {
     Map macAttrib = new HashMap();
     macAttrib.put(HMac.USE_WITH_PKCS5_V2, Boolean.TRUE);
-
     byte[] s = (byte[]) attributes.get(IPBE.SALT);
     if (s == null)
       {
         if (salt == null)
-          {
-            throw new IllegalArgumentException("no salt specified");
-          } // Otherwise re-use.
+          throw new IllegalArgumentException("no salt specified");
+        // Otherwise re-use.
       }
     else
-      {
-        salt = s;
-      }
-
+      salt = s;
     byte[] macKeyMaterial;
     char[] password = (char[]) attributes.get(IPBE.PASSWORD);
     if (password != null)
@@ -136,7 +116,6 @@ public class PBKDF2 extends BasePRNG implements Cloneable
           encoding = IPBE.DEFAULT_PASSWORD_ENCODING;
         else
           encoding = encoding.trim();
-
         try
           {
             macKeyMaterial = new String(password).getBytes(encoding);
@@ -152,10 +131,10 @@ public class PBKDF2 extends BasePRNG implements Cloneable
 
     if (macKeyMaterial != null)
       macAttrib.put(IMac.MAC_KEY_MATERIAL, macKeyMaterial);
-    else if (!initialised)
-      throw new IllegalArgumentException("Neither password nor key-material were specified");
+    else if (! initialised)
+      throw new IllegalArgumentException(
+          "Neither password nor key-material were specified");
     // otherwise re-use previous password/key-material
-
     try
       {
         mac.init(macAttrib);
@@ -164,27 +143,19 @@ public class PBKDF2 extends BasePRNG implements Cloneable
       {
         throw new IllegalArgumentException(x.getMessage());
       }
-
     Integer ic = (Integer) attributes.get(IPBE.ITERATION_COUNT);
     if (ic != null)
-      {
-        iterationCount = ic.intValue();
-      }
+      iterationCount = ic.intValue();
     if (iterationCount <= 0)
-      {
-        throw new IllegalArgumentException("bad iteration count");
-      }
-
+      throw new IllegalArgumentException("bad iteration count");
     count = 0L;
     buffer = new byte[mac.macSize()];
     try
       {
         fillBlock();
-        //      } catch (Exception x) {
       }
     catch (LimitReachedException x)
       {
-        //         x.printStackTrace(System.err);
         throw new Error(x.getMessage());
       }
   }
@@ -192,34 +163,22 @@ public class PBKDF2 extends BasePRNG implements Cloneable
   public void fillBlock() throws LimitReachedException
   {
     if (++count > ((1L << 32) - 1))
-      {
-        throw new LimitReachedException();
-      }
-    //      for (int i = 0; i < buffer.length; i++) {
-    //         buffer[i] = 0;
-    //      }
+      throw new LimitReachedException();
     Arrays.fill(buffer, (byte) 0x00);
     int limit = salt.length;
-    //      in = new byte[salt.length + 4];
     in = new byte[limit + 4];
     System.arraycopy(salt, 0, in, 0, salt.length);
-    //      in[salt.length  ] = (byte)(count >>> 24);
-    //      in[salt.length+1] = (byte)(count >>> 16);
-    //      in[salt.length+2] = (byte)(count >>>  8);
-    //      in[salt.length+3] = (byte) count;
-    in[limit++] = (byte) (count >>> 24);
-    in[limit++] = (byte) (count >>> 16);
-    in[limit++] = (byte) (count >>> 8);
-    in[limit] = (byte) count;
+    in[limit++] = (byte)(count >>> 24);
+    in[limit++] = (byte)(count >>> 16);
+    in[limit++] = (byte)(count >>> 8);
+    in[limit  ] = (byte) count;
     for (int i = 0; i < iterationCount; i++)
       {
         mac.reset();
         mac.update(in, 0, in.length);
         in = mac.digest();
         for (int j = 0; j < buffer.length; j++)
-          {
-            buffer[j] ^= in[j];
-          }
+          buffer[j] ^= in[j];
       }
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/prng/PRNGFactory.java b/libjava/classpath/gnu/javax/crypto/prng/PRNGFactory.java
index 9ff6558b0e3..ee75f8d8a1e 100644
--- a/libjava/classpath/gnu/javax/crypto/prng/PRNGFactory.java
+++ b/libjava/classpath/gnu/javax/crypto/prng/PRNGFactory.java
@@ -40,11 +40,9 @@ package gnu.javax.crypto.prng;
 
 import gnu.java.security.Registry;
 import gnu.java.security.prng.IRandom;
-
-
+import gnu.javax.crypto.mac.HMacFactory;
 import gnu.javax.crypto.mac.IMac;
 import gnu.javax.crypto.mac.MacFactory;
-import gnu.javax.crypto.mac.HMacFactory;
 
 import java.util.Collections;
 import java.util.HashSet;
@@ -52,92 +50,66 @@ import java.util.Iterator;
 import java.util.Set;
 
 /**
- * <p>A Factory to instantiate pseudo random number generators.</p>
+ * A Factory to instantiate pseudo random number generators.
  */
-public class PRNGFactory implements Registry
+public class PRNGFactory
+    implements Registry
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial constructor to enforce <i>Singleton</i> pattern. */
   private PRNGFactory()
   {
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns an instance of a padding algorithm given its name.</p>
-   *
+   * Returns an instance of a padding algorithm given its name.
+   * 
    * @param prng the case-insensitive name of the PRNG.
    * @return an instance of the pseudo-random number generator.
    * @exception InternalError if the implementation does not pass its self-
-   * test.
+   *              test.
    */
   public static IRandom getInstance(String prng)
   {
     if (prng == null)
-      {
-        return null;
-      }
-
+      return null;
     prng = prng.trim();
     IRandom result = null;
     if (prng.equalsIgnoreCase(ARCFOUR_PRNG) || prng.equalsIgnoreCase(RC4_PRNG))
-      {
-        result = new ARCFour();
-      }
+      result = new ARCFour();
     else if (prng.equalsIgnoreCase(ICM_PRNG))
-      {
-        result = new ICMGenerator();
-      }
+      result = new ICMGenerator();
     else if (prng.equalsIgnoreCase(UMAC_PRNG))
-      {
-        result = new UMacGenerator();
-      }
+      result = new UMacGenerator();
     else if (prng.toLowerCase().startsWith(PBKDF2_PRNG_PREFIX))
       {
         String macName = prng.substring(PBKDF2_PRNG_PREFIX.length());
         IMac mac = MacFactory.getInstance(macName);
         if (mac == null)
-          {
-            return null;
-          }
+          return null;
         result = new PBKDF2(mac);
       }
 
     if (result != null)
       return result;
 
-    return gnu.java.security.prng.PRNGFactory.getInstance (prng);
+    return gnu.java.security.prng.PRNGFactory.getInstance(prng);
   }
 
   /**
-   * <p>Returns a {@link Set} of names of padding algorithms supported by this
-   * <i>Factory</i>.</p>
-   *
+   * Returns a {@link Set} of names of padding algorithms supported by this
+   * <i>Factory</i>.
+   * 
    * @return a {@link Set} of pseudo-random number generator algorithm names
-   * (Strings).
+   *         (Strings).
    */
   public static Set getNames()
   {
-    HashSet hs = new HashSet (gnu.java.security.prng.PRNGFactory.getNames ());
+    HashSet hs = new HashSet(gnu.java.security.prng.PRNGFactory.getNames());
     hs.add(ICM_PRNG);
     hs.add(UMAC_PRNG);
     // add all hmac implementations as candidate PBKDF2 ones too
     for (Iterator it = HMacFactory.getNames().iterator(); it.hasNext();)
-      {
-        hs.add(PBKDF2_PRNG_PREFIX + ((String) it.next()));
-      }
-
+      hs.add(PBKDF2_PRNG_PREFIX + ((String) it.next()));
     return Collections.unmodifiableSet(hs);
   }
-
-  // Instance methods
-  // -------------------------------------------------------------------------
 }
diff --git a/libjava/classpath/gnu/javax/crypto/prng/UMacGenerator.java b/libjava/classpath/gnu/javax/crypto/prng/UMacGenerator.java
index 0e3725ce986..39c99f73af6 100644
--- a/libjava/classpath/gnu/javax/crypto/prng/UMacGenerator.java
+++ b/libjava/classpath/gnu/javax/crypto/prng/UMacGenerator.java
@@ -50,121 +50,90 @@ import java.util.Map;
 import java.security.InvalidKeyException;
 
 /**
- * <p><i>KDF</i>s (Key Derivation Functions) are used to stretch user-supplied
- * key material to specific size(s) required by high level cryptographic
- * primitives. Described in the <A
+ * <i>KDF</i>s (Key Derivation Functions) are used to stretch user-supplied key
+ * material to specific size(s) required by high level cryptographic primitives.
+ * Described in the <A
  * HREF="http://www.ietf.org/internet-drafts/draft-krovetz-umac-01.txt">UMAC</A>
  * paper, this function basically operates an underlying <em>symmetric key block
  * cipher</em> instance in output feedback mode (OFB), as a <b>strong</b>
- * pseudo-random number generator.</p>
- *
- * <p><code>UMacGenerator</code> requires an <em>index</em> parameter
+ * pseudo-random number generator.
+ * <p>
+ * <code>UMacGenerator</code> requires an <em>index</em> parameter
  * (initialisation parameter <code>gnu.crypto.prng.umac.kdf.index</code> taken
- * to be an instance of {@link java.lang.Integer} with a value between
- * <code>0</code> and <code>255</code>). Using the same key, but different
- * indices, generates different pseudorandom outputs.</p>
- *
- * <p>This implementation generalises the definition of the
- * <code>UmacGenerator</code> algorithm to allow for other than the AES symetric
- * key block cipher algorithm (initialisation parameter
+ * to be an instance of {@link Integer} with a value between <code>0</code> and
+ * <code>255</code>). Using the same key, but different indices, generates
+ * different pseudorandom outputs.
+ * <p>
+ * This implementation generalises the definition of the
+ * <code>UmacGenerator</code> algorithm to allow for other than the AES
+ * symetric key block cipher algorithm (initialisation parameter
  * <code>gnu.crypto.prng.umac.cipher.name</code> taken to be an instance of
- * {@link java.lang.String}). If such a parameter is not defined/included in the
+ * {@link String}). If such a parameter is not defined/included in the
  * initialisation <code>Map</code>, then the "Rijndael" algorithm is used.
  * Furthermore, if the initialisation parameter
- * <code>gnu.crypto.cipher.block.size</code> (taken to be a instance of {@link
- * java.lang.Integer}) is missing or undefined in the initialisation <code>Map
- * </code>, then the cipher's <em>default</em> block size is used.</p>
- *
- * <p><b>NOTE</b>: Rijndael is used as the default symmetric key block cipher
+ * <code>gnu.crypto.cipher.block.size</code> (taken to be a instance of
+ * {@link Integer}) is missing or undefined in the initialisation
+ * <code>Map</code>, then the cipher's <em>default</em> block size is used.
+ * <p>
+ * <b>NOTE</b>: Rijndael is used as the default symmetric key block cipher
  * algorithm because, with its default block and key sizes, it is the AES. Yet
  * being Rijndael, the algorithm offers more versatile block and key sizes which
- * may prove to be useful for generating "longer" key streams.</p>
- *
- * <p>References:</p>
- *
+ * may prove to be useful for generating "longer" key streams.
+ * <p>
+ * References:
  * <ol>
- *    <li><a href="http://www.ietf.org/internet-drafts/draft-krovetz-umac-01.txt">
- *    UMAC</a>: Message Authentication Code using Universal Hashing.<br>
- *    T. Krovetz, J. Black, S. Halevi, A. Hevia, H. Krawczyk, and P. Rogaway.</li>
+ * <li><a href="http://www.ietf.org/internet-drafts/draft-krovetz-umac-01.txt">
+ * UMAC</a>: Message Authentication Code using Universal Hashing.<br>
+ * T. Krovetz, J. Black, S. Halevi, A. Hevia, H. Krawczyk, and P. Rogaway.</li>
  * </ol>
  */
-public class UMacGenerator extends BasePRNG implements Cloneable
+public class UMacGenerator
+    extends BasePRNG
+    implements Cloneable
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Property name of the KDF <code>index</code> value to use in this
+   * Property name of the KDF <code>index</code> value to use in this
    * instance. The value is taken to be an {@link Integer} less than
-   * <code>256</code>.</p>
+   * <code>256</code>.
    */
   public static final String INDEX = "gnu.crypto.prng.umac.index";
-
   /** The name of the underlying symmetric key block cipher algorithm. */
   public static final String CIPHER = "gnu.crypto.prng.umac.cipher.name";
-
   /** The generator's underlying block cipher. */
   private IBlockCipher cipher;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial 0-arguments constructor. */
   public UMacGenerator()
   {
     super(Registry.UMAC_PRNG);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // Implementation of abstract methods in BasePRNG --------------------------
-
   public void setup(Map attributes)
   {
     boolean newCipher = true;
     String cipherName = (String) attributes.get(CIPHER);
     if (cipherName == null)
-      {
-        if (cipher == null)
-          { // happy birthday
-            cipher = CipherFactory.getInstance(Registry.RIJNDAEL_CIPHER);
-          }
-        else
-          { // we already have one. use it as is
-            newCipher = false;
-          }
-      }
+      if (cipher == null) // happy birthday
+        cipher = CipherFactory.getInstance(Registry.RIJNDAEL_CIPHER);
+      else // we already have one. use it as is
+        newCipher = false;
     else
-      {
-        cipher = CipherFactory.getInstance(cipherName);
-      }
-
+      cipher = CipherFactory.getInstance(cipherName);
     // find out what block size we should use it in
     int cipherBlockSize = 0;
     Integer bs = (Integer) attributes.get(IBlockCipher.CIPHER_BLOCK_SIZE);
     if (bs != null)
-      {
-        cipherBlockSize = bs.intValue();
-      }
+      cipherBlockSize = bs.intValue();
     else
       {
-        if (newCipher)
-          { // assume we'll use its default block size
-            cipherBlockSize = cipher.defaultBlockSize();
-          } // else use as is
+        if (newCipher) // assume we'll use its default block size
+          cipherBlockSize = cipher.defaultBlockSize();
+        // else use as is
       }
-
     // get the key material
     byte[] key = (byte[]) attributes.get(IBlockCipher.KEY_MATERIAL);
     if (key == null)
-      {
-        throw new IllegalArgumentException(IBlockCipher.KEY_MATERIAL);
-      }
+      throw new IllegalArgumentException(IBlockCipher.KEY_MATERIAL);
 
     int keyLength = key.length;
     // ensure that keyLength is valid for the chosen underlying cipher
@@ -173,15 +142,10 @@ public class UMacGenerator extends BasePRNG implements Cloneable
       {
         ok = (keyLength == ((Integer) it.next()).intValue());
         if (ok)
-          {
-            break;
-          }
+          break;
       }
-    if (!ok)
-      {
-        throw new IllegalArgumentException("key length");
-      }
-
+    if (! ok)
+      throw new IllegalArgumentException("key length");
     // ensure that remaining params make sense
     int index = -1;
     Integer i = (Integer) attributes.get(INDEX);
@@ -189,17 +153,12 @@ public class UMacGenerator extends BasePRNG implements Cloneable
       {
         index = i.intValue();
         if (index < 0 || index > 255)
-          {
-            throw new IllegalArgumentException(INDEX);
-          }
+          throw new IllegalArgumentException(INDEX);
       }
-
     // now initialise the underlying cipher
     Map map = new HashMap();
-    if (cipherBlockSize != 0)
-      { // only needed if new or changed
-        map.put(IBlockCipher.CIPHER_BLOCK_SIZE, new Integer(cipherBlockSize));
-      }
+    if (cipherBlockSize != 0) // only needed if new or changed
+      map.put(IBlockCipher.CIPHER_BLOCK_SIZE, Integer.valueOf(cipherBlockSize));
     map.put(IBlockCipher.KEY_MATERIAL, key);
     try
       {
@@ -209,7 +168,6 @@ public class UMacGenerator extends BasePRNG implements Cloneable
       {
         throw new IllegalArgumentException(IBlockCipher.KEY_MATERIAL);
       }
-
     buffer = new byte[cipher.currentBlockSize()];
     buffer[cipher.currentBlockSize() - 1] = (byte) index;
     try
@@ -225,4 +183,4 @@ public class UMacGenerator extends BasePRNG implements Cloneable
   {
     cipher.encryptBlock(buffer, 0, buffer, 0);
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/AuthInfo.java b/libjava/classpath/gnu/javax/crypto/sasl/AuthInfo.java
index 1e942559dcf..733d2f0bf47 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/AuthInfo.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/AuthInfo.java
@@ -56,10 +56,6 @@ import java.util.StringTokenizer;
  */
 public class AuthInfo
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   private static final ArrayList factories = new ArrayList();
   static
     {
@@ -72,14 +68,14 @@ public class AuthInfo
         {
           for (StringTokenizer st = new StringTokenizer(pkgs, "|"); st.hasMoreTokens();)
             {
-              clazz = st.nextToken();
-              if (!"gnu.crypto.sasl".equals(clazz))
+              clazz = st.nextToken().trim();
+              if (! "gnu.javax.crypto.sasl".equals(clazz))
                 {
                   clazz += ".AuthInfoProviderFactory";
                   try
                     {
-                      IAuthInfoProviderFactory factory = (IAuthInfoProviderFactory) Class.forName(
-                                                                                                  clazz).newInstance();
+                      IAuthInfoProviderFactory factory =
+                          (IAuthInfoProviderFactory) Class.forName(clazz).newInstance();
                       factories.add(factory);
                     }
                   catch (ClassCastException ignored)
@@ -99,33 +95,25 @@ public class AuthInfo
         }
       // always add ours last; unless it's already there
       if (!factories.contains(ours))
-        {
-          factories.add(ours);
-        }
+        factories.add(ours);
     }
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial constructor to enforce Singleton pattern. */
   private AuthInfo()
   {
     super();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
-   * A convenience method to return the authentication information provider
-   * for a designated SASL mechnanism. It goes through all the installed
-   * provider factories, one at a time, and attempts to return a new instance
-   * of the provider for the designated mechanism. It stops at the first
-   * factory returning a non-null provider.
-   *
+   * A convenience method to return the authentication information provider for
+   * a designated SASL mechnanism. It goes through all the installed provider
+   * factories, one at a time, and attempts to return a new instance of the
+   * provider for the designated mechanism. It stops at the first factory
+   * returning a non-null provider.
+   * 
    * @param mechanism the name of a SASL mechanism.
    * @return an implementation that provides {@link IAuthInfoProvider} for that
-   * mechanism; or <code>null</code> if none found.
+   *         mechanism; or <code>null</code> if none found.
    */
   public static IAuthInfoProvider getProvider(String mechanism)
   {
@@ -134,9 +122,7 @@ public class AuthInfo
         IAuthInfoProviderFactory factory = (IAuthInfoProviderFactory) it.next();
         IAuthInfoProvider result = factory.getInstance(mechanism);
         if (result != null)
-          {
-            return result;
-          }
+          return result;
       }
     return null;
   }
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/AuthInfoProviderFactory.java b/libjava/classpath/gnu/javax/crypto/sasl/AuthInfoProviderFactory.java
index 6ba5fc56296..c4fc816dc3e 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/AuthInfoProviderFactory.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/AuthInfoProviderFactory.java
@@ -46,44 +46,22 @@ import gnu.javax.crypto.sasl.srp.SRPAuthInfoProvider;
 /**
  * The concrete SASL authentication information provider factory.
  */
-public class AuthInfoProviderFactory implements IAuthInfoProviderFactory
+public class AuthInfoProviderFactory
+    implements IAuthInfoProviderFactory
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   // implicit 0-args constructor
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // IAuthInfoProviderFactory interface implementation -----------------------
-
   public IAuthInfoProvider getInstance(String mechanism)
   {
     if (mechanism == null)
-      {
-        return null;
-      }
+      return null;
     mechanism = mechanism.trim().toUpperCase();
     if (mechanism.startsWith(Registry.SASL_SRP_MECHANISM))
-      {
-        return new SRPAuthInfoProvider();
-      }
+      return new SRPAuthInfoProvider();
     if (mechanism.equals(Registry.SASL_CRAM_MD5_MECHANISM))
-      {
-        return new CramMD5AuthInfoProvider();
-      }
+      return new CramMD5AuthInfoProvider();
     if (mechanism.equals(Registry.SASL_PLAIN_MECHANISM))
-      {
-        return new PlainAuthInfoProvider();
-      }
+      return new PlainAuthInfoProvider();
     return null;
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/ClientFactory.java b/libjava/classpath/gnu/javax/crypto/sasl/ClientFactory.java
index ef184632cc4..84acfcd1455 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/ClientFactory.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/ClientFactory.java
@@ -47,11 +47,11 @@ import gnu.javax.crypto.sasl.srp.SRPClient;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collections;
+import java.util.HashMap;
 import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
-import java.util.HashMap;
 
 import javax.security.auth.callback.CallbackHandler;
 import javax.security.sasl.Sasl;
@@ -62,53 +62,32 @@ import javax.security.sasl.SaslException;
 /**
  * The implementation of {@link SaslClientFactory}.
  */
-public class ClientFactory implements SaslClientFactory
+public class ClientFactory
+    implements SaslClientFactory
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   // implicit 0-arguments constructor
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   public static final Set getNames()
   {
-    return Collections.unmodifiableSet(new HashSet(
-                                                   Arrays.asList(getNamesInternal(null))));
+    return Collections.unmodifiableSet(new HashSet(Arrays.asList(getNamesInternal(null))));
   }
 
   private static final String[] getNamesInternal(Map props)
   {
-    String[] all = new String[] { Registry.SASL_SRP_MECHANISM,
-                                 Registry.SASL_CRAM_MD5_MECHANISM,
-                                 Registry.SASL_PLAIN_MECHANISM,
-                                 Registry.SASL_ANONYMOUS_MECHANISM };
-
+    String[] all = new String[] {
+        Registry.SASL_SRP_MECHANISM,
+        Registry.SASL_CRAM_MD5_MECHANISM,
+        Registry.SASL_PLAIN_MECHANISM,
+        Registry.SASL_ANONYMOUS_MECHANISM };
     if (props == null)
-      {
-        return all;
-      }
+      return all;
     if (hasPolicy(Sasl.POLICY_PASS_CREDENTIALS, props))
-      {
-        return new String[0];
-      }
-
+      return new String[0];
     List result = new ArrayList(all.length);
-    ;
     for (int i = 0; i < all.length;)
-      {
-        result.add(all[i++]);
-      }
-
+      result.add(all[i++]);
     if (hasPolicy(Sasl.POLICY_NOPLAINTEXT, props))
-      {
-        result.remove(Registry.SASL_PLAIN_MECHANISM);
-      }
+      result.remove(Registry.SASL_PLAIN_MECHANISM);
     if (hasPolicy(Sasl.POLICY_NOACTIVE, props))
       {
         result.remove(Registry.SASL_CRAM_MD5_MECHANISM);
@@ -135,32 +114,19 @@ public class ClientFactory implements SaslClientFactory
   public static final ClientMechanism getInstance(String mechanism)
   {
     if (mechanism == null)
-      {
-        return null;
-      }
+      return null;
     mechanism = mechanism.trim().toUpperCase();
     if (mechanism.equals(Registry.SASL_SRP_MECHANISM))
-      {
-        return new SRPClient();
-      }
+      return new SRPClient();
     if (mechanism.equals(Registry.SASL_CRAM_MD5_MECHANISM))
-      {
-        return new CramMD5Client();
-      }
+      return new CramMD5Client();
     if (mechanism.equals(Registry.SASL_PLAIN_MECHANISM))
-      {
-        return new PlainClient();
-      }
+      return new PlainClient();
     if (mechanism.equals(Registry.SASL_ANONYMOUS_MECHANISM))
-      {
-        return new AnonymousClient();
-      }
+      return new AnonymousClient();
     return null;
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   public SaslClient createSaslClient(String[] mechanisms,
                                      String authorisationID, String protocol,
                                      String serverName, Map props,
@@ -173,29 +139,21 @@ public class ClientFactory implements SaslClientFactory
         mechanism = mechanisms[i];
         result = getInstance(mechanism);
         if (result != null)
-          {
-            break;
-          }
+          break;
       }
-
     if (result != null)
       {
         HashMap attributes = new HashMap();
         if (props != null)
-          {
-            attributes.putAll(props);
-          }
+          attributes.putAll(props);
         attributes.put(Registry.SASL_AUTHORISATION_ID, authorisationID);
         attributes.put(Registry.SASL_PROTOCOL, protocol);
         attributes.put(Registry.SASL_SERVER_NAME, serverName);
         attributes.put(Registry.SASL_CALLBACK_HANDLER, cbh);
-
         result.init(attributes);
         return result;
       }
-
-    throw new SaslException(
-                            "No supported mechanism found in given mechanism list");
+    throw new SaslException("No supported mechanism found in given mechanism list");
   }
 
   public String[] getMechanismNames(Map props)
@@ -207,4 +165,4 @@ public class ClientFactory implements SaslClientFactory
   {
     return "true".equalsIgnoreCase(String.valueOf(props.get(propertyName)));
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/ClientMechanism.java b/libjava/classpath/gnu/javax/crypto/sasl/ClientMechanism.java
index 45873ae6b27..7f8e9c120b4 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/ClientMechanism.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/ClientMechanism.java
@@ -42,50 +42,37 @@ import gnu.java.security.Registry;
 
 import java.util.HashMap;
 import java.util.Map;
+
 import javax.security.auth.callback.CallbackHandler;
 import javax.security.sasl.Sasl;
 import javax.security.sasl.SaslClient;
 import javax.security.sasl.SaslException;
 
 /**
- * <p>A base class to facilitate implementing SASL client-side mechanisms.</p>
+ * A base class to facilitate implementing SASL client-side mechanisms.
  */
-public abstract class ClientMechanism implements SaslClient
+public abstract class ClientMechanism
+    implements SaslClient
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** Name of this mechanism. */
   protected String mechanism;
-
   /** The authorisation identity. */
   protected String authorizationID;
-
   /** Name of protocol using this mechanism. */
   protected String protocol;
-
   /** Name of server to authenticate to. */
   protected String serverName;
-
   /** Properties of qualities desired for this mechanism. */
   protected Map properties;
-
   /** Callback handler to use with this mechanism instance. */
   protected CallbackHandler handler;
-
   /** Channel binding data to use with this mechanism instance. */
   protected byte[] channelBinding;
-
   /** Whether authentication phase is completed (true) or not (false). */
   protected boolean complete = false;
-
   /** The state of the authentication automaton. */
   protected int state = -1;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   protected ClientMechanism(final String mechanism)
   {
     super();
@@ -94,20 +81,10 @@ public abstract class ClientMechanism implements SaslClient
     this.state = -1;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // abstract methods to be implemented by concrete subclasses ---------------
-
   protected abstract void initMechanism() throws SaslException;
 
   protected abstract void resetMechanism() throws SaslException;
 
-  // javax.security.sasl.SaslClient interface implementation -----------------
-
   public abstract byte[] evaluateChallenge(byte[] challenge)
       throws SaslException;
 
@@ -121,20 +98,16 @@ public abstract class ClientMechanism implements SaslClient
   public byte[] unwrap(final byte[] incoming, final int offset, final int len)
       throws SaslException
   {
-    if (!isComplete())
-      {
-        throw new IllegalMechanismStateException();
-      }
+    if (! isComplete())
+      throw new IllegalMechanismStateException();
     return this.engineUnwrap(incoming, offset, len);
   }
 
   public byte[] wrap(final byte[] outgoing, final int offset, final int len)
       throws SaslException
   {
-    if (!isComplete())
-      {
-        throw new IllegalMechanismStateException();
-      }
+    if (! isComplete())
+      throw new IllegalMechanismStateException();
     return this.engineWrap(outgoing, offset, len);
   }
 
@@ -145,58 +118,32 @@ public abstract class ClientMechanism implements SaslClient
 
   public Object getNegotiatedProperty(final String propName)
   {
-    if (!isComplete())
-      {
-        throw new IllegalStateException();
-      }
+    if (! isComplete())
+      throw new IllegalStateException();
     if (Sasl.QOP.equals(propName))
-      {
-        return getNegotiatedQOP();
-      }
+      return getNegotiatedQOP();
     if (Sasl.STRENGTH.equals(propName))
-      {
-        return getNegotiatedStrength();
-      }
+      return getNegotiatedStrength();
     if (Sasl.SERVER_AUTH.equals(propName))
-      {
-        return getNegotiatedServerAuth();
-      }
+      return getNegotiatedServerAuth();
     if (Sasl.MAX_BUFFER.equals(propName))
-      {
-        return getNegotiatedMaxBuffer();
-      }
+      return getNegotiatedMaxBuffer();
     if (Sasl.RAW_SEND_SIZE.equals(propName))
-      {
-        return getNegotiatedRawSendSize();
-      }
+      return getNegotiatedRawSendSize();
     if (Sasl.POLICY_NOPLAINTEXT.equals(propName))
-      {
-        return getNegotiatedPolicyNoPlainText();
-      }
+      return getNegotiatedPolicyNoPlainText();
     if (Sasl.POLICY_NOACTIVE.equals(propName))
-      {
-        return getNegotiatedPolicyNoActive();
-      }
+      return getNegotiatedPolicyNoActive();
     if (Sasl.POLICY_NODICTIONARY.equals(propName))
-      {
-        return getNegotiatedPolicyNoDictionary();
-      }
+      return getNegotiatedPolicyNoDictionary();
     if (Sasl.POLICY_NOANONYMOUS.equals(propName))
-      {
-        return getNegotiatedPolicyNoAnonymous();
-      }
+      return getNegotiatedPolicyNoAnonymous();
     if (Sasl.POLICY_FORWARD_SECRECY.equals(propName))
-      {
-        return getNegotiatedPolicyForwardSecrecy();
-      }
+      return getNegotiatedPolicyForwardSecrecy();
     if (Sasl.POLICY_PASS_CREDENTIALS.equals(propName))
-      {
-        return getNegotiatedPolicyPassCredentials();
-      }
+      return getNegotiatedPolicyPassCredentials();
     if (Sasl.REUSE.equals(propName))
-      {
-        return getReuse();
-      }
+      return getReuse();
     return null;
   }
 
@@ -204,8 +151,6 @@ public abstract class ClientMechanism implements SaslClient
   {
   }
 
-  // other Instance methods --------------------------------------------------
-
   public String getAuthorizationID()
   {
     return authorizationID;
@@ -288,30 +233,23 @@ public abstract class ClientMechanism implements SaslClient
   }
 
   /**
-   * <p>Initialises the mechanism with designated attributes. Permissible names
-   * and values are mechanism specific.</p>
-   *
+   * Initialises the mechanism with designated attributes. Permissible names and
+   * values are mechanism specific.
+   * 
    * @param attributes a set of name-value pairs that describes the desired
-   * future behaviour of this instance.
+   *          future behaviour of this instance.
    * @throws IllegalMechanismStateException if the instance is already
-   * initialised.
+   *           initialised.
    * @throws SaslException if an exception occurs during the process.
    */
   public void init(final Map attributes) throws SaslException
   {
     if (state != -1)
-      {
-        throw new IllegalMechanismStateException("init()");
-      }
-
+      throw new IllegalMechanismStateException("init()");
     if (properties == null)
-      {
-        properties = new HashMap();
-      }
+      properties = new HashMap();
     else
-      {
-        properties.clear();
-      }
+      properties.clear();
     if (attributes != null)
       {
         authorizationID = (String) attributes.get(Registry.SASL_AUTHORISATION_ID);
@@ -322,35 +260,25 @@ public abstract class ClientMechanism implements SaslClient
         properties.putAll(attributes);
       }
     else
-      {
-        handler = null;
-      }
+      handler = null;
 
     if (authorizationID == null)
-      {
-        authorizationID = "";
-      }
+      authorizationID = "";
     if (protocol == null)
-      {
-        protocol = "";
-      }
+      protocol = "";
     if (serverName == null)
-      {
-        serverName = "";
-      }
+      serverName = "";
     if (channelBinding == null)
-      {
-        channelBinding = new byte[0];
-      }
+      channelBinding = new byte[0];
     initMechanism();
     complete = false;
     state = 0;
   }
 
   /**
-   * <p>Resets the mechanism instance for re-initialisation and use with other
-   * characteristics.</p>
-   *
+   * Resets the mechanism instance for re-initialisation and use with other
+   * characteristics.
+   * 
    * @throws SaslException if an exception occurs during the process.
    */
   public void reset() throws SaslException
@@ -362,4 +290,4 @@ public abstract class ClientMechanism implements SaslClient
     complete = false;
     state = -1;
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/ConfidentialityException.java b/libjava/classpath/gnu/javax/crypto/sasl/ConfidentialityException.java
index adfc06593f2..62b68572552 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/ConfidentialityException.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/ConfidentialityException.java
@@ -45,12 +45,12 @@ import javax.security.sasl.SaslException;
  * exception is thrown to indicate that a violation has occured during the
  * processing of a <i>confidentiality</i> protection filter.
  */
-public class ConfidentialityException extends SaslException
+public class ConfidentialityException
+    extends SaslException
 {
-
   /**
-   * Constructs a new instance of <code>ConfidentialityException</code> with no
-   * detail message.
+   * Constructs a new instance of <code>ConfidentialityException</code> with
+   * no detail message.
    */
   public ConfidentialityException()
   {
@@ -60,7 +60,7 @@ public class ConfidentialityException extends SaslException
   /**
    * Constructs a new instance of <code>ConfidentialityException</code> with
    * the specified detail message.
-   *
+   * 
    * @param s the detail message.
    */
   public ConfidentialityException(String s)
@@ -71,7 +71,7 @@ public class ConfidentialityException extends SaslException
   /**
    * Constructs a new instance of <code>ConfidentialityException</code> with a
    * detailed message and a root exception.
-   *
+   * 
    * @param s possibly null additional detail about the exception.
    * @param x a possibly null root exception that caused this one.
    */
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/IAuthInfoProvider.java b/libjava/classpath/gnu/javax/crypto/sasl/IAuthInfoProvider.java
index 2b913a137b8..60c50d5d4df 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/IAuthInfoProvider.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/IAuthInfoProvider.java
@@ -47,71 +47,70 @@ import javax.security.sasl.AuthenticationException;
  */
 public interface IAuthInfoProvider
 {
-
-  // Constants
-  // -------------------------------------------------------------------------
-
-  // Methods
-  // -------------------------------------------------------------------------
-
   /**
    * Activates (initialises) this provider instance. SHOULD be the first method
    * invoked on the provider.
-   *
+   * 
    * @param context a collection of name-value bindings describing the
-   * activation context.
-   * @throws AuthenticationException if an exception occurs during the operation.
+   *          activation context.
+   * @throws AuthenticationException if an exception occurs during the
+   *           operation.
    */
   void activate(Map context) throws AuthenticationException;
 
   /**
    * Passivates (releases) this provider instance. SHOULD be the last method
-   * invoked on the provider. Once it is done, no other method may be invoked
-   * on the same instance before it is <i>activated</i> agains.
-   *
-   * @throws AuthenticationException if an exception occurs during the operation.
+   * invoked on the provider. Once it is done, no other method may be invoked on
+   * the same instance before it is <i>activated</i> agains.
+   * 
+   * @throws AuthenticationException if an exception occurs during the
+   *           operation.
    */
   void passivate() throws AuthenticationException;
 
   /**
    * Checks if a user with a designated name is known to this provider.
-   *
+   * 
    * @param userName the name of a user to check.
-   * @return <code>true</code> if the user with the designated name is known to
-   * this provider; <code>false</code> otherwise.
-   * @throws AuthenticationException if an exception occurs during the operation.
+   * @return <code>true</code> if the user with the designated name is known
+   *         to this provider; <code>false</code> otherwise.
+   * @throws AuthenticationException if an exception occurs during the
+   *           operation.
    */
   boolean contains(String userName) throws AuthenticationException;
 
   /**
    * Returns a collection of information about a designated user. The contents
    * of the returned map is provider-specific of name-to-value mappings.
-   *
+   * 
    * @param userID a map of name-to-value bindings that fully describe a user.
    * @return a collection of information about the designated user.
-   * @throws AuthenticationException if an exception occurs during the operation.
+   * @throws AuthenticationException if an exception occurs during the
+   *           operation.
    */
   Map lookup(Map userID) throws AuthenticationException;
 
   /**
    * Updates the credentials of a designated user.
-   *
+   * 
    * @param userCredentials a map of name-to-value bindings that fully describe
-   * a user, including per new credentials.
-   * @throws AuthenticationException if an exception occurs during the operation.
+   *          a user, including per new credentials.
+   * @throws AuthenticationException if an exception occurs during the
+   *           operation.
    */
   void update(Map userCredentials) throws AuthenticationException;
 
   /**
    * A provider may operate in more than mode; e.g. SRP-II caters for user
-   * credentials computed in more than one message digest algorithm. This
-   * method returns the set of name-to-value bindings describing the mode of
-   * the provider.
-   *
+   * credentials computed in more than one message digest algorithm. This method
+   * returns the set of name-to-value bindings describing the mode of the
+   * provider.
+   * 
    * @param mode a unique identifier describing the operational mode.
    * @return a collection of name-to-value bindings describing the designated
-   * mode.
-   * @throws AuthenticationException if an exception occurs during the operation.
+   *         mode.
+   * @throws AuthenticationException if an exception occurs during the
+   *           operation.
    */
   Map getConfiguration(String mode) throws AuthenticationException;
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/IAuthInfoProviderFactory.java b/libjava/classpath/gnu/javax/crypto/sasl/IAuthInfoProviderFactory.java
index e630b8da14b..b6dc775d8a8 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/IAuthInfoProviderFactory.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/IAuthInfoProviderFactory.java
@@ -43,20 +43,13 @@ package gnu.javax.crypto.sasl;
  */
 public interface IAuthInfoProviderFactory
 {
-
-  // Constants
-  // -------------------------------------------------------------------------
-
-  // Methods
-  // -------------------------------------------------------------------------
-
   /**
-   * Returns an implementation of a provider for a designated mechanism
-   * capable of honouring {@link IAuthInfoProvider} requests.
-   *
+   * Returns an implementation of a provider for a designated mechanism capable
+   * of honouring {@link IAuthInfoProvider} requests.
+   * 
    * @param mechanism the unique name of a mechanism.
    * @return an implementation of {@link IAuthInfoProvider} for that mechanism
-   * or <code>null</code> if none found.
+   *         or <code>null</code> if none found.
    */
   IAuthInfoProvider getInstance(String mechanism);
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/IllegalMechanismStateException.java b/libjava/classpath/gnu/javax/crypto/sasl/IllegalMechanismStateException.java
index b46ad98e316..547ac41030d 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/IllegalMechanismStateException.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/IllegalMechanismStateException.java
@@ -47,9 +47,9 @@ import javax.security.sasl.AuthenticationException;
  * invoked on incomplete mechanisms was invoked but the authentication phase of
  * that mechanism was already completed.
  */
-public class IllegalMechanismStateException extends AuthenticationException
+public class IllegalMechanismStateException
+    extends AuthenticationException
 {
-
   /**
    * Constructs a new instance of <code>IllegalMechanismStateException</code>
    * with no detail message.
@@ -62,7 +62,7 @@ public class IllegalMechanismStateException extends AuthenticationException
   /**
    * Constructs a new instance of <code>IllegalMechanismStateException</code>
    * with the specified detail message.
-   *
+   * 
    * @param detail the detail message.
    */
   public IllegalMechanismStateException(String detail)
@@ -73,7 +73,7 @@ public class IllegalMechanismStateException extends AuthenticationException
   /**
    * Constructs a new instance of <code>IllegalMechanismStateException</code>
    * with the specified detail message, and cause.
-   *
+   * 
    * @param detail the detail message.
    * @param ex the original cause.
    */
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/InputBuffer.java b/libjava/classpath/gnu/javax/crypto/sasl/InputBuffer.java
index a64ea3e0e65..d676a595dc5 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/InputBuffer.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/InputBuffer.java
@@ -45,39 +45,33 @@ import java.io.IOException;
 import java.math.BigInteger;
 
 /**
- * <p>The implementation of an incoming SASL buffer.</p>
- *
- * <p>The data elements this class caters for are described in [1].</p>
- *
- * <p>References:</p>
+ * The implementation of an incoming SASL buffer.
+ * <p>
+ * The data elements this class caters for are described in [1].
+ * <p>
+ * References:
  * <ol>
- *    <li><a href="http://www.ietf.org/internet-drafts/draft-burdis-cat-srp-sasl-09.txt">
- *    Secure Remote Password Authentication Mechanism</a>;<br/>
- *    draft-burdis-cat-srp-sasl-09,<br/>
- *    <a href="mailto:keith@rucus.ru.ac.za">Keith Burdis</a> and
- *    <a href="mailto:raif@forge.com.au">Ra&iuml;f S. Naffah</a>.</li>
+ * <li><a
+ * href="http://www.ietf.org/internet-drafts/draft-burdis-cat-srp-sasl-09.txt">
+ * Secure Remote Password Authentication Mechanism</a>;<br/>
+ * draft-burdis-cat-srp-sasl-09,<br/> <a
+ * href="mailto:keith@rucus.ru.ac.za">Keith Burdis</a> and <a
+ * href="mailto:raif@forge.com.au">Ra&iuml;f S. Naffah</a>.</li>
  * </ol>
  */
 public class InputBuffer
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** The internal buffer stream containing the buffer's contents. */
   protected ByteArrayInputStream in;
-
   /** The length of the buffer, according to its header. */
   protected int length;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Constructs a SASL buffer given the buffer's encoded form, including its
-   * header bytes.</p>
-   *
-   * @param frame the encoded form, including the header bytes, of a SASL buffer.
+   * Constructs a SASL buffer given the buffer's encoded form, including its
+   * header bytes.
+   * 
+   * @param frame the encoded form, including the header bytes, of a SASL
+   *          buffer.
    * @throws SaslEncodingException if the buffer is malformed.
    */
   public InputBuffer(byte[] frame) throws SaslEncodingException
@@ -85,17 +79,13 @@ public class InputBuffer
     this();
 
     if (frame.length < 4)
-      {
-        throw new SaslEncodingException("SASL buffer header too short");
-      }
-
-    length = (frame[0] & 0xFF) << 24 | (frame[1] & 0xFF) << 16
-             | (frame[2] & 0xFF) << 8 | (frame[3] & 0xFF);
+      throw new SaslEncodingException("SASL buffer header too short");
+    length = (frame[0] & 0xFF) << 24
+           | (frame[1] & 0xFF) << 16
+           | (frame[2] & 0xFF) << 8
+           | (frame[3] & 0xFF);
     if (length > Registry.SASL_BUFFER_MAX_LIMIT || length < 0)
-      {
-        throw new SaslEncodingException("SASL buffer size limit exceeded");
-      }
-
+      throw new SaslEncodingException("SASL buffer size limit exceeded");
     in = new ByteArrayInputStream(frame, 4, length);
   }
 
@@ -105,16 +95,13 @@ public class InputBuffer
     super();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns an instance of a SASL buffer given the buffer's encoded contents,
-   * excluding the buffer's header bytes.</p>
-   *
-   * <p>Calls the method with the same name and three arguments as:
+   * Returns an instance of a SASL buffer given the buffer's encoded contents,
+   * excluding the buffer's header bytes.
+   * <p>
+   * Calls the method with the same name and three arguments as:
    * <code>getInstance(raw, 0, raw.length)</code>.
-   *
+   * 
    * @param raw the encoded form, excluding the header bytes, of a SASL buffer.
    * @return a new instance of {@link InputBuffer}.
    */
@@ -124,9 +111,9 @@ public class InputBuffer
   }
 
   /**
-   * <p>Returns an instance of a SASL buffer given the buffer's encoded
-   * contents, excluding the buffer's header bytes.</p>
-   *
+   * Returns an instance of a SASL buffer given the buffer's encoded contents,
+   * excluding the buffer's header bytes.
+   * 
    * @param raw the encoded form, excluding the header bytes, of a SASL buffer.
    * @param offset offset where to start using raw bytes from.
    * @param len number of bytes to use.
@@ -140,21 +127,8 @@ public class InputBuffer
   }
 
   /**
-   * <p>Converts four octets into the number that they represent.</p>
-   *
-   * @param b the four octets.
-   * @return the length.
-   */
-  //   public static int fourBytesToLength(byte[] b) throws SaslEncodingException {
-  //      int result = b[0] << 24 | (b[1] & 0xFF) << 16 | (b[2] & 0xFF) << 8 | (b[3] & 0xFF);
-  //      if (result > Registry.SASL_FOUR_BYTE_MAX_LIMIT || result < 0) {
-  //         throw new SaslEncodingException("SASL EOS size limit exceeded");
-  //      }
-  //      return result;
-  //   }
-  /**
-   * <p>Converts two octets into the number that they represent.</p>
-   *
+   * Converts two octets into the number that they represent.
+   * 
    * @param b the two octets.
    * @return the length.
    */
@@ -162,49 +136,37 @@ public class InputBuffer
   {
     final int result = (b[0] & 0xFF) << 8 | (b[1] & 0xFF);
     if (result > Registry.SASL_TWO_BYTE_MAX_LIMIT)
-      {
-        throw new SaslEncodingException("SASL MPI/Text size limit exceeded");
-      }
+      throw new SaslEncodingException("SASL MPI/Text size limit exceeded");
     return result;
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   public boolean hasMoreElements()
   {
     return (in.available() > 0);
   }
 
   /**
-   * <p>Decodes a SASL scalar quantity, <code>count</code>-octet long, from the
-   * current buffer.</p>
-   *
+   * Decodes a SASL scalar quantity, <code>count</code>-octet long, from the
+   * current buffer.
+   * 
    * @param count the number of octets of this scalar quantity.
-   * @return a native representation of a SASL scalar (unsigned integer) quantity.
+   * @return a native representation of a SASL scalar (unsigned integer)
+   *         quantity.
    * @throws SaslEncodingException if an encoding exception occurs during the
-   * operation.
+   *           operation.
    * @throws IOException if any other I/O exception occurs during the operation.
    */
   public long getScalar(int count) throws IOException
   {
     if (count < 0 || count > 4)
-      {
-        throw new SaslEncodingException("Invalid SASL scalar octet count: "
-                                        + String.valueOf(count));
-      }
-    if (!hasMoreElements())
-      {
-        throw new SaslEncodingException(
-                                        "Not enough bytes for a scalar in buffer");
-      }
+      throw new SaslEncodingException("Invalid SASL scalar octet count: "
+                                      + String.valueOf(count));
+    if (! hasMoreElements())
+      throw new SaslEncodingException("Not enough bytes for a scalar in buffer");
     if (in.available() < count)
-      {
-        throw new SaslEncodingException("Illegal SASL scalar encoding");
-      }
+      throw new SaslEncodingException("Illegal SASL scalar encoding");
     byte[] element = new byte[count];
     in.read(element);
-
     long result = 0L;
     for (int i = 0; i < count; i++)
       {
@@ -215,125 +177,96 @@ public class InputBuffer
   }
 
   /**
-   * <p>Decodes a SASL OS from the current buffer.</p>
-   *
+   * Decodes a SASL OS from the current buffer.
+   * 
    * @return a native representation of a SASL OS.
    * @throws SaslEncodingException if an encoding exception occurs during the
-   * operation.
+   *           operation.
    * @throws IOException if any other I/O exception occurs during the operation.
    */
   public byte[] getOS() throws IOException
   {
-    if (!hasMoreElements())
-      {
-        throw new SaslEncodingException(
-                                        "Not enough bytes for an octet-sequence in buffer");
-      }
+    if (! hasMoreElements())
+      throw new SaslEncodingException(
+          "Not enough bytes for an octet-sequence in buffer");
     final int elementLength = in.read();
     if (elementLength > Registry.SASL_ONE_BYTE_MAX_LIMIT)
-      {
-        throw new SaslEncodingException(
-                                        "SASL octet-sequence size limit exceeded");
-      }
-
+      throw new SaslEncodingException("SASL octet-sequence size limit exceeded");
     if (in.available() < elementLength)
-      {
-        throw new SaslEncodingException("Illegal SASL octet-sequence encoding");
-      }
-
+      throw new SaslEncodingException("Illegal SASL octet-sequence encoding");
     byte[] result = new byte[elementLength];
     in.read(result);
-
     return result;
   }
 
   /**
-   * <p>Decodes a SASL EOS from the current buffer.</p>
-   *
+   * Decodes a SASL EOS from the current buffer.
+   * 
    * @return a native representation of a SASL EOS.
    * @throws SaslEncodingException if an encoding exception occurs during the
-   * operation.
+   *           operation.
    * @throws IOException if any other I/O exception occurs during the operation.
    */
   public byte[] getEOS() throws IOException
   {
     if (in.available() < 2)
-      {
-        throw new SaslEncodingException(
-                                        "Not enough bytes for an extended octet-sequence in buffer");
-      }
-
+      throw new SaslEncodingException(
+          "Not enough bytes for an extended octet-sequence in buffer");
     byte[] elementLengthBytes = new byte[2];
     in.read(elementLengthBytes);
     final int elementLength = twoBytesToLength(elementLengthBytes);
     if (in.available() < elementLength)
-      {
-        throw new SaslEncodingException(
-                                        "Illegal SASL extended octet-sequence encoding");
-      }
-
+      throw new SaslEncodingException(
+          "Illegal SASL extended octet-sequence encoding");
     byte[] result = new byte[elementLength];
     in.read(result);
-
     return result;
   }
 
   /**
-   * <p>Decodes a SASL MPI from the current buffer.</p>
-   *
+   * Decodes a SASL MPI from the current buffer.
+   * 
    * @return a native representation of a SASL MPI.
    * @throws SaslEncodingException if an encoding exception occurs during the
-   * operation.
+   *           operation.
    * @throws IOException if any other I/O exception occurs during the operation.
    */
   public BigInteger getMPI() throws IOException
   {
     if (in.available() < 2)
-      {
-        throw new SaslEncodingException("Not enough bytes for an MPI in buffer");
-      }
+      throw new SaslEncodingException("Not enough bytes for an MPI in buffer");
     byte[] elementLengthBytes = new byte[2];
     in.read(elementLengthBytes);
     final int elementLength = twoBytesToLength(elementLengthBytes);
     if (in.available() < elementLength)
-      {
-        throw new SaslEncodingException(
-                                        "Illegal SASL multi-precision integer encoding");
-      }
-
+      throw new SaslEncodingException(
+          "Illegal SASL multi-precision integer encoding");
     byte[] element = new byte[elementLength];
     in.read(element);
-
     return new BigInteger(1, element);
   }
 
   /**
-   * <p>Decodes a SASL Text from the current buffer.</p>
-   *
+   * Decodes a SASL Text from the current buffer.
+   * 
    * @return a native representation of a SASL Text.
    * @throws SaslEncodingException if an encoding exception occurs during the
-   * operation.
+   *           operation.
    * @throws SaslEncodingException if the UTF-8 character encoding is not
-   * supported on this platform.
+   *           supported on this platform.
    * @throws IOException if any other I/O exception occurs during the operation.
    */
   public String getText() throws IOException
   {
     if (in.available() < 2)
-      {
-        throw new SaslEncodingException("Not enough bytes for a text in buffer");
-      }
+      throw new SaslEncodingException("Not enough bytes for a text in buffer");
     byte[] elementLengthBytes = new byte[2];
     in.read(elementLengthBytes);
     final int elementLength = twoBytesToLength(elementLengthBytes);
     if (in.available() < elementLength)
-      {
-        throw new SaslEncodingException("Illegal SASL text encoding");
-      }
-
+      throw new SaslEncodingException("Illegal SASL text encoding");
     byte[] element = new byte[elementLength];
     in.read(element);
-
     return new String(element, "UTF8");
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/IntegrityException.java b/libjava/classpath/gnu/javax/crypto/sasl/IntegrityException.java
index 4a56ca2d564..9b793ce3e5e 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/IntegrityException.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/IntegrityException.java
@@ -46,9 +46,9 @@ import javax.security.sasl.SaslException;
  * processing of an <i>integrity</i> protection filter, including <i>replay
  * detection</i>.
  */
-public class IntegrityException extends SaslException
+public class IntegrityException
+    extends SaslException
 {
-
   /**
    * Constructs a new instance of <code>IntegrityException</code> with no
    * detail message.
@@ -61,7 +61,7 @@ public class IntegrityException extends SaslException
   /**
    * Constructs a new instance of <code>IntegrityException</code> with the
    * specified detail message.
-   *
+   * 
    * @param s the detail message.
    */
   public IntegrityException(String s)
@@ -72,7 +72,7 @@ public class IntegrityException extends SaslException
   /**
    * Constructs a new instance of <code>IntegrityException</code> with a
    * detailed message and a root exception.
-   *
+   * 
    * @param s possibly null additional detail about the exception.
    * @param x a possibly null root exception that caused this one.
    */
@@ -80,4 +80,4 @@ public class IntegrityException extends SaslException
   {
     super(s, x);
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/NoSuchMechanismException.java b/libjava/classpath/gnu/javax/crypto/sasl/NoSuchMechanismException.java
index 65432082a4e..5b16a788ccb 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/NoSuchMechanismException.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/NoSuchMechanismException.java
@@ -44,19 +44,19 @@ import javax.security.sasl.SaslException;
  * A checked exception thrown to indicate that a designated SASL mechanism
  * implementation was not found.
  */
-public class NoSuchMechanismException extends SaslException
+public class NoSuchMechanismException
+    extends SaslException
 {
-
   /**
    * Constructs a <code>NoSuchMechanismException</code> with the specified
    * detail message. In the case of this exception, the detail message
    * designates the offending mechanism name.
-   *
+   * 
    * @param arg the detail message, which in this case is the offending
-   * mechanism name.
+   *          mechanism name.
    */
   public NoSuchMechanismException(String arg)
   {
     super(arg);
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/NoSuchUserException.java b/libjava/classpath/gnu/javax/crypto/sasl/NoSuchUserException.java
index fe362c74261..387339f6009 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/NoSuchUserException.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/NoSuchUserException.java
@@ -44,9 +44,9 @@ import javax.security.sasl.AuthenticationException;
  * A checked exception thrown to indicate that a designated user is unknown to
  * the authentication layer.
  */
-public class NoSuchUserException extends AuthenticationException
+public class NoSuchUserException
+    extends AuthenticationException
 {
-
   /** Constructs a <code>NoSuchUserException</code> with no detail message. */
   public NoSuchUserException()
   {
@@ -55,9 +55,9 @@ public class NoSuchUserException extends AuthenticationException
 
   /**
    * Constructs a <code>NoSuchUserException</code> with the specified detail
-   * message. In the case of this exception, the detail message designates
-   * the offending username.
-   *
+   * message. In the case of this exception, the detail message designates the
+   * offending username.
+   * 
    * @param arg the detail message, which in this case is the username.
    */
   public NoSuchUserException(String arg)
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/OutputBuffer.java b/libjava/classpath/gnu/javax/crypto/sasl/OutputBuffer.java
index d219e7e9f0e..92e34dfbfe7 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/OutputBuffer.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/OutputBuffer.java
@@ -46,31 +46,25 @@ import java.io.IOException;
 import java.math.BigInteger;
 
 /**
- * <p>The implementation of an outgoing SASL buffer.</p>
- *
- * <p>The data elements this class caters for are described in [1].</p>
- *
- * <p>References:</p>
+ * The implementation of an outgoing SASL buffer.
+ * <p>
+ * The data elements this class caters for are described in [1].
+ * <p>
+ * References:
  * <ol>
- *    <li><a href="http://www.ietf.org/internet-drafts/draft-burdis-cat-srp-sasl-09.txt">
- *    Secure Remote Password Authentication Mechanism</a>;<br/>
- *    draft-burdis-cat-srp-sasl-09,<br/>
- *    <a href="mailto:keith@rucus.ru.ac.za">Keith Burdis</a> and
- *    <a href="mailto:raif@forge.com.au">Ra&iuml;f S. Naffah</a>.</li>
+ * <li><a
+ * href="http://www.ietf.org/internet-drafts/draft-burdis-cat-srp-sasl-09.txt">
+ * Secure Remote Password Authentication Mechanism</a>;<br/>
+ * draft-burdis-cat-srp-sasl-09,<br/> <a
+ * href="mailto:keith@rucus.ru.ac.za">Keith Burdis</a> and <a
+ * href="mailto:raif@forge.com.au">Ra&iuml;f S. Naffah</a>.</li>
  * </ol>
  */
 public class OutputBuffer
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** The internal output stream. */
   private ByteArrayOutputStream out;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public OutputBuffer()
   {
     super();
@@ -78,16 +72,10 @@ public class OutputBuffer
     out = new ByteArrayOutputStream();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Encodes a SASL scalar quantity, <code>count</code>-octet long, to the
-   * current buffer.</p>
-   *
+   * Encodes a SASL scalar quantity, <code>count</code>-octet long, to the
+   * current buffer.
+   * 
    * @param count number of octets to encode <code>b</code> with.
    * @param b the scalar quantity.
    * @throws SaslEncodingException if an encoding size constraint is violated.
@@ -96,21 +84,17 @@ public class OutputBuffer
   public void setScalar(int count, int b) throws IOException
   {
     if (count < 0 || count > 4)
-      {
-        throw new SaslEncodingException("Invalid SASL scalar octet count: "
-                                        + String.valueOf(count));
-      }
+      throw new SaslEncodingException("Invalid SASL scalar octet count: "
+                                      + String.valueOf(count));
     byte[] element = new byte[count];
     for (int i = count; --i >= 0; b >>>= 8)
-      {
-        element[i] = (byte) b;
-      }
+      element[i] = (byte) b;
     out.write(element);
   }
 
   /**
-   * <p>Encodes a SASL OS to the current buffer.</p>
-   *
+   * Encodes a SASL OS to the current buffer.
+   * 
    * @param b the OS element.
    * @throws SaslEncodingException if an encoding size constraint is violated.
    * @throws IOException if any other I/O exception occurs during the operation.
@@ -119,16 +103,14 @@ public class OutputBuffer
   {
     final int length = b.length;
     if (length > Registry.SASL_ONE_BYTE_MAX_LIMIT)
-      {
-        throw new SaslEncodingException("SASL octet-sequence too long");
-      }
+      throw new SaslEncodingException("SASL octet-sequence too long");
     out.write(length & 0xFF);
     out.write(b);
   }
 
   /**
-   * <p>Encodes a SASL EOS to the current buffer.</p>
-   *
+   * Encodes a SASL EOS to the current buffer.
+   * 
    * @param b the EOS element.
    * @throws SaslEncodingException if an encoding size constraint is violated.
    * @throws IOException if any other I/O exception occurs during the operation.
@@ -137,17 +119,15 @@ public class OutputBuffer
   {
     final int length = b.length;
     if (length > Registry.SASL_TWO_BYTE_MAX_LIMIT)
-      {
-        throw new SaslEncodingException("SASL extended octet-sequence too long");
-      }
-    byte[] lengthBytes = { (byte) (length >>> 8), (byte) length };
+      throw new SaslEncodingException("SASL extended octet-sequence too long");
+    byte[] lengthBytes = { (byte)(length >>> 8), (byte) length };
     out.write(lengthBytes);
     out.write(b);
   }
 
   /**
-   * <p>Encodes a SASL MPI to the current buffer.</p>
-   *
+   * Encodes a SASL MPI to the current buffer.
+   * 
    * @param val the MPI element.
    * @throws SaslEncodingException if an encoding size constraint is violated.
    * @throws IOException if any other I/O exception occurs during the operation.
@@ -157,21 +137,19 @@ public class OutputBuffer
     byte[] b = Util.trim(val);
     final int length = b.length;
     if (length > Registry.SASL_TWO_BYTE_MAX_LIMIT)
-      {
-        throw new SaslEncodingException("SASL multi-precision integer too long");
-      }
-    byte[] lengthBytes = { (byte) (length >>> 8), (byte) length };
+      throw new SaslEncodingException("SASL multi-precision integer too long");
+    byte[] lengthBytes = { (byte)(length >>> 8), (byte) length };
     out.write(lengthBytes);
     out.write(b);
   }
 
   /**
-   * <p>Encodes a SASL Text to the current buffer.</p>
-   *
+   * Encodes a SASL Text to the current buffer.
+   * 
    * @param str the Text element.
    * @throws SaslEncodingException if an encoding size constraint is violated.
    * @throws SaslEncodingException if the UTF-8 encoding is not supported on
-   * this platform.
+   *           this platform.
    * @throws IOException if any other I/O exception occurs during the operation.
    */
   public void setText(String str) throws IOException
@@ -179,18 +157,16 @@ public class OutputBuffer
     byte[] b = str.getBytes("UTF8");
     final int length = b.length;
     if (length > Registry.SASL_TWO_BYTE_MAX_LIMIT)
-      {
-        throw new SaslEncodingException("SASL text too long");
-      }
-    byte[] lengthBytes = { (byte) (length >>> 8), (byte) length };
+      throw new SaslEncodingException("SASL text too long");
+    byte[] lengthBytes = { (byte)(length >>> 8), (byte) length };
     out.write(lengthBytes);
     out.write(b);
   }
 
   /**
-   * <p>Returns the encoded form of the current buffer including the 4-byte
-   * length header.</p>
-   *
+   * Returns the encoded form of the current buffer including the 4-byte length
+   * header.
+   * 
    * @throws SaslEncodingException if an encoding size constraint is violated.
    */
   public byte[] encode() throws SaslEncodingException
@@ -198,28 +174,25 @@ public class OutputBuffer
     byte[] buffer = wrap();
     final int length = buffer.length;
     byte[] result = new byte[length + 4];
-    result[0] = (byte) (length >>> 24);
-    result[1] = (byte) (length >>> 16);
-    result[2] = (byte) (length >>> 8);
+    result[0] = (byte)(length >>> 24);
+    result[1] = (byte)(length >>> 16);
+    result[2] = (byte)(length >>> 8);
     result[3] = (byte) length;
     System.arraycopy(buffer, 0, result, 4, length);
-
     return result;
   }
 
   /**
-   * <p>Returns the encoded form of the current buffer excluding the 4-byte
-   * length header.</p>
-   *
+   * Returns the encoded form of the current buffer excluding the 4-byte length
+   * header.
+   * 
    * @throws SaslEncodingException if an encoding size constraint is violated.
    */
   public byte[] wrap() throws SaslEncodingException
   {
     final int length = out.size();
     if (length > Registry.SASL_BUFFER_MAX_LIMIT || length < 0)
-      {
-        throw new SaslEncodingException("SASL buffer too long");
-      }
+      throw new SaslEncodingException("SASL buffer too long");
     return out.toByteArray();
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/SaslEncodingException.java b/libjava/classpath/gnu/javax/crypto/sasl/SaslEncodingException.java
index 9f4c59f1c2b..f6a74641dd2 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/SaslEncodingException.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/SaslEncodingException.java
@@ -44,9 +44,9 @@ import javax.security.sasl.SaslException;
  * A checked exception, thrown when an exception occurs while decoding a SASL
  * buffer and/or a SASL data element from/to a buffer.
  */
-public class SaslEncodingException extends SaslException
+public class SaslEncodingException
+    extends SaslException
 {
-
   /** Constructs a <code>SaslEncodingException</code> with no detail message. */
   public SaslEncodingException()
   {
@@ -56,11 +56,11 @@ public class SaslEncodingException extends SaslException
   /**
    * Constructs a <code>SaslEncodingException</code> with the specified detail
    * message.
-   *
+   * 
    * @param s the detail message.
    */
   public SaslEncodingException(String s)
   {
     super(s);
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/SaslInputStream.java b/libjava/classpath/gnu/javax/crypto/sasl/SaslInputStream.java
index 57eb2b5c52d..d127bf5ba22 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/SaslInputStream.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/SaslInputStream.java
@@ -38,12 +38,13 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.sasl;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.util.Util;
 
+import java.io.IOException;
 import java.io.InputStream;
 import java.io.InterruptedIOException;
-import java.io.IOException;
-import java.io.PrintWriter;
+import java.util.logging.Logger;
 
 import javax.security.sasl.Sasl;
 import javax.security.sasl.SaslClient;
@@ -53,55 +54,24 @@ import javax.security.sasl.SaslServer;
  * An input stream that uses either a {@link SaslClient} or a {@link SaslServer}
  * to process the data through these entities' security layer filter(s).
  */
-public class SaslInputStream extends InputStream
+public class SaslInputStream
+    extends InputStream
 {
-
-  // Debugging methods and variables
-  // -------------------------------------------------------------------------
-
-  private static final String NAME = "SaslOutputStream";
-
-  private static final String ERROR = "ERROR";
-
-  private static final String WARN = " WARN";
-
-  //   private static final String INFO =  " INFO";
-  private static final String TRACE = "DEBUG";
-
-  private static final boolean DEBUG = true;
-
-  private static final int debuglevel = 3;
-
-  private static final PrintWriter err = new PrintWriter(System.out, true);
-
-  private static void debug(String level, Object obj)
-  {
-    err.println("[" + level + "] " + NAME + ": " + String.valueOf(obj));
-  }
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
+  private static final Logger log = Logger.getLogger(SaslInputStream.class.getName());
   private SaslClient client;
-
   private SaslServer server;
-
   private int maxRawSendSize;
-
   private InputStream source;
-
   private byte[] internalBuf;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public SaslInputStream(SaslClient client, InputStream source)
       throws IOException
   {
     super();
 
     this.client = client;
-    maxRawSendSize = Integer.parseInt((String) client.getNegotiatedProperty(Sasl.RAW_SEND_SIZE));
+    String size = (String) client.getNegotiatedProperty(Sasl.RAW_SEND_SIZE);
+    maxRawSendSize = Integer.parseInt(size);
     server = null;
     this.source = source;
   }
@@ -112,19 +82,12 @@ public class SaslInputStream extends InputStream
     super();
 
     this.server = server;
-    maxRawSendSize = Integer.parseInt((String) server.getNegotiatedProperty(Sasl.RAW_SEND_SIZE));
+    String size = (String) server.getNegotiatedProperty(Sasl.RAW_SEND_SIZE);
+    maxRawSendSize = Integer.parseInt(size);
     client = null;
     this.source = source;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // Overloaded java.io.InputStream methods ----------------------------------
-
   public int available() throws IOException
   {
     return (internalBuf == null) ? 0 : internalBuf.length;
@@ -136,25 +99,25 @@ public class SaslInputStream extends InputStream
   }
 
   /**
-   * <p>Reads the next byte of data from the input stream. The value byte is
+   * Reads the next byte of data from the input stream. The value byte is
    * returned as an <code>int</code> in the range <code>0</code> to
    * <code>255</code>. If no byte is available because the end of the stream
    * has been reached, the value <code>-1</code> is returned. This method
-   * blocks until input data is available, the end of the stream is detected,
-   * or an exception is thrown.</p>
-   *
-   * <p>From a SASL mechanism provider's perspective, if a security layer has
-   * been negotiated, the underlying <i>source</i> is expected to contain SASL
+   * blocks until input data is available, the end of the stream is detected, or
+   * an exception is thrown.
+   * <p>
+   * From a SASL mechanism provider's perspective, if a security layer has been
+   * negotiated, the underlying <i>source</i> is expected to contain SASL
    * buffers, as defined in RFC 2222. Four octets in network byte order in the
    * front of each buffer identify the length of the buffer. The provider is
    * responsible for performing any integrity checking or other processing on
    * the buffer before returning the data as a stream of octets. For example,
    * the protocol driver's request for a single octet from the stream might;
    * i.e. an invocation of this method, may result in an entire SASL buffer
-   * being read and processed before that single octet can be returned.</p>
-   *
-   * @return the next byte of data, or <code>-1</code> if the end of the stream
-   * is reached.
+   * being read and processed before that single octet can be returned.
+   * 
+   * @return the next byte of data, or <code>-1</code> if the end of the
+   *         stream is reached.
    * @throws IOException if an I/O error occurs.
    */
   public int read() throws IOException
@@ -168,7 +131,6 @@ public class SaslInputStream extends InputStream
         else
           {
             byte[] tmp = new byte[internalBuf.length - 1];
-            //            System.arraycopy(internalBuf, 0, tmp, 0, tmp.length);
             System.arraycopy(internalBuf, 1, tmp, 0, tmp.length);
             internalBuf = tmp;
           }
@@ -179,94 +141,83 @@ public class SaslInputStream extends InputStream
         int check = read(buf);
         result = (check > 0) ? (buf[0] & 0xFF) : -1;
       }
-
     return result;
   }
 
   /**
-   * <p>Reads up to <code>len</code> bytes of data from the underlying
-   * <i>source</i> input stream into an array of bytes. An attempt is made to
-   * read as many as <code>len</code> bytes, but a smaller number may be read,
-   * possibly zero. The number of bytes actually read is returned as an
-   * integer.</p>
-   *
-   * <p>This method blocks until input data is available, end of file is
-   * detected, or an exception is thrown.</p>
-   *
-   * <p>If <code>b</code> is <code>null</code>, a {@link NullPointerException} is
-   * thrown.</p>
-   *
-   * <p>If <code>off</code> is negative, or <code>len</code> is negative, or
-   * <code>off+len</code> is greater than the length of the array <code>b</code>,
-   * then an {@link IndexOutOfBoundsException} is thrown.</p>
-   *
-   * <p>If <code>len</code> is zero, then no bytes are read and <code>0</code>
+   * Reads up to <code>len</code> bytes of data from the underlying <i>source</i>
+   * input stream into an array of bytes. An attempt is made to read as many as
+   * <code>len</code> bytes, but a smaller number may be read, possibly zero.
+   * The number of bytes actually read is returned as an integer.
+   * <p>
+   * This method blocks until input data is available, end of file is detected,
+   * or an exception is thrown.
+   * <p>
+   * If <code>b</code> is <code>null</code>, a {@link NullPointerException}
+   * is thrown.
+   * <p>
+   * If <code>off</code> is negative, or <code>len</code> is negative, or
+   * <code>off+len</code> is greater than the length of the array
+   * <code>b</code>, then an {@link IndexOutOfBoundsException} is thrown.
+   * <p>
+   * If <code>len</code> is zero, then no bytes are read and <code>0</code>
    * is returned; otherwise, there is an attempt to read at least one byte. If
    * no byte is available because the stream is at end of file, the value
    * <code>-1</code> is returned; otherwise, at least one byte is read and
-   * stored into <code>b</code>.</p>
-   *
-   * <p>The first byte read is stored into element <code>b[off]</code>, the
-   * next one into <code>b[off+1]</code>, and so on. The number of bytes read
-   * is, at most, equal to <code>len</code>. Let <code>k</code> be the number
+   * stored into <code>b</code>.
+   * <p>
+   * The first byte read is stored into element <code>b[off]</code>, the next
+   * one into <code>b[off+1]</code>, and so on. The number of bytes read is,
+   * at most, equal to <code>len</code>. Let <code>k</code> be the number
    * of bytes actually read; these bytes will be stored in elements
    * <code>b[off]</code> through <code>b[off+k-1]</code>, leaving elements
-   * <code>b[off+k]</code> through <code>b[off+len-1]</code> unaffected.</p>
-   *
-   * <p>In every case, elements <code>b[0]</code> through <code>b[off]</code>
+   * <code>b[off+k]</code> through <code>b[off+len-1]</code> unaffected.
+   * <p>
+   * In every case, elements <code>b[0]</code> through <code>b[off]</code>
    * and elements <code>b[off+len]</code> through <code>b[b.length-1]</code>
-   * are unaffected.</p>
-   *
-   * <p>If the first byte cannot be read for any reason other than end of file,
-   * then an {@link IOException} is thrown. In particular, an {@link IOException}
-   * is thrown if the input stream has been closed.</p>
-   *
-   * <p>From the SASL mechanism provider's perspective, if a security layer has
+   * are unaffected.
+   * <p>
+   * If the first byte cannot be read for any reason other than end of file,
+   * then an {@link IOException} is thrown. In particular, an
+   * {@link IOException} is thrown if the input stream has been closed.
+   * <p>
+   * From the SASL mechanism provider's perspective, if a security layer has
    * been negotiated, the underlying <i>source</i> is expected to contain SASL
    * buffers, as defined in RFC 2222. Four octets in network byte order in the
    * front of each buffer identify the length of the buffer. The provider is
    * responsible for performing any integrity checking or other processing on
    * the buffer before returning the data as a stream of octets. The protocol
    * driver's request for a single octet from the stream might result in an
-   * entire SASL buffer being read and processed before that single octet can
-   * be returned.</p>
-   *
+   * entire SASL buffer being read and processed before that single octet can be
+   * returned.
+   * 
    * @param b the buffer into which the data is read.
    * @param off the start offset in array <code>b</code> at which the data is
-   * wricodeen.
+   *          wricodeen.
    * @param len the maximum number of bytes to read.
    * @return the total number of bytes read into the buffer, or <code>-1</code>
-   * if there is no more data because the end of the stream has been reached.
+   *         if there is no more data because the end of the stream has been
+   *         reached.
    * @throws IOException if an I/O error occurs.
    */
   public int read(byte[] b, int off, int len) throws IOException
   {
-    if (DEBUG && debuglevel > 8)
-      debug(TRACE, "==> read(b, " + String.valueOf(off) + ", "
-                   + String.valueOf(len) + ")");
-
-    if (b == null)
-      {
-        throw new NullPointerException("b");
-      }
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "read", new Object[] {
+          b, Integer.valueOf(off), Integer.valueOf(len)
+      });
     if ((off < 0) || (off > b.length) || (len < 0) || ((off + len) > b.length)
         || ((off + len) < 0))
-      {
-        throw new IndexOutOfBoundsException("off=" + String.valueOf(off)
-                                            + ", len=" + String.valueOf(len)
-                                            + ", b.length="
-                                            + String.valueOf(b.length));
-      }
+      throw new IndexOutOfBoundsException("off=" + off + ", len=" + len
+                                          + ", b.length=" + b.length);
     if (len == 0)
       {
-        if (DEBUG && debuglevel > 8)
-          debug(TRACE, "<== read() --> 0");
+        if (Configuration.DEBUG)
+          log.exiting(this.getClass().getName(), "read", Integer.valueOf(0));
         return 0;
       }
-
-    if (DEBUG && debuglevel > 6)
-      debug(TRACE, "Available: " + String.valueOf(available()));
-
+    if (Configuration.DEBUG)
+      log.finer("Available: " + available());
     int result = 0;
     if (internalBuf == null || internalBuf.length < 1)
       try
@@ -274,24 +225,26 @@ public class SaslInputStream extends InputStream
           internalBuf = readSaslBuffer();
           if (internalBuf == null)
             {
-              if (DEBUG && debuglevel > 4)
-                debug(WARN, "Underlying stream empty. Returning -1");
-              if (DEBUG && debuglevel > 8)
-                debug(TRACE, "<== read() --> -1");
+              if (Configuration.DEBUG)
+                {
+                  log.finer("Underlying stream empty. Returning -1");
+                  log.exiting(this.getClass().getName(), "read",
+                              Integer.valueOf(-1));
+                }
               return -1;
             }
         }
       catch (InterruptedIOException x)
         {
-          if (DEBUG && debuglevel > 6)
-            debug(TRACE, x);
-          if (DEBUG && debuglevel > 4)
-            debug(WARN, "Reading thread was interrupted. Returning -1");
-          if (DEBUG && debuglevel > 8)
-            debug(TRACE, "<== read() --> -1");
+          if (Configuration.DEBUG)
+            {
+              log.finer("Reading thread was interrupted. Returning -1");
+              log.throwing(this.getClass().getName(), "read", x);
+              log.exiting(this.getClass().getName(), "read",
+                          Integer.valueOf(-1));
+            }
           return -1;
         }
-
     if (len <= internalBuf.length)
       {
         result = len;
@@ -311,10 +264,8 @@ public class SaslInputStream extends InputStream
         result = internalBuf.length;
         System.arraycopy(internalBuf, 0, b, off, result);
         internalBuf = null;
-
         off += result;
         len -= result;
-
         int remaining; // count of bytes remaining in buffer after an iteration
         int delta; // count of bytes moved to b after an iteration
         int datalen;
@@ -328,13 +279,11 @@ public class SaslInputStream extends InputStream
               data = readSaslBuffer();
               if (data == null)
                 {
-                  if (DEBUG && debuglevel > 4)
-                    debug(WARN, "Underlying stream exhausted. Breaking...");
+                  if (Configuration.DEBUG)
+                    log.finer("Underlying stream exhausted. Breaking...");
                   break;
                 }
-
               datalen = data.length;
-
               // copy [part of] the result to b
               remaining = (datalen <= len) ? 0 : datalen - len;
               delta = datalen - remaining;
@@ -344,7 +293,6 @@ public class SaslInputStream extends InputStream
                   internalBuf = new byte[remaining];
                   System.arraycopy(data, delta, internalBuf, 0, remaining);
                 }
-
               // update off, result and len
               off += delta;
               result += delta;
@@ -352,36 +300,32 @@ public class SaslInputStream extends InputStream
             }
           else
             { // nothing much we can do except return what we have
-              if (DEBUG && debuglevel > 4)
-                debug(WARN,
-                      "Not enough bytes in source to read a buffer. Breaking...");
+              if (Configuration.DEBUG)
+                log.finer("Not enough bytes in source to read a buffer. Breaking...");
               break;
             }
       }
-
-    if (DEBUG && debuglevel > 6)
-      debug(TRACE, "Remaining: "
-                   + (internalBuf == null ? 0 : internalBuf.length));
-    if (DEBUG && debuglevel > 8)
-      debug(TRACE, "<== read() --> " + String.valueOf(result));
+    if (Configuration.DEBUG)
+      {
+        log.finer("Remaining: "
+                  + (internalBuf == null ? 0 : internalBuf.length));
+        log.exiting(this.getClass().getName(), "read()", String.valueOf(result));
+      }
     return result;
   }
 
-  // other nstance methods ---------------------------------------------------
-
   /**
    * Reads a SASL buffer from the underlying source if at least 4 bytes are
    * available.
-   *
+   * 
    * @return the byte[] of decoded buffer contents, or null if the underlying
-   * source was exhausted.
+   *         source was exhausted.
    * @throws IOException if an I/O exception occurs during the operation.
    */
   private byte[] readSaslBuffer() throws IOException
   {
-    if (DEBUG && debuglevel > 8)
-      debug(TRACE, "==> readSaslBuffer()");
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "readSaslBuffer()");
     int realLength; // check if we read as many bytes as we're supposed to
     byte[] result = new byte[4];
     try
@@ -389,32 +333,27 @@ public class SaslInputStream extends InputStream
         realLength = source.read(result);
         if (realLength == -1)
           {
-            if (DEBUG && debuglevel > 8)
-              debug(TRACE, "<== readSaslBuffer() --> null");
+            if (Configuration.DEBUG)
+              log.exiting(this.getClass().getName(), "readSaslBuffer");
             return null;
           }
       }
     catch (IOException x)
       {
-        if (DEBUG && debuglevel > 0)
-          debug(ERROR, x);
+        if (Configuration.DEBUG)
+          log.throwing(this.getClass().getName(), "readSaslBuffer", x);
         throw x;
       }
-
     if (realLength != 4)
-      {
-        throw new IOException("Was expecting 4 but found "
-                              + String.valueOf(realLength));
-      }
-    int bufferLength = result[0] << 24 | (result[1] & 0xFF) << 16
-                       | (result[2] & 0xFF) << 8 | (result[3] & 0xFF);
-
-    if (DEBUG && debuglevel > 6)
-      debug(TRACE, "SASL buffer size: " + bufferLength);
+      throw new IOException("Was expecting 4 but found " + realLength);
+    int bufferLength =  result[0]         << 24
+                     | (result[1] & 0xFF) << 16
+                     | (result[2] & 0xFF) << 8
+                     | (result[3] & 0xFF);
+    if (Configuration.DEBUG)
+      log.finer("SASL buffer size: " + bufferLength);
     if (bufferLength > maxRawSendSize || bufferLength < 0)
-      {
-        throw new SaslEncodingException("SASL buffer (security layer) too long");
-      }
+      throw new SaslEncodingException("SASL buffer (security layer) too long");
 
     result = new byte[bufferLength];
     try
@@ -423,37 +362,32 @@ public class SaslInputStream extends InputStream
       }
     catch (IOException x)
       {
-        if (DEBUG && debuglevel > 0)
-          debug(ERROR, x);
+        if (Configuration.DEBUG)
+          log.throwing(this.getClass().getName(), "readSaslBuffer", x);
         throw x;
       }
-
     if (realLength != bufferLength)
-      throw new IOException("Was expecting " + String.valueOf(bufferLength)
-                            + " but found " + String.valueOf(realLength));
-    if (DEBUG && debuglevel > 6)
-      debug(TRACE, "Incoming buffer (before security) (hex): "
-                   + Util.dumpString(result));
-    if (DEBUG && debuglevel > 6)
-      debug(TRACE, "Incoming buffer (before security) (str): \""
-                   + new String(result) + "\"");
-
-    if (client != null)
+      throw new IOException("Was expecting " + bufferLength + " but found "
+                            + realLength);
+    if (Configuration.DEBUG)
       {
-        result = client.unwrap(result, 0, realLength);
+        log.finer("Incoming buffer (before security) (hex): "
+                  + Util.dumpString(result));
+        log.finer("Incoming buffer (before security) (str): \""
+                  + new String(result) + "\"");
       }
+    if (client != null)
+      result = client.unwrap(result, 0, realLength);
     else
+      result = server.unwrap(result, 0, realLength);
+    if (Configuration.DEBUG)
       {
-        result = server.unwrap(result, 0, realLength);
+        log.finer("Incoming buffer (after security) (hex): "
+                  + Util.dumpString(result));
+        log.finer("Incoming buffer (after security) (str): \""
+                  + new String(result) + "\"");
+        log.exiting(this.getClass().getName(), "readSaslBuffer");
       }
-    if (DEBUG && debuglevel > 6)
-      debug(TRACE, "Incoming buffer (after security) (hex): "
-                   + Util.dumpString(result));
-    if (DEBUG && debuglevel > 6)
-      debug(TRACE, "Incoming buffer (after security) (str): \""
-                   + new String(result) + "\"");
-    if (DEBUG && debuglevel > 8)
-      debug(TRACE, "<== readSaslBuffer()");
     return result;
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/SaslOutputStream.java b/libjava/classpath/gnu/javax/crypto/sasl/SaslOutputStream.java
index 6997201377a..d21f1f37ae2 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/SaslOutputStream.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/SaslOutputStream.java
@@ -38,11 +38,12 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.sasl;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.util.Util;
 
-import java.io.OutputStream;
 import java.io.IOException;
-import java.io.PrintWriter;
+import java.io.OutputStream;
+import java.util.logging.Logger;
 
 import javax.security.sasl.Sasl;
 import javax.security.sasl.SaslClient;
@@ -52,51 +53,23 @@ import javax.security.sasl.SaslServer;
  * An output stream that uses either a {@link SaslClient} or a {@link SaslServer}
  * to process the data through these entities' security layer filter(s).
  */
-public class SaslOutputStream extends OutputStream
+public class SaslOutputStream
+    extends OutputStream
 {
-
-  // Debugging methods and variables
-  // -------------------------------------------------------------------------
-
-  private static final String NAME = "SaslOutputStream";
-
-  //   private static final String ERROR = "ERROR";
-  //   private static final String WARN =  " WARN";
-  //   private static final String INFO =  " INFO";
-  private static final String TRACE = "DEBUG";
-
-  private static final boolean DEBUG = true;
-
-  private static final int debuglevel = 3;
-
-  private static final PrintWriter err = new PrintWriter(System.out, true);
-
-  private static void debug(String level, Object obj)
-  {
-    err.println("[" + level + "] " + NAME + ": " + String.valueOf(obj));
-  }
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
+  private static final Logger log = Logger.getLogger(SaslOutputStream.class.getName());
   private SaslClient client;
-
   private SaslServer server;
-
   private int maxRawSendSize;
-
   private OutputStream dest;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public SaslOutputStream(SaslClient client, OutputStream dest)
       throws IOException
   {
     super();
 
     this.client = client;
-    maxRawSendSize = Integer.parseInt((String) client.getNegotiatedProperty(Sasl.RAW_SEND_SIZE));
+    String size = (String) client.getNegotiatedProperty(Sasl.RAW_SEND_SIZE);
+    maxRawSendSize = Integer.parseInt(size);
     server = null;
     this.dest = dest;
   }
@@ -107,17 +80,12 @@ public class SaslOutputStream extends OutputStream
     super();
 
     this.server = server;
-    maxRawSendSize = Integer.parseInt((String) server.getNegotiatedProperty(Sasl.RAW_SEND_SIZE));
+    String size = (String) server.getNegotiatedProperty(Sasl.RAW_SEND_SIZE);
+    maxRawSendSize = Integer.parseInt(size);
     client = null;
     this.dest = dest;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Overloaded java.io.OutputStream methods
-  // -------------------------------------------------------------------------
-
   public void close() throws IOException
   {
     dest.flush();
@@ -148,71 +116,60 @@ public class SaslOutputStream extends OutputStream
    */
   public void write(byte[] b, int off, int len) throws IOException
   {
-    if (b == null)
-      {
-        throw new NullPointerException("b");
-      }
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "write");
     if ((off < 0) || (off > b.length) || (len < 0) || ((off + len) > b.length)
         || ((off + len) < 0))
-      {
-        throw new IndexOutOfBoundsException("off=" + String.valueOf(off)
-                                            + ", len=" + String.valueOf(len)
-                                            + ", b.length="
-                                            + String.valueOf(b.length));
-      }
+      throw new IndexOutOfBoundsException("off=" + off + ", len=" + len
+                                          + ", b.length=" + b.length);
     if (len == 0)
       {
+        if (Configuration.DEBUG)
+          log.exiting(this.getClass().getName(), "write");
         return;
       }
-    if (DEBUG && debuglevel > 8)
-      debug(TRACE, "==> write()");
-
     int chunckSize, length, chunck = 1;
     byte[] output = null, result;
-    if (DEBUG && debuglevel > 6)
-      debug(TRACE, "About to wrap " + String.valueOf(len) + " byte(s)...");
+    if (Configuration.DEBUG)
+      log.finer("About to wrap " + len + " byte(s)...");
     while (len > 0)
       {
         chunckSize = (len > maxRawSendSize ? maxRawSendSize : len);
-
-        if (DEBUG && debuglevel > 6)
-          debug(TRACE, "Outgoing buffer (before security) (hex): "
-                       + Util.dumpString(b, off, chunckSize));
-        if (DEBUG && debuglevel > 6)
-          debug(TRACE, "Outgoing buffer (before security) (str): \""
-                       + new String(b, off, chunckSize) + "\"");
-
+        if (Configuration.DEBUG)
+          {
+            log.finer("Outgoing buffer (before security) (hex): "
+                      + Util.dumpString(b, off, chunckSize));
+            log.finer("Outgoing buffer (before security) (str): \""
+                      + new String(b, off, chunckSize) + "\"");
+          }
         if (client != null)
           output = client.wrap(b, off, chunckSize);
         else
           output = server.wrap(b, off, chunckSize);
 
-        if (DEBUG && debuglevel > 6)
-          debug(TRACE, "Outgoing buffer (after security) (hex): "
-                       + Util.dumpString(output));
-        if (DEBUG && debuglevel > 6)
-          debug(TRACE, "Outgoing buffer (after security) (str): \""
-                       + new String(output) + "\"");
-
+        if (Configuration.DEBUG)
+          {
+            log.finer("Outgoing buffer (after security) (hex): "
+                      + Util.dumpString(output));
+            log.finer("Outgoing buffer (after security) (str): \""
+                      + new String(output) + "\"");
+          }
         length = output.length;
         result = new byte[length + 4];
-        result[0] = (byte) (length >>> 24);
-        result[1] = (byte) (length >>> 16);
-        result[2] = (byte) (length >>> 8);
+        result[0] = (byte)(length >>> 24);
+        result[1] = (byte)(length >>> 16);
+        result[2] = (byte)(length >>> 8);
         result[3] = (byte) length;
         System.arraycopy(output, 0, result, 4, length);
-
         dest.write(result);
-
         off += chunckSize;
         len -= chunckSize;
-        if (DEBUG && debuglevel > 6)
-          debug(TRACE, "Wrapped chunck #" + String.valueOf(chunck));
+        if (Configuration.DEBUG)
+          log.finer("Wrapped chunck #" + chunck);
         chunck++;
       }
-
     dest.flush();
-    if (DEBUG && debuglevel > 8)
-      debug(TRACE, "<== write()");
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "write");
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/SaslUtil.java b/libjava/classpath/gnu/javax/crypto/sasl/SaslUtil.java
index e70312c0d4d..4b0b697fe79 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/SaslUtil.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/SaslUtil.java
@@ -40,7 +40,6 @@ package gnu.javax.crypto.sasl;
 
 import gnu.java.security.util.Util;
 
-import java.math.BigInteger;
 import java.security.MessageDigest;
 
 /**
@@ -48,30 +47,17 @@ import java.security.MessageDigest;
  */
 public class SaslUtil
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   private SaslUtil()
   {
     super();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   public static final boolean validEmailAddress(String address)
   {
     // need to do better than this
     return (address.indexOf("@") != -1);
   }
 
-  // Visualisation methods
-  // -------------------------------------------------------------------------
-
   /** Returns the context of the designated hash as a string. */
   public static final String dump(MessageDigest md)
   {
@@ -86,4 +72,4 @@ public class SaslUtil
       }
     return result;
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/ServerFactory.java b/libjava/classpath/gnu/javax/crypto/sasl/ServerFactory.java
index e9b08dbd49a..7aa37962845 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/ServerFactory.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/ServerFactory.java
@@ -62,53 +62,33 @@ import javax.security.sasl.SaslServerFactory;
 /**
  * The implementation of the {@link SaslServerFactory}.
  */
-public class ServerFactory implements SaslServerFactory
+public class ServerFactory
+    implements SaslServerFactory
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   // implicit 0-arguments constructor
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   public static final Set getNames()
   {
-    return Collections.unmodifiableSet(new HashSet(
-                                                   Arrays.asList(getNamesInternal(null))));
+    return Collections.unmodifiableSet(new HashSet(Arrays.asList(getNamesInternal(null))));
   }
 
   private static final String[] getNamesInternal(Map props)
   {
-    String[] all = new String[] { Registry.SASL_SRP_MECHANISM,
-                                 Registry.SASL_CRAM_MD5_MECHANISM,
-                                 Registry.SASL_PLAIN_MECHANISM,
-                                 Registry.SASL_ANONYMOUS_MECHANISM };
-
+    String[] all = new String[] {
+        Registry.SASL_SRP_MECHANISM,
+        Registry.SASL_CRAM_MD5_MECHANISM,
+        Registry.SASL_PLAIN_MECHANISM,
+        Registry.SASL_ANONYMOUS_MECHANISM };
     List result = new ArrayList(4);
     int i;
     for (i = 0; i < all.length;)
-      {
-        result.add(all[i++]);
-      }
-
+      result.add(all[i++]);
     if (props == null)
-      {
-        return (String[]) result.toArray(new String[0]); // all
-      }
-    if (hasPolicy(Sasl.POLICY_PASS_CREDENTIALS, props))
-      { // none
-        return new String[0];
-      }
-
+      return (String[]) result.toArray(new String[0]); // all
+    if (hasPolicy(Sasl.POLICY_PASS_CREDENTIALS, props)) // none
+      return new String[0];
     if (hasPolicy(Sasl.POLICY_NOPLAINTEXT, props))
-      {
-        result.remove(Registry.SASL_PLAIN_MECHANISM);
-      }
+      result.remove(Registry.SASL_PLAIN_MECHANISM);
     if (hasPolicy(Sasl.POLICY_NOACTIVE, props))
       {
         result.remove(Registry.SASL_CRAM_MD5_MECHANISM);
@@ -135,32 +115,19 @@ public class ServerFactory implements SaslServerFactory
   public static final ServerMechanism getInstance(String mechanism)
   {
     if (mechanism == null)
-      {
-        return null;
-      }
+      return null;
     mechanism = mechanism.trim().toUpperCase();
     if (mechanism.equals(Registry.SASL_SRP_MECHANISM))
-      {
-        return new SRPServer();
-      }
+      return new SRPServer();
     if (mechanism.equals(Registry.SASL_CRAM_MD5_MECHANISM))
-      {
-        return new CramMD5Server();
-      }
+      return new CramMD5Server();
     if (mechanism.equals(Registry.SASL_PLAIN_MECHANISM))
-      {
-        return new PlainServer();
-      }
+      return new PlainServer();
     if (mechanism.equals(Registry.SASL_ANONYMOUS_MECHANISM))
-      {
-        return new AnonymousServer();
-      }
+      return new AnonymousServer();
     return null;
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   public SaslServer createSaslServer(String mechanism, String protocol,
                                      String serverName, Map props,
                                      CallbackHandler cbh) throws SaslException
@@ -170,13 +137,10 @@ public class ServerFactory implements SaslServerFactory
       {
         HashMap attributes = new HashMap();
         if (props != null)
-          {
-            attributes.putAll(props);
-          }
+          attributes.putAll(props);
         attributes.put(Registry.SASL_PROTOCOL, protocol);
         attributes.put(Registry.SASL_SERVER_NAME, serverName);
         attributes.put(Registry.SASL_CALLBACK_HANDLER, cbh);
-
         result.init(attributes);
       }
     return result;
@@ -191,4 +155,4 @@ public class ServerFactory implements SaslServerFactory
   {
     return "true".equalsIgnoreCase(String.valueOf(props.get(propertyName)));
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/ServerMechanism.java b/libjava/classpath/gnu/javax/crypto/sasl/ServerMechanism.java
index f12a075d949..75603a14aec 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/ServerMechanism.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/ServerMechanism.java
@@ -45,51 +45,36 @@ import java.util.Map;
 
 import javax.security.auth.callback.CallbackHandler;
 import javax.security.sasl.Sasl;
-import javax.security.sasl.SaslServer;
 import javax.security.sasl.SaslException;
+import javax.security.sasl.SaslServer;
 
 /**
- * <p>A base class to facilitate implementing SASL server-side mechanisms.</p>
+ * A base class to facilitate implementing SASL server-side mechanisms.
  */
-public abstract class ServerMechanism implements SaslServer
+public abstract class ServerMechanism
+    implements SaslServer
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** Name of this mechanism. */
   protected String mechanism;
-
   /** Name of protocol using this mechanism. */
   protected String protocol;
-
   /** Name of server to authenticate to. */
   protected String serverName;
-
   /** Properties of qualities desired for this mechanism. */
   protected Map properties;
-
   /** Callback handler to use with this mechanism instance. */
   protected CallbackHandler handler;
-
   /** Whether authentication phase is completed (true) or not (false). */
   protected boolean complete = false;
-
   /** The authorisation identity. */
   protected String authorizationID;
-
   /** Channel binding data to use with this mechanism instance. */
   protected byte[] channelBinding;
-
   /** The state of the authentication automaton. -1 means uninitialised. */
   protected int state = -1;
-
   /** The provider for authentication information. */
   protected IAuthInfoProvider authenticator;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   protected ServerMechanism(final String mechanism)
   {
     super();
@@ -99,20 +84,10 @@ public abstract class ServerMechanism implements SaslServer
     this.state = -1;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // abstract methods to be implemented by concrete subclasses ---------------
-
   protected abstract void initMechanism() throws SaslException;
 
   protected abstract void resetMechanism() throws SaslException;
 
-  // javax.security.sasl.SaslServer interface implementation -----------------
-
   public abstract byte[] evaluateResponse(byte[] response) throws SaslException;
 
   public boolean isComplete()
@@ -123,20 +98,16 @@ public abstract class ServerMechanism implements SaslServer
   public byte[] unwrap(final byte[] incoming, final int offset, final int len)
       throws SaslException
   {
-    if (!isComplete())
-      {
-        throw new IllegalMechanismStateException();
-      }
+    if (! isComplete())
+      throw new IllegalMechanismStateException();
     return this.engineUnwrap(incoming, offset, len);
   }
 
   public byte[] wrap(final byte[] outgoing, final int offset, final int len)
       throws SaslException
   {
-    if (!isComplete())
-      {
-        throw new IllegalMechanismStateException();
-      }
+    if (! isComplete())
+      throw new IllegalMechanismStateException();
     return this.engineWrap(outgoing, offset, len);
   }
 
@@ -152,58 +123,32 @@ public abstract class ServerMechanism implements SaslServer
 
   public Object getNegotiatedProperty(final String propName)
   {
-    if (!isComplete())
-      {
-        throw new IllegalStateException();
-      }
+    if (! isComplete())
+      throw new IllegalStateException();
     if (Sasl.QOP.equals(propName))
-      {
-        return getNegotiatedQOP();
-      }
+      return getNegotiatedQOP();
     if (Sasl.STRENGTH.equals(propName))
-      {
-        return getNegotiatedStrength();
-      }
+      return getNegotiatedStrength();
     if (Sasl.SERVER_AUTH.equals(propName))
-      {
-        return getNegotiatedServerAuth();
-      }
+      return getNegotiatedServerAuth();
     if (Sasl.MAX_BUFFER.equals(propName))
-      {
-        return getNegotiatedMaxBuffer();
-      }
+      return getNegotiatedMaxBuffer();
     if (Sasl.RAW_SEND_SIZE.equals(propName))
-      {
-        return getNegotiatedRawSendSize();
-      }
+      return getNegotiatedRawSendSize();
     if (Sasl.POLICY_NOPLAINTEXT.equals(propName))
-      {
-        return getNegotiatedPolicyNoPlainText();
-      }
+      return getNegotiatedPolicyNoPlainText();
     if (Sasl.POLICY_NOACTIVE.equals(propName))
-      {
-        return getNegotiatedPolicyNoActive();
-      }
+      return getNegotiatedPolicyNoActive();
     if (Sasl.POLICY_NODICTIONARY.equals(propName))
-      {
-        return getNegotiatedPolicyNoDictionary();
-      }
+      return getNegotiatedPolicyNoDictionary();
     if (Sasl.POLICY_NOANONYMOUS.equals(propName))
-      {
-        return getNegotiatedPolicyNoAnonymous();
-      }
+      return getNegotiatedPolicyNoAnonymous();
     if (Sasl.POLICY_FORWARD_SECRECY.equals(propName))
-      {
-        return getNegotiatedPolicyForwardSecrecy();
-      }
+      return getNegotiatedPolicyForwardSecrecy();
     if (Sasl.POLICY_PASS_CREDENTIALS.equals(propName))
-      {
-        return getNegotiatedPolicyPassCredentials();
-      }
+      return getNegotiatedPolicyPassCredentials();
     if (Sasl.REUSE.equals(propName))
-      {
-        return getReuse();
-      }
+      return getReuse();
     return null;
   }
 
@@ -212,8 +157,6 @@ public abstract class ServerMechanism implements SaslServer
     reset();
   }
 
-  // other Instance methods --------------------------------------------------
-
   protected String getNegotiatedQOP()
   {
     return Registry.QOP_AUTH;
@@ -291,30 +234,23 @@ public abstract class ServerMechanism implements SaslServer
   }
 
   /**
-   * <p>Initialises the mechanism with designated attributes. Permissible names
-   * and values are mechanism specific.</p>
-   *
+   * Initialises the mechanism with designated attributes. Permissible names and
+   * values are mechanism specific.
+   * 
    * @param attributes a set of name-value pairs that describes the desired
-   * future behaviour of this instance.
+   *          future behaviour of this instance.
    * @throws IllegalMechanismStateException if the instance is already
-   * initialised.
+   *           initialised.
    * @throws SaslException if an exception occurs during the process.
    */
   public void init(final Map attributes) throws SaslException
   {
     if (state != -1)
-      {
-        throw new IllegalMechanismStateException("init()");
-      }
-
+      throw new IllegalMechanismStateException("init()");
     if (properties == null)
-      {
-        properties = new HashMap();
-      }
+      properties = new HashMap();
     else
-      {
-        properties.clear();
-      }
+      properties.clear();
     if (attributes != null)
       {
         protocol = (String) attributes.get(Registry.SASL_PROTOCOL);
@@ -324,35 +260,24 @@ public abstract class ServerMechanism implements SaslServer
         properties.putAll(attributes);
       }
     else
-      {
-        handler = null;
-      }
-
+      handler = null;
     if (protocol == null)
-      {
-        protocol = "";
-      }
+      protocol = "";
     if (serverName == null)
-      {
-        serverName = "";
-      }
+      serverName = "";
     if (authenticator != null)
-      {
-        authenticator.activate(properties);
-      }
+      authenticator.activate(properties);
     if (channelBinding == null)
-      {
-        channelBinding = new byte[0];
-      }
+      channelBinding = new byte[0];
     initMechanism();
     complete = false;
     state = 0;
   }
 
   /**
-   * <p>Resets the mechanism instance for re-initialisation and use with other
-   * characteristics.</p>
-   *
+   * Resets the mechanism instance for re-initialisation and use with other
+   * characteristics.
+   * 
    * @throws SaslException if an exception occurs during the process.
    */
   public void reset() throws SaslException
@@ -360,12 +285,10 @@ public abstract class ServerMechanism implements SaslServer
     resetMechanism();
     properties.clear();
     if (authenticator != null)
-      {
-        authenticator.passivate();
-      }
+      authenticator.passivate();
     protocol = serverName = null;
     channelBinding = null;
     complete = false;
     state = -1;
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/UserAlreadyExistsException.java b/libjava/classpath/gnu/javax/crypto/sasl/UserAlreadyExistsException.java
index 764a36df30e..1563be9173d 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/UserAlreadyExistsException.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/UserAlreadyExistsException.java
@@ -44,9 +44,9 @@ import javax.security.sasl.SaslException;
  * A checked exception thrown to indicate that a designated user is already
  * known to the the authentication layer.
  */
-public class UserAlreadyExistsException extends SaslException
+public class UserAlreadyExistsException
+    extends SaslException
 {
-
   /**
    * Constructs a <code>UserAlreadyExistsException</code> with no detail
    * message.
@@ -60,7 +60,7 @@ public class UserAlreadyExistsException extends SaslException
    * Constructs a <code>UserAlreadyExistsException</code> with the specified
    * detail message. In the case of this exception, the detail message
    * designates the offending username.
-   *
+   * 
    * @param userName the detail message, which in this case is the username.
    */
   public UserAlreadyExistsException(String userName)
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/anonymous/AnonymousClient.java b/libjava/classpath/gnu/javax/crypto/sasl/anonymous/AnonymousClient.java
index f5b1faab299..87f5e5fb54e 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/anonymous/AnonymousClient.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/anonymous/AnonymousClient.java
@@ -44,35 +44,22 @@ import gnu.javax.crypto.sasl.IllegalMechanismStateException;
 
 import java.io.UnsupportedEncodingException;
 
+import javax.security.sasl.AuthenticationException;
 import javax.security.sasl.SaslClient;
 import javax.security.sasl.SaslException;
-import javax.security.sasl.AuthenticationException;
 
 /**
- * <p>The ANONYMOUS client-side mechanism.</p>
+ * The ANONYMOUS client-side mechanism.
  */
-public class AnonymousClient extends ClientMechanism implements SaslClient
+public class AnonymousClient
+    extends ClientMechanism
+    implements SaslClient
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public AnonymousClient()
   {
     super(Registry.SASL_ANONYMOUS_MECHANISM);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // abstract methods implementation -----------------------------------------
-
   protected void initMechanism() throws SaslException
   {
   }
@@ -81,8 +68,6 @@ public class AnonymousClient extends ClientMechanism implements SaslClient
   {
   }
 
-  // javax.security.sasl.SaslClient interface implementation -----------------
-
   public boolean hasInitialResponse()
   {
     return true;
@@ -99,13 +84,10 @@ public class AnonymousClient extends ClientMechanism implements SaslClient
 
   private byte[] response() throws SaslException
   {
-    if (!AnonymousUtil.isValidTraceInformation(authorizationID))
-      {
-        throw new AuthenticationException(
-                                          "Authorisation ID is not a valid email address");
-      }
+    if (! AnonymousUtil.isValidTraceInformation(authorizationID))
+      throw new AuthenticationException(
+          "Authorisation ID is not a valid email address");
     complete = true;
-    //      return authorizationID.getBytes();
     final byte[] result;
     try
       {
@@ -117,4 +99,4 @@ public class AnonymousClient extends ClientMechanism implements SaslClient
       }
     return result;
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/anonymous/AnonymousServer.java b/libjava/classpath/gnu/javax/crypto/sasl/anonymous/AnonymousServer.java
index 2c10f78a78b..76456044c8f 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/anonymous/AnonymousServer.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/anonymous/AnonymousServer.java
@@ -50,28 +50,15 @@ import javax.security.sasl.SaslServer;
 /**
  * The ANONYMOUS server-side mechanism.
  */
-public class AnonymousServer extends ServerMechanism implements SaslServer
+public class AnonymousServer
+    extends ServerMechanism
+    implements SaslServer
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public AnonymousServer()
   {
     super(Registry.SASL_ANONYMOUS_MECHANISM);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // abstract methods implementation -----------------------------------------
-
   protected void initMechanism() throws SaslException
   {
   }
@@ -80,14 +67,10 @@ public class AnonymousServer extends ServerMechanism implements SaslServer
   {
   }
 
-  // javax.security.sasl.SaslServer interface implementation -----------------
-
   public byte[] evaluateResponse(final byte[] response) throws SaslException
   {
     if (response == null)
-      {
-        return null;
-      }
+      return null;
     try
       {
         authorizationID = new String(response, "UTF-8");
@@ -104,4 +87,4 @@ public class AnonymousServer extends ServerMechanism implements SaslServer
     authorizationID = null;
     throw new AuthenticationException("Invalid email address");
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/anonymous/AnonymousUtil.java b/libjava/classpath/gnu/javax/crypto/sasl/anonymous/AnonymousUtil.java
index 99e95eaeca0..9047ebd5c6e 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/anonymous/AnonymousUtil.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/anonymous/AnonymousUtil.java
@@ -45,65 +45,39 @@ import gnu.javax.crypto.sasl.SaslUtil;
  */
 public class AnonymousUtil
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Trivial private constructor to enforce Singleton pattern. */
   private AnonymousUtil()
   {
     super();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   static boolean isValidTraceInformation(String traceInformation)
   {
     if (traceInformation == null)
-      {
-        return false;
-      }
+      return false;
     if (traceInformation.length() == 0)
-      {
-        return true;
-      }
+      return true;
     if (SaslUtil.validEmailAddress(traceInformation))
-      {
-        return true;
-      }
+      return true;
     return isValidToken(traceInformation);
   }
 
   static boolean isValidToken(String token)
   {
     if (token == null)
-      {
-        return false;
-      }
+      return false;
     if (token.length() == 0)
-      {
-        return false;
-      }
+      return false;
     if (token.length() > 255)
-      {
-        return false;
-      }
+      return false;
     if (token.indexOf('@') != -1)
-      {
-        return false;
-      }
+      return false;
     for (int i = 0; i < token.length(); i++)
       {
         char c = token.charAt(i);
         if (c < 0x20 || c > 0x7E)
-          {
-            return false;
-          }
+          return false;
       }
     return true;
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5AuthInfoProvider.java b/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5AuthInfoProvider.java
index cf73b6f982f..dec0366c04c 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5AuthInfoProvider.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5AuthInfoProvider.java
@@ -51,44 +51,26 @@ import javax.security.sasl.AuthenticationException;
 /**
  * The CRAM-MD5 mechanism authentication information provider implementation.
  */
-public class CramMD5AuthInfoProvider implements IAuthInfoProvider
+public class CramMD5AuthInfoProvider
+    implements IAuthInfoProvider
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   private PasswordFile passwordFile = null;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   // implicit 0-args constrcutor
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // IAuthInfoProvider interface implementation
-  // -------------------------------------------------------------------------
-
   public void activate(Map context) throws AuthenticationException
   {
     try
       {
         if (context == null)
-          {
-            passwordFile = new PasswordFile();
-          }
+          passwordFile = new PasswordFile();
         else
           {
             String pfn = (String) context.get(CramMD5Registry.PASSWORD_FILE);
             if (pfn == null)
-              {
-                passwordFile = new PasswordFile();
-              }
+              passwordFile = new PasswordFile();
             else
-              {
-                passwordFile = new PasswordFile(pfn);
-              }
+              passwordFile = new PasswordFile(pfn);
           }
       }
     catch (IOException x)
@@ -105,10 +87,8 @@ public class CramMD5AuthInfoProvider implements IAuthInfoProvider
   public boolean contains(String userName) throws AuthenticationException
   {
     if (passwordFile == null)
-      {
-        throw new AuthenticationException("contains()",
-                                          new IllegalStateException());
-      }
+      throw new AuthenticationException("contains()",
+                                        new IllegalStateException());
     boolean result = false;
     try
       {
@@ -124,18 +104,13 @@ public class CramMD5AuthInfoProvider implements IAuthInfoProvider
   public Map lookup(Map userID) throws AuthenticationException
   {
     if (passwordFile == null)
-      {
-        throw new AuthenticationException("lookup()",
-                                          new IllegalStateException());
-      }
+      throw new AuthenticationException("lookup()", new IllegalStateException());
     Map result = new HashMap();
     try
       {
         String userName = (String) userID.get(Registry.SASL_USERNAME);
         if (userName == null)
-          {
-            throw new NoSuchUserException("");
-          }
+          throw new NoSuchUserException("");
         String[] data = passwordFile.lookup(userName);
         result.put(Registry.SASL_USERNAME, data[0]);
         result.put(Registry.SASL_PASSWORD, data[1]);
@@ -148,9 +123,7 @@ public class CramMD5AuthInfoProvider implements IAuthInfoProvider
     catch (Exception x)
       {
         if (x instanceof AuthenticationException)
-          {
-            throw (AuthenticationException) x;
-          }
+          throw (AuthenticationException) x;
         throw new AuthenticationException("lookup()", x);
       }
     return result;
@@ -159,10 +132,7 @@ public class CramMD5AuthInfoProvider implements IAuthInfoProvider
   public void update(Map userCredentials) throws AuthenticationException
   {
     if (passwordFile == null)
-      {
-        throw new AuthenticationException("update()",
-                                          new IllegalStateException());
-      }
+      throw new AuthenticationException("update()", new IllegalStateException());
     try
       {
         String userName = (String) userCredentials.get(Registry.SASL_USERNAME);
@@ -174,9 +144,7 @@ public class CramMD5AuthInfoProvider implements IAuthInfoProvider
         String shell = (String) userCredentials.get(CramMD5Registry.SHELL_FIELD);
         if (uid == null || gid == null || gecos == null || dir == null
             || shell == null)
-          {
-            passwordFile.changePasswd(userName, password);
-          }
+          passwordFile.changePasswd(userName, password);
         else
           {
             String[] attributes = new String[] { uid, gid, gecos, dir, shell };
@@ -186,9 +154,7 @@ public class CramMD5AuthInfoProvider implements IAuthInfoProvider
     catch (Exception x)
       {
         if (x instanceof AuthenticationException)
-          {
-            throw (AuthenticationException) x;
-          }
+          throw (AuthenticationException) x;
         throw new AuthenticationException("update()", x);
       }
   }
@@ -197,4 +163,4 @@ public class CramMD5AuthInfoProvider implements IAuthInfoProvider
   {
     throw new AuthenticationException("", new UnsupportedOperationException());
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5Client.java b/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5Client.java
index 094109ff9aa..c90cbe986a4 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5Client.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5Client.java
@@ -56,25 +56,15 @@ import javax.security.sasl.SaslException;
 /**
  * The CRAM-MD5 SASL client-side mechanism.
  */
-public class CramMD5Client extends ClientMechanism implements SaslClient
+public class CramMD5Client
+    extends ClientMechanism
+    implements SaslClient
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public CramMD5Client()
   {
     super(Registry.SASL_CRAM_MD5_MECHANISM);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // abstract methods implementation -----------------------------------------
-
   protected void initMechanism() throws SaslException
   {
   }
@@ -83,8 +73,6 @@ public class CramMD5Client extends ClientMechanism implements SaslClient
   {
   }
 
-  // javax.security.sasl.SaslClient interface implementation -----------------
-
   public boolean hasInitialResponse()
   {
     return false;
@@ -93,30 +81,22 @@ public class CramMD5Client extends ClientMechanism implements SaslClient
   public byte[] evaluateChallenge(final byte[] challenge) throws SaslException
   {
     if (challenge == null)
-      {
-        throw new SaslException("null challenge");
-      }
+      throw new SaslException("null challenge");
     try
       {
         final String username;
         final char[] password;
         Callback[] callbacks;
-
-        if ((!properties.containsKey(Registry.SASL_USERNAME))
-            && (!properties.containsKey(Registry.SASL_PASSWORD)))
+        if ((! properties.containsKey(Registry.SASL_USERNAME))
+            && (! properties.containsKey(Registry.SASL_PASSWORD)))
           {
             callbacks = new Callback[2];
-
             final NameCallback nameCB;
             final String defaultName = System.getProperty("user.name");
             if (defaultName == null)
-              {
-                nameCB = new NameCallback("username: ");
-              }
+              nameCB = new NameCallback("username: ");
             else
-              {
-                nameCB = new NameCallback("username: ", defaultName);
-              }
+              nameCB = new NameCallback("username: ", defaultName);
             final PasswordCallback pwdCB = new PasswordCallback("password: ",
                                                                 false);
             callbacks[0] = nameCB;
@@ -128,47 +108,35 @@ public class CramMD5Client extends ClientMechanism implements SaslClient
         else
           {
             if (properties.containsKey(Registry.SASL_USERNAME))
-              {
-                username = (String) properties.get(Registry.SASL_USERNAME);
-              }
+              username = (String) properties.get(Registry.SASL_USERNAME);
             else
               {
                 callbacks = new Callback[1];
                 final NameCallback nameCB;
                 final String defaultName = System.getProperty("user.name");
                 if (defaultName == null)
-                  {
-                    nameCB = new NameCallback("username: ");
-                  }
+                  nameCB = new NameCallback("username: ");
                 else
-                  {
-                    nameCB = new NameCallback("username: ", defaultName);
-                  }
+                  nameCB = new NameCallback("username: ", defaultName);
                 callbacks[0] = nameCB;
                 this.handler.handle(callbacks);
                 username = nameCB.getName();
               }
 
             if (properties.containsKey(Registry.SASL_PASSWORD))
-              {
-                password = ((String) properties.get(Registry.SASL_PASSWORD)).toCharArray();
-              }
+              password = ((String) properties.get(Registry.SASL_PASSWORD)).toCharArray();
             else
               {
                 callbacks = new Callback[1];
-                final PasswordCallback pwdCB = new PasswordCallback(
-                                                                    "password: ",
+                final PasswordCallback pwdCB = new PasswordCallback("password: ",
                                                                     false);
                 callbacks[0] = pwdCB;
                 this.handler.handle(callbacks);
                 password = pwdCB.getPassword();
               }
           }
-
         if (password == null)
-          {
-            throw new SaslException("null password supplied");
-          }
+          throw new SaslException("null password supplied");
         final byte[] digest;
         try
           {
@@ -181,7 +149,6 @@ public class CramMD5Client extends ClientMechanism implements SaslClient
         final String response = username + " "
                                 + Util.toString(digest).toLowerCase();
         this.complete = true;
-
         return response.getBytes("UTF-8");
       }
     catch (UnsupportedCallbackException x)
@@ -198,4 +165,4 @@ public class CramMD5Client extends ClientMechanism implements SaslClient
   {
     return Registry.QOP_AUTH;
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5Registry.java b/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5Registry.java
index 1c61cace491..bbd46a3f281 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5Registry.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5Registry.java
@@ -45,22 +45,16 @@ public interface CramMD5Registry
 {
   /** Name of the password file (used by the server) property. */
   String PASSWORD_FILE = "gnu.crypto.sasl.crammd5.password.file";
-
   /** Default password file (used by the server) pathname. */
   String DEFAULT_PASSWORD_FILE = "/etc/passwd";
-
   /** Name of the UID field in the plain password file. */
   String UID_FIELD = "crammd5.uid";
-
   /** Name of the GID field in the plain password file. */
   String GID_FIELD = "crammd5.gid";
-
   /** Name of the GECOS field in the plain password file. */
   String GECOS_FIELD = "crammd5.gecos";
-
   /** Name of the DIR field in the plain password file. */
   String DIR_FIELD = "crammd5.dir";
-
   /** Name of the SHELL field in the plain password file. */
   String SHELL_FIELD = "crammd5.shell";
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5Server.java b/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5Server.java
index d6622b6db4e..9be03414b66 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5Server.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5Server.java
@@ -55,29 +55,19 @@ import javax.security.sasl.SaslException;
 import javax.security.sasl.SaslServer;
 
 /**
- * <p>The CRAM-MD5 SASL server-side mechanism.</p>
+ * The CRAM-MD5 SASL server-side mechanism.
  */
-public class CramMD5Server extends ServerMechanism implements SaslServer
+public class CramMD5Server
+    extends ServerMechanism
+    implements SaslServer
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   private byte[] msgID;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public CramMD5Server()
   {
     super(Registry.SASL_CRAM_MD5_MECHANISM);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // abstract methods implementation -----------------------------------------
-
   protected void initMechanism() throws SaslException
   {
   }
@@ -86,8 +76,6 @@ public class CramMD5Server extends ServerMechanism implements SaslServer
   {
   }
 
-  // javax.security.sasl.SaslServer interface implementation -----------------
-
   public byte[] evaluateResponse(final byte[] response) throws SaslException
   {
     if (state == 0)
@@ -96,7 +84,6 @@ public class CramMD5Server extends ServerMechanism implements SaslServer
         state++;
         return msgID;
       }
-
     final String responseStr = new String(response);
     final int index = responseStr.lastIndexOf(" ");
     final String username = responseStr.substring(0, index);
@@ -109,10 +96,8 @@ public class CramMD5Server extends ServerMechanism implements SaslServer
       {
         throw new AuthenticationException("evaluateResponse()", x);
       }
-
     // Look up the password
     final char[] password = lookupPassword(username);
-
     // Compute the digest
     byte[] digest;
     try
@@ -125,19 +110,15 @@ public class CramMD5Server extends ServerMechanism implements SaslServer
       }
     try
       {
-        //         digest = (new String(Util.toString(digest).toLowerCase())).getBytes("UTF-8");
         digest = Util.toString(digest).toLowerCase().getBytes("UTF-8");
       }
     catch (UnsupportedEncodingException x)
       {
         throw new AuthenticationException("evaluateResponse()", x);
       }
-
     // Compare the received and computed digests
-    if (!Arrays.equals(digest, responseDigest))
-      {
-        throw new AuthenticationException("Digest mismatch");
-      }
+    if (! Arrays.equals(digest, responseDigest))
+      throw new AuthenticationException("Digest mismatch");
     state++;
     return null;
   }
@@ -152,34 +133,26 @@ public class CramMD5Server extends ServerMechanism implements SaslServer
     return Registry.QOP_AUTH;
   }
 
-  // Other instance methods --------------------------------------------------
-
   private char[] lookupPassword(final String userName) throws SaslException
   {
     try
       {
-        if (!authenticator.contains(userName))
-          {
-            throw new NoSuchUserException(userName);
-          }
+        if (! authenticator.contains(userName))
+          throw new NoSuchUserException(userName);
         final Map userID = new HashMap();
         userID.put(Registry.SASL_USERNAME, userName);
         final Map credentials = authenticator.lookup(userID);
         final String password = (String) credentials.get(Registry.SASL_PASSWORD);
         if (password == null)
-          {
-            throw new AuthenticationException("lookupPassword()",
-                                              new InternalError());
-          }
+          throw new AuthenticationException("lookupPassword()",
+                                            new InternalError());
         return password.toCharArray();
       }
     catch (IOException x)
       {
         if (x instanceof SaslException)
-          {
-            throw (SaslException) x;
-          }
+          throw (SaslException) x;
         throw new AuthenticationException("lookupPassword()", x);
       }
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5Util.java b/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5Util.java
index 6e753934933..2145512215a 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5Util.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5Util.java
@@ -56,29 +56,17 @@ import javax.security.sasl.SaslException;
  */
 class CramMD5Util
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   private CramMD5Util()
   {
     super();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   static byte[] createMsgID() throws SaslException
   {
-    // <process-ID.clock@hostname>
     final String encoded;
     try
       {
-        encoded = Util.toBase64(Thread.currentThread().getName().getBytes(
-                                                                          "UTF-8"));
+        encoded = Util.toBase64(Thread.currentThread().getName().getBytes("UTF-8"));
       }
     catch (UnsupportedEncodingException x)
       {
@@ -92,20 +80,15 @@ class CramMD5Util
     catch (UnknownHostException ignored)
       {
       }
-
     final byte[] result;
     try
       {
-        result = new StringBuffer().append("<").append(
-                                                       encoded.substring(
-                                                                         0,
-                                                                         encoded.length())).append(
-                                                                                                   ".").append(
-                                                                                                               String.valueOf(System.currentTimeMillis())).append(
-                                                                                                                                                                  "@").append(
-                                                                                                                                                                              hostname).append(
-                                                                                                                                                                                               ">").toString().getBytes(
-                                                                                                                                                                                                                        "UTF-8");
+        result = new StringBuffer("<")
+            .append(encoded.substring(0,encoded.length()))
+            .append(".").append(String.valueOf(System.currentTimeMillis()))
+            .append("@").append(hostname).append(">")
+            .toString()
+            .getBytes("UTF-8");
       }
     catch (UnsupportedEncodingException x)
       {
@@ -134,4 +117,4 @@ class CramMD5Util
     mac.update(data, 0, data.length);
     return mac.digest();
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/crammd5/PasswordFile.java b/libjava/classpath/gnu/javax/crypto/sasl/crammd5/PasswordFile.java
index 081af461521..df952111660 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/crammd5/PasswordFile.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/crammd5/PasswordFile.java
@@ -59,26 +59,16 @@ import java.util.StringTokenizer;
  */
 public class PasswordFile
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   private static String DEFAULT_FILE;
   static
     {
       DEFAULT_FILE = System.getProperty(CramMD5Registry.PASSWORD_FILE,
                                         CramMD5Registry.DEFAULT_PASSWORD_FILE);
     }
-
   private HashMap entries;
-
   private File passwdFile;
-
   private long lastmod;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public PasswordFile() throws IOException
   {
     this(DEFAULT_FILE);
@@ -95,25 +85,14 @@ public class PasswordFile
     update();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   public synchronized void add(final String user, final String passwd,
                                final String[] attributes) throws IOException
   {
     checkCurrent(); // check if the entry exists
     if (entries.containsKey(user))
-      {
-        throw new UserAlreadyExistsException(user);
-      }
+      throw new UserAlreadyExistsException(user);
     if (attributes.length != 5)
-      {
-        throw new IllegalArgumentException("Wrong number of attributes");
-      }
-
+      throw new IllegalArgumentException("Wrong number of attributes");
     final String[] fields = new String[7]; // create the new entry
     fields[0] = user;
     fields[1] = passwd;
@@ -126,33 +105,26 @@ public class PasswordFile
       throws IOException
   {
     checkCurrent();
-    if (!entries.containsKey(user))
-      { // check if the entry exists
-        throw new NoSuchUserException(user);
-      }
-
-    final String[] fields = (String[]) entries.get(user); // get the existing entry
+    if (! entries.containsKey(user))
+      throw new NoSuchUserException(user);
+    final String[] fields = (String[]) entries.get(user); // get existing entry
     fields[1] = passwd; // modify the password field
     entries.remove(user); // delete the existing entry
     entries.put(user, fields); // add the new entry
-
     savePasswd();
   }
 
   public synchronized String[] lookup(final String user) throws IOException
   {
     checkCurrent();
-    if (!entries.containsKey(user))
-      {
-        throw new NoSuchUserException(user);
-      }
+    if (! entries.containsKey(user))
+      throw new NoSuchUserException(user);
     return (String[]) entries.get(user);
   }
 
   public synchronized boolean contains(final String s) throws IOException
   {
     checkCurrent();
-
     return entries.containsKey(s);
   }
 
@@ -165,9 +137,7 @@ public class PasswordFile
   private void checkCurrent() throws IOException
   {
     if (passwdFile.lastModified() > lastmod)
-      {
-        update();
-      }
+      update();
   }
 
   private synchronized void readPasswd(final InputStream in) throws IOException
@@ -183,68 +153,39 @@ public class PasswordFile
           {
             fields[0] = st.nextToken(); // username
             st.nextToken();
-
             fields[1] = st.nextToken(); // passwd
             if (fields[1].equals(":"))
-              {
-                fields[1] = "";
-              }
+              fields[1] = "";
             else
-              {
-                st.nextToken();
-              }
-
+              st.nextToken();
             fields[2] = st.nextToken(); // uid
             if (fields[2].equals(":"))
-              {
-                fields[2] = "";
-              }
+              fields[2] = "";
             else
-              {
-                st.nextToken();
-              }
-
+              st.nextToken();
             fields[3] = st.nextToken(); // gid
             if (fields[3].equals(":"))
-              {
-                fields[3] = "";
-              }
+              fields[3] = "";
             else
-              {
-                st.nextToken();
-              }
-
+              st.nextToken();
             fields[4] = st.nextToken(); // gecos
             if (fields[4].equals(":"))
-              {
-                fields[4] = "";
-              }
+              fields[4] = "";
             else
-              {
-                st.nextToken();
-              }
-
+              st.nextToken();
             fields[5] = st.nextToken(); // dir
             if (fields[5].equals(":"))
-              {
-                fields[5] = "";
-              }
+              fields[5] = "";
             else
-              {
-                st.nextToken();
-              }
-
+              st.nextToken();
             fields[6] = st.nextToken(); // shell
             if (fields[6].equals(":"))
-              {
-                fields[6] = "";
-              }
+              fields[6] = "";
           }
         catch (NoSuchElementException x)
           {
             continue;
           }
-
         entries.put(fields[0], fields);
       }
   }
@@ -268,25 +209,21 @@ public class PasswordFile
                 fields = (String[]) entries.get(key);
                 sb = new StringBuffer(fields[0]);
                 for (i = 1; i < fields.length; i++)
-                  {
-                    sb.append(":").append(fields[i]);
-                  }
+                  sb.append(":").append(fields[i]);
                 pw.println(sb.toString());
               }
           }
         finally
           {
             if (pw != null)
-              {
-                try
-                  {
-                    pw.flush();
-                  }
-                finally
-                  {
-                    pw.close();
-                  }
-              }
+              try
+                {
+                  pw.flush();
+                }
+              finally
+                {
+                  pw.close();
+                }
             try
               {
                 fos.close();
@@ -298,4 +235,4 @@ public class PasswordFile
           }
       }
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/plain/PasswordFile.java b/libjava/classpath/gnu/javax/crypto/sasl/plain/PasswordFile.java
index 4ef6b8541b1..b6fb3f87ead 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/plain/PasswordFile.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/plain/PasswordFile.java
@@ -38,8 +38,7 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.sasl.plain;
 
-import gnu.classpath.SystemProperties;
-
+import gnu.java.security.action.GetPropertyAction;
 import gnu.javax.crypto.sasl.NoSuchUserException;
 import gnu.javax.crypto.sasl.UserAlreadyExistsException;
 
@@ -47,41 +46,32 @@ import java.io.BufferedReader;
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.FileOutputStream;
+import java.io.IOException;
 import java.io.InputStream;
 import java.io.InputStreamReader;
-import java.io.IOException;
 import java.io.PrintWriter;
+import java.security.AccessController;
 import java.util.Enumeration;
 import java.util.Hashtable;
-import java.util.StringTokenizer;
 import java.util.NoSuchElementException;
+import java.util.StringTokenizer;
 
 /**
  * A representation of a Plain password file.
  */
 public class PasswordFile
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   private static String DEFAULT_FILE;
   static
     {
-      DEFAULT_FILE = SystemProperties.getProperty(PlainRegistry.PASSWORD_FILE,
-                                                  PlainRegistry.DEFAULT_PASSWORD_FILE);
+      DEFAULT_FILE = (String) AccessController.doPrivileged
+          (new GetPropertyAction(PlainRegistry.PASSWORD_FILE,
+          PlainRegistry.DEFAULT_PASSWORD_FILE));
     }
-
   private Hashtable entries;
-
   private File passwdFile;
-
-  //   private String[] last_params;
   private long lastmod;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public PasswordFile() throws IOException
   {
     this(DEFAULT_FILE);
@@ -98,31 +88,20 @@ public class PasswordFile
     update();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   public synchronized void add(String user, String passwd, String[] attributes)
       throws IOException
   {
     checkCurrent();
     if (entries.containsKey(user))
-      {
-        throw new UserAlreadyExistsException(user);
-      }
+      throw new UserAlreadyExistsException(user);
     if (attributes.length != 5)
-      {
-        throw new IllegalArgumentException("Wrong number of attributes");
-      }
+      throw new IllegalArgumentException("Wrong number of attributes");
     // create the new entry
     String[] fields = new String[7];
     fields[0] = user;
     fields[1] = passwd;
     System.arraycopy(attributes, 0, fields, 2, 5);
     entries.put(user, fields);
-
     savePasswd();
   }
 
@@ -130,26 +109,20 @@ public class PasswordFile
       throws IOException
   {
     checkCurrent();
-    if (!entries.containsKey(user))
-      {
-        throw new NoSuchUserException(user);
-      }
-
+    if (! entries.containsKey(user))
+      throw new NoSuchUserException(user);
     String[] fields = (String[]) entries.get(user); // get the existing entry
     fields[1] = passwd; // modify the password field
     entries.remove(user); // delete the existing entry
     entries.put(user, fields); // add the new entry
-
     savePasswd();
   }
 
   public synchronized String[] lookup(String user) throws IOException
   {
     checkCurrent();
-    if (!entries.containsKey(user))
-      {
-        throw new NoSuchUserException(user);
-      }
+    if (! entries.containsKey(user))
+      throw new NoSuchUserException(user);
     return (String[]) entries.get(user);
   }
 
@@ -159,8 +132,6 @@ public class PasswordFile
     return entries.containsKey(s);
   }
 
-  //----------------------------------------------------------------//
-
   private synchronized void update() throws IOException
   {
     lastmod = passwdFile.lastModified();
@@ -170,9 +141,7 @@ public class PasswordFile
   private void checkCurrent() throws IOException
   {
     if (passwdFile.lastModified() > lastmod)
-      {
-        update();
-      }
+      update();
   }
 
   private synchronized void readPasswd(InputStream in) throws IOException
@@ -188,68 +157,39 @@ public class PasswordFile
           {
             fields[0] = st.nextToken(); // username
             st.nextToken();
-
             fields[1] = st.nextToken(); // passwd
             if (fields[1].equals(":"))
-              {
-                fields[1] = "";
-              }
+              fields[1] = "";
             else
-              {
-                st.nextToken();
-              }
-
+              st.nextToken();
             fields[2] = st.nextToken(); // uid
             if (fields[2].equals(":"))
-              {
-                fields[2] = "";
-              }
+              fields[2] = "";
             else
-              {
-                st.nextToken();
-              }
-
+              st.nextToken();
             fields[3] = st.nextToken(); // gid
             if (fields[3].equals(":"))
-              {
-                fields[3] = "";
-              }
+              fields[3] = "";
             else
-              {
-                st.nextToken();
-              }
-
+              st.nextToken();
             fields[4] = st.nextToken(); // gecos
             if (fields[4].equals(":"))
-              {
-                fields[4] = "";
-              }
+              fields[4] = "";
             else
-              {
-                st.nextToken();
-              }
-
+              st.nextToken();
             fields[5] = st.nextToken(); // dir
             if (fields[5].equals(":"))
-              {
-                fields[5] = "";
-              }
+              fields[5] = "";
             else
-              {
-                st.nextToken();
-              }
-
+              st.nextToken();
             fields[6] = st.nextToken(); // shell
             if (fields[6].equals(":"))
-              {
-                fields[6] = "";
-              }
+              fields[6] = "";
           }
         catch (NoSuchElementException ignored)
           {
             continue;
           }
-
         entries.put(fields[0], fields);
       }
   }
@@ -273,37 +213,31 @@ public class PasswordFile
                 fields = (String[]) entries.get(key);
                 sb = new StringBuffer(fields[0]);
                 for (int i = 1; i < fields.length; i++)
-                  {
-                    sb.append(":" + fields[i]);
-                  }
+                  sb.append(":" + fields[i]);
                 pw.println(sb.toString());
               }
           }
         finally
           {
             if (pw != null)
-              {
-                try
-                  {
-                    pw.flush();
-                  }
-                finally
-                  {
-                    pw.close();
-                  }
-              }
+              try
+                {
+                  pw.flush();
+                }
+              finally
+                {
+                  pw.close();
+                }
             if (fos != null)
-              {
-                try
-                  {
-                    fos.close();
-                  }
-                catch (IOException ignored)
-                  {
-                  }
-              }
+              try
+                {
+                  fos.close();
+                }
+              catch (IOException ignored)
+                {
+                }
             lastmod = passwdFile.lastModified();
           }
       }
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/plain/PlainAuthInfoProvider.java b/libjava/classpath/gnu/javax/crypto/sasl/plain/PlainAuthInfoProvider.java
index 9882ce9bb48..e0cf82fb60c 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/plain/PlainAuthInfoProvider.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/plain/PlainAuthInfoProvider.java
@@ -51,44 +51,26 @@ import javax.security.sasl.AuthenticationException;
 /**
  * The PLAIN mechanism authentication information provider implementation.
  */
-public class PlainAuthInfoProvider implements IAuthInfoProvider, PlainRegistry
+public class PlainAuthInfoProvider
+    implements IAuthInfoProvider, PlainRegistry
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   private PasswordFile passwordFile = null;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   // implicit 0-args constrcutor
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // IAuthInfoProvider interface implementation
-  // -------------------------------------------------------------------------
-
   public void activate(Map context) throws AuthenticationException
   {
     try
       {
         if (context == null)
-          {
-            passwordFile = new PasswordFile();
-          }
+          passwordFile = new PasswordFile();
         else
           {
             String pfn = (String) context.get(PASSWORD_FILE);
             if (pfn == null)
-              {
-                passwordFile = new PasswordFile();
-              }
+              passwordFile = new PasswordFile();
             else
-              {
-                passwordFile = new PasswordFile(pfn);
-              }
+              passwordFile = new PasswordFile(pfn);
           }
       }
     catch (IOException x)
@@ -105,10 +87,8 @@ public class PlainAuthInfoProvider implements IAuthInfoProvider, PlainRegistry
   public boolean contains(String userName) throws AuthenticationException
   {
     if (passwordFile == null)
-      {
-        throw new AuthenticationException("contains()",
-                                          new IllegalStateException());
-      }
+      throw new AuthenticationException("contains()",
+                                        new IllegalStateException());
     boolean result = false;
     try
       {
@@ -124,18 +104,13 @@ public class PlainAuthInfoProvider implements IAuthInfoProvider, PlainRegistry
   public Map lookup(Map userID) throws AuthenticationException
   {
     if (passwordFile == null)
-      {
-        throw new AuthenticationException("lookup()",
-                                          new IllegalStateException());
-      }
+      throw new AuthenticationException("lookup()", new IllegalStateException());
     Map result = new HashMap();
     try
       {
         String userName = (String) userID.get(Registry.SASL_USERNAME);
         if (userName == null)
-          {
-            throw new NoSuchUserException("");
-          }
+          throw new NoSuchUserException("");
         String[] data = passwordFile.lookup(userName);
         result.put(Registry.SASL_USERNAME, data[0]);
         result.put(Registry.SASL_PASSWORD, data[1]);
@@ -148,13 +123,8 @@ public class PlainAuthInfoProvider implements IAuthInfoProvider, PlainRegistry
     catch (Exception x)
       {
         if (x instanceof AuthenticationException)
-          {
-            throw (AuthenticationException) x;
-          }
-        else
-          {
-            throw new AuthenticationException("lookup()", x);
-          }
+          throw (AuthenticationException) x;
+        throw new AuthenticationException("lookup()", x);
       }
     return result;
   }
@@ -162,10 +132,7 @@ public class PlainAuthInfoProvider implements IAuthInfoProvider, PlainRegistry
   public void update(Map userCredentials) throws AuthenticationException
   {
     if (passwordFile == null)
-      {
-        throw new AuthenticationException("update()",
-                                          new IllegalStateException());
-      }
+      throw new AuthenticationException("update()", new IllegalStateException());
     try
       {
         String userName = (String) userCredentials.get(Registry.SASL_USERNAME);
@@ -177,9 +144,7 @@ public class PlainAuthInfoProvider implements IAuthInfoProvider, PlainRegistry
         String shell = (String) userCredentials.get(SHELL_FIELD);
         if (uid == null || gid == null || gecos == null || dir == null
             || shell == null)
-          {
-            passwordFile.changePasswd(userName, password);
-          }
+          passwordFile.changePasswd(userName, password);
         else
           {
             String[] attributes = new String[] { uid, gid, gecos, dir, shell };
@@ -189,13 +154,8 @@ public class PlainAuthInfoProvider implements IAuthInfoProvider, PlainRegistry
     catch (Exception x)
       {
         if (x instanceof AuthenticationException)
-          {
-            throw (AuthenticationException) x;
-          }
-        else
-          {
-            throw new AuthenticationException("update()", x);
-          }
+          throw (AuthenticationException) x;
+        throw new AuthenticationException("update()", x);
       }
   }
 
@@ -203,4 +163,4 @@ public class PlainAuthInfoProvider implements IAuthInfoProvider, PlainRegistry
   {
     throw new AuthenticationException("", new UnsupportedOperationException());
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/plain/PlainClient.java b/libjava/classpath/gnu/javax/crypto/sasl/plain/PlainClient.java
index 066db377054..5c60578db67 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/plain/PlainClient.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/plain/PlainClient.java
@@ -48,30 +48,17 @@ import javax.security.auth.callback.NameCallback;
 import javax.security.auth.callback.PasswordCallback;
 
 /**
- * <p>The PLAIN SASL client-side mechanism.</p>
+ * The PLAIN SASL client-side mechanism.
  */
-public class PlainClient extends ClientMechanism implements SaslClient
+public class PlainClient
+    extends ClientMechanism
+    implements SaslClient
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public PlainClient()
   {
     super(Registry.SASL_PLAIN_MECHANISM);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // abstract methods implementation -----------------------------------------
-
   protected void initMechanism() throws SaslException
   {
   }
@@ -80,8 +67,6 @@ public class PlainClient extends ClientMechanism implements SaslClient
   {
   }
 
-  // javax.security.sasl.SaslClient interface implementation -----------------
-
   public boolean hasInitialResponse()
   {
     return true;
@@ -94,22 +79,16 @@ public class PlainClient extends ClientMechanism implements SaslClient
         final String username;
         final char[] password;
         Callback[] callbacks;
-
-        if ((!properties.containsKey(Registry.SASL_USERNAME))
-            && (!properties.containsKey(Registry.SASL_PASSWORD)))
+        if ((! properties.containsKey(Registry.SASL_USERNAME))
+            && (! properties.containsKey(Registry.SASL_PASSWORD)))
           {
             callbacks = new Callback[2];
-
             final NameCallback nameCB;
             final String defaultName = System.getProperty("user.name");
             if (defaultName == null)
-              {
-                nameCB = new NameCallback("username: ");
-              }
+              nameCB = new NameCallback("username: ");
             else
-              {
-                nameCB = new NameCallback("username: ", defaultName);
-              }
+              nameCB = new NameCallback("username: ", defaultName);
             final PasswordCallback pwdCB = new PasswordCallback("password: ",
                                                                 false);
             callbacks[0] = nameCB;
@@ -121,67 +100,49 @@ public class PlainClient extends ClientMechanism implements SaslClient
         else
           {
             if (properties.containsKey(Registry.SASL_USERNAME))
-              {
-                username = (String) properties.get(Registry.SASL_USERNAME);
-              }
+              username = (String) properties.get(Registry.SASL_USERNAME);
             else
               {
                 callbacks = new Callback[1];
                 final NameCallback nameCB;
                 final String defaultName = System.getProperty("user.name");
                 if (defaultName == null)
-                  {
-                    nameCB = new NameCallback("username: ");
-                  }
+                  nameCB = new NameCallback("username: ");
                 else
-                  {
-                    nameCB = new NameCallback("username: ", defaultName);
-                  }
+                  nameCB = new NameCallback("username: ", defaultName);
                 callbacks[0] = nameCB;
                 this.handler.handle(callbacks);
                 username = nameCB.getName();
               }
-
             if (properties.containsKey(Registry.SASL_PASSWORD))
-              {
-                password = ((String) properties.get(Registry.SASL_PASSWORD)).toCharArray();
-              }
+              password = ((String) properties.get(Registry.SASL_PASSWORD)).toCharArray();
             else
               {
                 callbacks = new Callback[1];
-                final PasswordCallback pwdCB = new PasswordCallback(
-                                                                    "password: ",
+                final PasswordCallback pwdCB = new PasswordCallback("password: ",
                                                                     false);
                 callbacks[0] = pwdCB;
                 this.handler.handle(callbacks);
                 password = pwdCB.getPassword();
               }
           }
-
         if (password == null)
-          {
-            throw new SaslException("null password supplied");
-          }
+          throw new SaslException("null password supplied");
         final StringBuffer sb = new StringBuffer();
         if (authorizationID != null)
-          {
-            sb.append(authorizationID);
-          }
+          sb.append(authorizationID);
         sb.append('\0');
         sb.append(username);
         sb.append('\0');
         sb.append(password);
         this.complete = true;
-
         final byte[] response = sb.toString().getBytes("UTF-8");
         return response;
       }
     catch (Exception x)
       {
         if (x instanceof SaslException)
-          {
-            throw (SaslException) x;
-          }
+          throw (SaslException) x;
         throw new SaslException("evaluateChallenge()", x);
       }
   }
@@ -190,4 +151,4 @@ public class PlainClient extends ClientMechanism implements SaslClient
   {
     return Registry.QOP_AUTH;
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/plain/PlainRegistry.java b/libjava/classpath/gnu/javax/crypto/sasl/plain/PlainRegistry.java
index 0b48c0ad30d..84e17605345 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/plain/PlainRegistry.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/plain/PlainRegistry.java
@@ -40,28 +40,18 @@ package gnu.javax.crypto.sasl.plain;
 
 public interface PlainRegistry
 {
-
-  // Constants
-  // -------------------------------------------------------------------------
-
   /** Name of PLAIN password file property. */
   String PASSWORD_FILE = "gnu.crypto.sasl.plain.password.file";
-
   /** Default fully qualified pathname of the PLAIN password file. */
   String DEFAULT_PASSWORD_FILE = "/etc/tpasswd";
-
   /** Name of the UID field in the plain password file. */
   String UID_FIELD = "plain.uid";
-
   /** Name of the GID field in the plain password file. */
   String GID_FIELD = "plain.gid";
-
   /** Name of the GECOS field in the plain password file. */
   String GECOS_FIELD = "plain.gecos";
-
   /** Name of the DIR field in the plain password file. */
   String DIR_FIELD = "plain.dir";
-
   /** Name of the SHELL field in the plain password file. */
   String SHELL_FIELD = "plain.shell";
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/plain/PlainServer.java b/libjava/classpath/gnu/javax/crypto/sasl/plain/PlainServer.java
index 20568847303..52deef51ee9 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/plain/PlainServer.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/plain/PlainServer.java
@@ -54,30 +54,17 @@ import javax.security.sasl.SaslException;
 import javax.security.sasl.SaslServer;
 
 /**
- * <p>The PLAIN SASL server-side mechanism.</p>
+ * The PLAIN SASL server-side mechanism.
  */
-public class PlainServer extends ServerMechanism implements SaslServer
+public class PlainServer
+    extends ServerMechanism
+    implements SaslServer
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public PlainServer()
   {
     super(Registry.SASL_PLAIN_MECHANISM);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // abstract methods implementation -----------------------------------------
-
   protected void initMechanism() throws SaslException
   {
   }
@@ -86,43 +73,27 @@ public class PlainServer extends ServerMechanism implements SaslServer
   {
   }
 
-  // javax.security.sasl.SaslServer interface implementation -----------------
-
   public byte[] evaluateResponse(final byte[] response) throws SaslException
   {
     if (response == null)
-      {
-        return null;
-      }
+      return null;
     try
       {
         final String nullStr = new String("\0");
-        final StringTokenizer strtok = new StringTokenizer(
-                                                           new String(response),
+        final StringTokenizer strtok = new StringTokenizer(new String(response),
                                                            nullStr, true);
-
         authorizationID = strtok.nextToken();
-        if (!authorizationID.equals(nullStr))
-          {
-            strtok.nextToken();
-          }
+        if (! authorizationID.equals(nullStr))
+          strtok.nextToken();
         else
-          {
-            authorizationID = null;
-          }
+          authorizationID = null;
         final String id = strtok.nextToken();
         if (id.equals(nullStr))
-          {
-            throw new SaslException("No identity given");
-          }
+          throw new SaslException("No identity given");
         if (authorizationID == null)
-          {
-            authorizationID = id;
-          }
-        if ((!authorizationID.equals(nullStr)) && (!authorizationID.equals(id)))
-          {
-            throw new SaslException("Delegation not supported");
-          }
+          authorizationID = id;
+        if ((! authorizationID.equals(nullStr)) && (! authorizationID.equals(id)))
+          throw new SaslException("Delegation not supported");
         strtok.nextToken();
         final byte[] pwd;
         try
@@ -134,9 +105,7 @@ public class PlainServer extends ServerMechanism implements SaslServer
             throw new SaslException("evaluateResponse()", x);
           }
         if (pwd == null)
-          {
-            throw new SaslException("No password given");
-          }
+          throw new SaslException("No password given");
         final byte[] password;
         try
           {
@@ -146,10 +115,8 @@ public class PlainServer extends ServerMechanism implements SaslServer
           {
             throw new SaslException("evaluateResponse()", x);
           }
-        if (!Arrays.equals(pwd, password))
-          {
-            throw new SaslException("Password incorrect");
-          }
+        if (! Arrays.equals(pwd, password))
+          throw new SaslException("Password incorrect");
         this.complete = true;
         return null;
       }
@@ -164,33 +131,25 @@ public class PlainServer extends ServerMechanism implements SaslServer
     return Registry.QOP_AUTH;
   }
 
-  // other methods -----------------------------------------------------------
-
   private char[] lookupPassword(final String userName) throws SaslException
   {
     try
       {
-        if (!authenticator.contains(userName))
-          {
-            throw new NoSuchUserException(userName);
-          }
+        if (! authenticator.contains(userName))
+          throw new NoSuchUserException(userName);
         final Map userID = new HashMap();
         userID.put(Registry.SASL_USERNAME, userName);
         final Map credentials = authenticator.lookup(userID);
         final String password = (String) credentials.get(Registry.SASL_PASSWORD);
         if (password == null)
-          {
-            throw new SaslException("lookupPassword()", new InternalError());
-          }
+          throw new SaslException("lookupPassword()", new InternalError());
         return password.toCharArray();
       }
     catch (IOException x)
       {
         if (x instanceof SaslException)
-          {
-            throw (SaslException) x;
-          }
+          throw (SaslException) x;
         throw new SaslException("lookupPassword()", x);
       }
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/srp/CALG.java b/libjava/classpath/gnu/javax/crypto/sasl/srp/CALG.java
index 6215783d6a9..308543230b5 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/srp/CALG.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/srp/CALG.java
@@ -58,65 +58,55 @@ import java.util.HashMap;
 import javax.security.sasl.SaslException;
 
 /**
- * <p>A Factory class that returns CALG (Confidentiality Algorithm) instances
- * that operate as described in the draft-burdis-cat-sasl-srp-08.</p>
- *
- * <p>The designated CALG block cipher should be used in OFB (Output Feedback
+ * A Factory class that returns CALG (Confidentiality Algorithm) instances that
+ * operate as described in the draft-burdis-cat-sasl-srp-08.
+ * <p>
+ * The designated CALG block cipher should be used in OFB (Output Feedback
  * Block) mode in the ISO variant, as described in <i>The Handbook of Applied
- * Cryptography</i>, algorithm 7.20.</p>
- *
- * <p>Let <code>k</code> be the block size of the chosen symmetric key block
- * cipher algorithm; e.g. for AES this is <code>128</code> bits or <code>16</code>
- * octets.  The OFB mode used shall be of length/size <code>k</code>.</p>
- *
- * <p>It is recommended that block ciphers operating in OFB mode be used with an
+ * Cryptography</i>, algorithm 7.20.
+ * <p>
+ * Let <code>k</code> be the block size of the chosen symmetric key block
+ * cipher algorithm; e.g. for AES this is <code>128</code> bits or
+ * <code>16</code> octets. The OFB mode used shall be of length/size
+ * <code>k</code>.
+ * <p>
+ * It is recommended that block ciphers operating in OFB mode be used with an
  * Initial Vector (the mode's IV). In such a mode of operation - OFB with key
  * re-use - the IV need not be secret. For the mechanism in question the IVs
- * shall be a random octet sequence of <code>k</code> bytes.</p>
- *
- * The input data to the confidentiality protection algorithm shall be
- * a multiple of the symmetric cipher block size <code>k</code>. When the input
+ * shall be a random octet sequence of <code>k</code> bytes.
+ * <p>
+ * The input data to the confidentiality protection algorithm shall be a
+ * multiple of the symmetric cipher block size <code>k</code>. When the input
  * length is not a multiple of <code>k</code> octets, the data shall be padded
- * according to the following scheme:</p>
- *
- * <p>Assuming the length of the input is <code>l</code> octets,
+ * according to the following scheme:
+ * <p>
+ * Assuming the length of the input is <code>l</code> octets,
  * <code>(k - (l mod k))</code> octets, all having the value
  * <code>(k - (l mod k))</code>, shall be appended to the original data. In
  * other words, the input is padded at the trailing end with one of the
- * following sequences:</p>
- *
+ * following sequences:
  * <pre>
- *
- *                    01 -- if l mod k = k-1
- *                   02 02 -- if l mod k = k-2
- *                             ...
- *                             ...
- *                             ...
- *                 k k ... k k -- if l mod k = 0
- *</pre>
- *
- * <p>The padding can be removed unambiguously since all input is padded and no
+ * 
+ *                     01 -- if l mod k = k-1
+ *                    02 02 -- if l mod k = k-2
+ *                              ...
+ *                              ...
+ *                              ...
+ *                  k k ... k k -- if l mod k = 0
+ * </pre>
+ * <p>
+ * The padding can be removed unambiguously since all input is padded and no
  * padding sequence is a suffix of another. This padding method is well-defined
  * if and only if <code>k &lt; 256</code> octets, which is the case with
- * symmetric key block ciphers today, and in the forseeable future.</p>
+ * symmetric key block ciphers today, and in the forseeable future.
  */
 public final class CALG
 {
-
-  // Constants and variables
-  // --------------------------------------------------------------------------
-
   private Assembly assembly;
-
   private Object modeNdx; // initialisation key of the cascade's attributes
-
   private int blockSize; // the underlying cipher's blocksize == IV length
-
   private int keySize; // the underlying cipher's key size (in bytes).
 
-  // Constructor(s)
-  // --------------------------------------------------------------------------
-
   /** Private constructor to enforce instantiation through Factory method. */
   private CALG(final int blockSize, final int keySize, final Object modeNdx,
                final Assembly assembly)
@@ -129,12 +119,9 @@ public final class CALG
     this.assembly = assembly;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns an instance of a SASL-SRP CALG implementation.</p>
-   *
+   * Returns an instance of a SASL-SRP CALG implementation.
+   * 
    * @param algorithm the name of the symmetric cipher algorithm.
    * @return an instance of this object.
    */
@@ -144,118 +131,60 @@ public final class CALG
     final int blockSize = cipher.defaultBlockSize();
     final int keySize = cipher.defaultKeySize();
     final Cascade ofbCipher = new Cascade();
-    final Object modeNdx = ofbCipher.append(Stage.getInstance(
-                                                              ModeFactory.getInstance(
-                                                                                      Registry.OFB_MODE,
-                                                                                      cipher,
-                                                                                      blockSize),
-                                                              Direction.FORWARD));
+    IMode ofbMode = ModeFactory.getInstance(Registry.OFB_MODE,
+                                            cipher,
+                                            blockSize);
+    Stage modeStage = Stage.getInstance(ofbMode, Direction.FORWARD);
+    final Object modeNdx = ofbCipher.append(modeStage);
     final IPad pkcs7 = PadFactory.getInstance(Registry.PKCS7_PAD);
-    // the passed IV may be longer that what we need. ensure correct length
-    //      byte[] realIV = null;
-    //      if (iv.length == blockSize) {
-    //         realIV = iv;
-    //      } else {
-    //         realIV = new byte[blockSize];
-    //         if (iv.length > blockSize) {
-    //            System.arraycopy(iv, 0, realIV, 0, blockSize);
-    //         } else { // shouldnt happen
-    //            System.arraycopy(iv, 0, realIV, 0, iv.length);
-    //         }
-    //      }
-
-    //      HashMap modeAttributes = new HashMap();
-    //      modeAttributes.put(IBlockCipher.KEY_MATERIAL, K.clone());
-    //      modeAttributes.put(IMode.IV, realIV);
-
     final Assembly asm = new Assembly();
     asm.addPreTransformer(Transformer.getCascadeTransformer(ofbCipher));
     asm.addPreTransformer(Transformer.getPaddingTransformer(pkcs7));
-
-    //      HashMap attributes = new HashMap();
-    //      attributes.put(Assembly.DIRECTION, dir);
-    //      attributes.put(modeNdx, modeAttributes);
-    //      try {
-    //         asm.init(attributes);
-    //      } catch (TransformerException x) {
-    //         throw new SaslException("getInstance()", x);
-    //      }
-
     return new CALG(blockSize, keySize, modeNdx, asm);
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Initialises a SASL-SRP CALG implementation.</p>
-   *
+   * Initialises a SASL-SRP CALG implementation.
+   * 
    * @param kdf the key derivation function.
    * @param iv the initial vector value to use.
    * @param dir whether this CALG is used for encryption or decryption.
    */
-  //   public void init(byte[] K, byte[] iv, Direction dir) throws SaslException {
   public void init(final KDF kdf, final byte[] iv, final Direction dir)
       throws SaslException
   {
-    //      IBlockCipher cipher = CipherFactory.getInstance(algorithm);
-    //      int blockSize = cipher.defaultBlockSize();
-    //      Cascade ofbCipher = new Cascade();
-    //      Object modeNdx = ofbCipher.append(
-    //            Stage.getInstace(
-    //                  ModeFactory.getInstance(Registry.OFB_MODE, cipher, blockSize),
-    //                  Direction.FORWARD));
-    //      IPad pkcs7 = PadFactory.getInstance(Registry.PKCS7_PAD);
-    // the passed IV may be longer that what we need. ensure correct length
     final byte[] realIV;
     if (iv.length == blockSize)
-      {
-        realIV = iv;
-      }
+      realIV = iv;
     else
       {
         realIV = new byte[blockSize];
         if (iv.length > blockSize)
-          {
-            System.arraycopy(iv, 0, realIV, 0, blockSize);
-          }
-        else
-          { // shouldnt happen
-            System.arraycopy(iv, 0, realIV, 0, iv.length);
-          }
+          System.arraycopy(iv, 0, realIV, 0, blockSize);
+        else // shouldnt happen
+          System.arraycopy(iv, 0, realIV, 0, iv.length);
       }
-
     final HashMap modeAttributes = new HashMap();
-    //      modeAttributes.put(IBlockCipher.KEY_MATERIAL, K.clone());
     final byte[] sk = kdf.derive(keySize);
     modeAttributes.put(IBlockCipher.KEY_MATERIAL, sk);
-    //System.out.println("**** Initialised CALG with: "+gnu.crypto.util.Util.dumpString(sk));
     modeAttributes.put(IMode.IV, realIV);
-
-    //      Assembly asm = new Assembly();
-    //      asm.addPreTransformer(Transformer.getCascadeTransformer(ofbCipher));
-    //      asm.addPreTransformer(Transformer.getPaddingTransformer(pkcs7));
-
     final HashMap attributes = new HashMap();
     attributes.put(Assembly.DIRECTION, dir);
     attributes.put(modeNdx, modeAttributes);
     try
       {
-        //         asm.init(attributes);
         assembly.init(attributes);
       }
     catch (TransformerException x)
       {
         throw new SaslException("getInstance()", x);
       }
-
-    //      return new CALG(asm);
   }
 
   /**
-   * <p>Encrypts or decrypts, depending on the mode already set, a designated
-   * array of bytes and returns the result.</p>
-   *
+   * Encrypts or decrypts, depending on the mode already set, a designated array
+   * of bytes and returns the result.
+   * 
    * @param data the data to encrypt/decrypt.
    * @return the decrypted/encrypted result.
    * @throws ConfidentialityException if an exception occurs duirng the process.
@@ -266,9 +195,9 @@ public final class CALG
   }
 
   /**
-   * <p>Encrypts or decrypts, depending on the mode already set, a designated
-   * array of bytes and returns the result.</p>
-   *
+   * Encrypts or decrypts, depending on the mode already set, a designated array
+   * of bytes and returns the result.
+   * 
    * @param data the data to encrypt/decrypt.
    * @param offset where to start in <code>data</code>.
    * @param length how many bytes to consider in <code>data</code>.
@@ -289,4 +218,4 @@ public final class CALG
       }
     return result;
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/srp/ClientStore.java b/libjava/classpath/gnu/javax/crypto/sasl/srp/ClientStore.java
index ce16f4aa75d..866e610d83d 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/srp/ClientStore.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/srp/ClientStore.java
@@ -41,29 +41,19 @@ package gnu.javax.crypto.sasl.srp;
 import java.util.HashMap;
 
 /**
- * <p>The client-side implementation of the SRP security context store.</p>
+ * The client-side implementation of the SRP security context store.
  */
 public class ClientStore
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** The underlying singleton. */
   private static ClientStore singleton = null;
-
   /** The map of uid --> SASL Security Context record. */
   private static final HashMap uid2ssc = new HashMap();
-
   /** The map of sid --> Session timing record. */
   private static final HashMap uid2ttl = new HashMap();
-
   /** A synchronisation lock. */
   private static final Object lock = new Object();
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Private constructor to enforce Singleton pattern. */
   private ClientStore()
   {
@@ -72,33 +62,25 @@ public class ClientStore
     // TODO: add a cleaning timer thread
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns the classloader Singleton.</p>
-   *
+   * Returns the classloader Singleton.
+   * 
    * @return the classloader Singleton instance.
    */
   static synchronized final ClientStore instance()
   {
     if (singleton == null)
-      {
-        singleton = new ClientStore();
-      }
+      singleton = new ClientStore();
     return singleton;
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns a boolean flag indicating if the designated client's session is
-   * still alive or not.</p>
-   *
+   * Returns a boolean flag indicating if the designated client's session is
+   * still alive or not.
+   * 
    * @param uid the identifier of the client whose session to check.
    * @return <code>true</code> if the designated client's session is still
-   * alive. <code>false</code> otherwise.
+   *         alive. <code>false</code> otherwise.
    */
   boolean isAlive(final String uid)
   {
@@ -107,11 +89,11 @@ public class ClientStore
       {
         final Object obj = uid2ssc.get(uid);
         result = (obj != null);
-        if (result)
-          { // is it still alive?
+        if (result) // is it still alive?
+          {
             final StoreEntry sto = (StoreEntry) uid2ttl.get(uid);
-            if (!sto.isAlive())
-              { // invalidate it
+            if (! sto.isAlive()) // invalidate it
+              {
                 uid2ssc.remove(uid);
                 uid2ttl.remove(uid);
               }
@@ -121,11 +103,11 @@ public class ClientStore
   }
 
   /**
-   * <p>Records a mapping between a client's unique identifier and its security
-   * context.</p>
-   *
-   * @param uid the unique identifier of the SRP client for which the session
-   * is to be cached.
+   * Records a mapping between a client's unique identifier and its security
+   * context.
+   * 
+   * @param uid the unique identifier of the SRP client for which the session is
+   *          to be cached.
    * @param ttl the session's Time-To-Live indicator (in seconds).
    * @param ctx the client's security context.
    */
@@ -139,9 +121,9 @@ public class ClientStore
   }
 
   /**
-   * <p>Removes the mapping between the designated SRP client unique identifier
-   * and the its session security context (and other timing information).</p>
-   *
+   * Removes the mapping between the designated SRP client unique identifier and
+   * the its session security context (and other timing information).
+   * 
    * @param uid the identifier of the client whose session is to invalidate.
    */
   void invalidateSession(final String uid)
@@ -154,9 +136,9 @@ public class ClientStore
   }
 
   /**
-   * <p>Returns an SRP client's security context record mapped by that client's
-   * unique identifier.</p>
-   *
+   * Returns an SRP client's security context record mapped by that client's
+   * unique identifier.
+   * 
    * @param uid the identifier of the client whose session is to restore.
    * @return the SRP client's security context.
    */
@@ -170,4 +152,4 @@ public class ClientStore
       }
     return result;
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/srp/IALG.java b/libjava/classpath/gnu/javax/crypto/sasl/srp/IALG.java
index 51492f9773c..85c93700fbf 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/srp/IALG.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/srp/IALG.java
@@ -48,20 +48,14 @@ import java.util.HashMap;
 import javax.security.sasl.SaslException;
 
 /**
- * <p>A Factory class that returns IALG (Integrity Algorithm) instances that
- * operate as described in the draft-burdis-cat-sasl-srp-04 and later.</p>
+ * A Factory class that returns IALG (Integrity Algorithm) instances that
+ * operate as described in the draft-burdis-cat-sasl-srp-04 and later.
  */
-public final class IALG implements Cloneable
+public final class IALG
+    implements Cloneable
 {
-
-  // Constants and variables
-  // --------------------------------------------------------------------------
-
   private IMac hmac;
 
-  // Constructor(s)
-  // --------------------------------------------------------------------------
-
   /** Private constructor to enforce instantiation through Factory method. */
   private IALG(final IMac hmac)
   {
@@ -70,12 +64,9 @@ public final class IALG implements Cloneable
     this.hmac = hmac;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns an instance of a SASL-SRP IALG implementation.</p>
-   *
+   * Returns an instance of a SASL-SRP IALG implementation.
+   * 
    * @param algorithm the name of the HMAC algorithm.
    * @return an instance of this object.
    */
@@ -85,44 +76,24 @@ public final class IALG implements Cloneable
     final IMac hmac;
     hmac = MacFactory.getInstance(algorithm);
     if (hmac == null)
-      {
-        throw new SaslException("getInstance()",
-                                new NoSuchAlgorithmException(algorithm));
-      }
-    // 	   try {
-    //         byte[] sk = (byte[]) K.clone();
-    //         HashMap map = new HashMap();
-    //         map.put(IMac.MAC_KEY_MATERIAL, sk);
-    //         hmac.init(map);
-    // 	   } catch (InvalidKeyException x) {
-    //   	   throw new SaslException("getInstance()", x);
-    // 	   }
+      throw new SaslException("getInstance()",
+                              new NoSuchAlgorithmException(algorithm));
     return new IALG(hmac);
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // Cloneable interface implementation --------------------------------------
-
   public Object clone() throws CloneNotSupportedException
   {
     return new IALG((IMac) hmac.clone());
   }
 
-  // other methdds -----------------------------------------------------------
-
-  //   public void init(final byte[] K) throws SaslException {
   public void init(final KDF kdf) throws SaslException
   {
     try
       {
-        //         final byte[] sk = (byte[]) K.clone();
         final byte[] sk = kdf.derive(hmac.macSize());
         final HashMap map = new HashMap();
         map.put(IMac.MAC_KEY_MATERIAL, sk);
         hmac.init(map);
-        //System.out.println("**** Initialised IALG with: "+gnu.crypto.util.Util.dumpString(sk));
       }
     catch (InvalidKeyException x)
       {
@@ -146,8 +117,8 @@ public final class IALG implements Cloneable
   }
 
   /**
-   * <p>Returns the length (in bytes) of this SASL SRP Integrity Algorithm.</p>
-   *
+   * Returns the length (in bytes) of this SASL SRP Integrity Algorithm.
+   * 
    * @return the length, in bytes, of this integrity protection algorithm.
    */
   public int length()
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/srp/KDF.java b/libjava/classpath/gnu/javax/crypto/sasl/srp/KDF.java
index 0d5eeacd182..aa3edac0c3b 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/srp/KDF.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/srp/KDF.java
@@ -47,67 +47,46 @@ import gnu.javax.crypto.prng.UMacGenerator;
 import java.util.HashMap;
 
 /**
- * <p>The SASL-SRP KDF implementation, which is also used, depending on how it
- * was instantiated, as a secure Pseudo Random Number Generator.</p>
+ * The SASL-SRP KDF implementation, which is also used, depending on how it was
+ * instantiated, as a secure Pseudo Random Number Generator.
  */
 public class KDF
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  private static final int AES_BLOCK_SIZE = 16; // default block size for the AES
-
+  private static final int AES_BLOCK_SIZE = 16; // default block size for AES
   private static final int AES_KEY_SIZE = 16; // default key size for the AES
-
   private static final byte[] buffer = new byte[1];
-
   /** Our default source of randomness. */
   private static final PRNG prng = PRNG.getInstance();
-
-  /** The shared secret K to use. */
-  //   private byte[] keyMaterial;
   /** The underlying UMAC Generator instance. */
   private UMacGenerator umac = null;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Constructs an instance of the <code>KDF</code> initialised with the
-   * designated shared secret bytes.</p>
-   *
+   * Constructs an instance of the <code>KDF</code> initialised with the
+   * designated shared secret bytes.
+   * 
    * @param keyMaterial the SASL SRP shared secret (K) bytes.
    */
   private KDF(final byte[] keyMaterial, final int ndx)
   {
     super();
 
-    //      if (ndx != 0) {
-    //         this.keyMaterial = (byte[]) keyMaterial.clone();
-    //      }
     final HashMap map = new HashMap();
     map.put(UMacGenerator.CIPHER, Registry.AES_CIPHER);
-    map.put(UMacGenerator.INDEX, new Integer(ndx));
-    map.put(IBlockCipher.CIPHER_BLOCK_SIZE, new Integer(AES_BLOCK_SIZE));
+    map.put(UMacGenerator.INDEX, Integer.valueOf(ndx));
+    map.put(IBlockCipher.CIPHER_BLOCK_SIZE, Integer.valueOf(AES_BLOCK_SIZE));
     final byte[] key = new byte[AES_KEY_SIZE];
     System.arraycopy(keyMaterial, 0, key, 0, AES_KEY_SIZE);
     map.put(IBlockCipher.KEY_MATERIAL, key);
-
     umac = new UMacGenerator();
     umac.init(map);
-    //System.out.println("**** Initialised KDF with: "+gnu.crypto.util.Util.dumpString(key));
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>A Factory mehod that returns an instance of a <code>KDF</code> based on
-   * supplied seed data.</p>
-   *
+   * A Factory mehod that returns an instance of a <code>KDF</code> based on
+   * supplied seed data.
+   * 
    * @param K the SASL SRP shared secret for a <code>KDF</code> to be used for
-   * <i>CALG</i> and <i>IALG</i> setup. <code>null</code> otherwise.
+   *          <i>CALG</i> and <i>IALG</i> setup. <code>null</code> otherwise.
    * @return an instance of a <code>KDF</code>.
    */
   static final KDF getInstance(final byte[] K)
@@ -134,36 +113,28 @@ public class KDF
     return (buffer[0] & 0xFF);
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns a designated number of bytes suitable for use in the SASL SRP
-   * mechanism.</p>
-   *
+   * Returns a designated number of bytes suitable for use in the SASL SRP
+   * mechanism.
+   * 
    * @param length the number of bytes needed.
    * @return a byte array containing the generated/selected bytes.
    */
   public synchronized byte[] derive(final int length)
   {
     final byte[] result = new byte[length];
-    //      if (keyMaterial == null || length > keyMaterial.length) {
     try
       {
         umac.nextBytes(result, 0, length);
       }
-    catch (IllegalStateException x)
-      { // should not happen
+    catch (IllegalStateException x) // should not happen
+      {
         x.printStackTrace(System.err);
       }
-    catch (LimitReachedException x)
-      { // idem
+    catch (LimitReachedException x) // idem
+      {
         x.printStackTrace(System.err);
       }
-    //      } else {
-    //         System.arraycopy(keyMaterial, 0, result, 0, length);
-    //      }
-
     return result;
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/srp/PasswordFile.java b/libjava/classpath/gnu/javax/crypto/sasl/srp/PasswordFile.java
index 1628a4167ab..36888df8724 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/srp/PasswordFile.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/srp/PasswordFile.java
@@ -39,7 +39,6 @@ exception statement from your version.  */
 package gnu.javax.crypto.sasl.srp;
 
 import gnu.java.security.Registry;
-import gnu.java.security.hash.IMessageDigest;
 import gnu.java.security.util.Util;
 import gnu.javax.crypto.key.srp6.SRPAlgorithm;
 import gnu.javax.crypto.sasl.NoSuchUserException;
@@ -50,9 +49,9 @@ import java.io.File;
 import java.io.FileInputStream;
 import java.io.FileNotFoundException;
 import java.io.FileOutputStream;
+import java.io.IOException;
 import java.io.InputStream;
 import java.io.InputStreamReader;
-import java.io.IOException;
 import java.io.PrintWriter;
 import java.io.UnsupportedEncodingException;
 import java.math.BigInteger;
@@ -62,70 +61,58 @@ import java.util.NoSuchElementException;
 import java.util.StringTokenizer;
 
 /**
- * <p>The implementation of SRP password files.</p>
- *
- * <p>For SRP, there are three (3) files:
+ * The implementation of SRP password files.
+ * <p>
+ * For SRP, there are three (3) files:
  * <ol>
- *    <li>The password configuration file: tpasswd.conf. It contains the pairs
- *    &lt;N,g> indexed by a number for each pair used for a user. By default,
- *    this file's pathname is constructed from the base password file pathname
- *    by prepending it with the ".conf" suffix.</li>
- *
- *    <li>The base password file: tpasswd. It contains the related password
- *    entries for all the users with values computed using SRP's default
- *    message digest algorithm: SHA-1 (with 160-bit output block size).</li>
- *
- *    <li>The extended password file: tpasswd2. Its name, by default, is
- *    constructed by adding the suffix "2" to the fully qualified pathname of
- *    the base password file. It contains, in addition to the same fields as
- *    the base password file, albeit with a different verifier value, an extra
- *    field identifying the message digest algorithm used to compute this
- *    (verifier) value.</li>
- * </ol></p>
- *
- * <p>This implementation assumes the following message digest algorithm codes:
+ * <li>The password configuration file: tpasswd.conf. It contains the pairs
+ * &lt;N,g> indexed by a number for each pair used for a user. By default, this
+ * file's pathname is constructed from the base password file pathname by
+ * prepending it with the ".conf" suffix.</li>
+ * <li>The base password file: tpasswd. It contains the related password
+ * entries for all the users with values computed using SRP's default message
+ * digest algorithm: SHA-1 (with 160-bit output block size).</li>
+ * <li>The extended password file: tpasswd2. Its name, by default, is
+ * constructed by adding the suffix "2" to the fully qualified pathname of the
+ * base password file. It contains, in addition to the same fields as the base
+ * password file, albeit with a different verifier value, an extra field
+ * identifying the message digest algorithm used to compute this (verifier)
+ * value.</li>
+ * </ol>
+ * <p>
+ * This implementation assumes the following message digest algorithm codes:
  * <ul>
- *    <li>0: the default hash algorithm, which is SHA-1 (or its alias SHA-160).</li>
- *    <li>1: MD5.</li>
- *    <li>2: RIPEMD-128.</li>
- *    <li>3: RIPEMD-160.</li>
- *    <li>4: SHA-256.</li>
- *    <li>5: SHA-384.</li>
- *    <li>6: SHA-512.</li>
- * </ul></p>
- *
- * <p><b>IMPORTANT:</b> This method computes the verifiers as described in
- * RFC-2945, which differs from the description given on the web page for
- * SRP-6.</p>
- *
- * <p>Reference:</p>
+ * <li>0: the default hash algorithm, which is SHA-1 (or its alias SHA-160).</li>
+ * <li>1: MD5.</li>
+ * <li>2: RIPEMD-128.</li>
+ * <li>3: RIPEMD-160.</li>
+ * <li>4: SHA-256.</li>
+ * <li>5: SHA-384.</li>
+ * <li>6: SHA-512.</li>
+ * </ul>
+ * <p>
+ * <b>IMPORTANT:</b> This method computes the verifiers as described in
+ * RFC-2945, which differs from the description given on the web page for SRP-6.
+ * <p>
+ * Reference:
  * <ol>
- *    <li><a href="http://srp.stanford.edu/design.html">SRP Protocol Design</a><br>
- *    Thomas J. Wu.</li>
+ * <li><a href="http://srp.stanford.edu/design.html">SRP Protocol Design</a><br>
+ * Thomas J. Wu.</li>
  * </ol>
  */
 public class PasswordFile
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   // names of property keys used in this class
   private static final String USER_FIELD = "user";
-
   private static final String VERIFIERS_FIELD = "verifier";
-
   private static final String SALT_FIELD = "salt";
-
   private static final String CONFIG_FIELD = "config";
-
   private static String DEFAULT_FILE;
   static
     {
       DEFAULT_FILE = System.getProperty(SRPRegistry.PASSWORD_FILE,
                                         SRPRegistry.DEFAULT_PASSWORD_FILE);
     }
-
   /** The SRP algorithm instances used by this object. */
   private static final HashMap srps;
   static
@@ -150,27 +137,19 @@ public class PasswordFile
     }
 
   private String confName, pwName, pw2Name;
-
   private File configFile, passwdFile, passwd2File;
-
   private long lastmodPasswdFile, lastmodPasswd2File;
-
   private HashMap entries = new HashMap();
-
   private HashMap configurations = new HashMap();
-
   // default N values to use when creating a new password.conf file
   private static final BigInteger[] Nsrp = new BigInteger[] {
-                                                             SRPAlgorithm.N_2048,
-                                                             SRPAlgorithm.N_1536,
-                                                             SRPAlgorithm.N_1280,
-                                                             SRPAlgorithm.N_1024,
-                                                             SRPAlgorithm.N_768,
-                                                             SRPAlgorithm.N_640,
-                                                             SRPAlgorithm.N_512 };
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
+      SRPAlgorithm.N_2048,
+      SRPAlgorithm.N_1536,
+      SRPAlgorithm.N_1280,
+      SRPAlgorithm.N_1024,
+      SRPAlgorithm.N_768,
+      SRPAlgorithm.N_640,
+      SRPAlgorithm.N_512 };
 
   public PasswordFile() throws IOException
   {
@@ -206,63 +185,43 @@ public class PasswordFile
     update();
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns a string representing the decimal value of an integer
-   * identifying the message digest algorithm to use for the SRP computations.
-   * </p>
-   *
+   * Returns a string representing the decimal value of an integer identifying
+   * the message digest algorithm to use for the SRP computations.
+   * 
    * @param mdName the canonical name of a message digest algorithm.
    * @return a string representing the decimal value of an ID for that
-   * algorithm.
+   *         algorithm.
    */
   private static final String nameToID(final String mdName)
   {
     if (Registry.SHA_HASH.equalsIgnoreCase(mdName)
         || Registry.SHA1_HASH.equalsIgnoreCase(mdName)
         || Registry.SHA160_HASH.equalsIgnoreCase(mdName))
-      {
-        return "0";
-      }
+      return "0";
     else if (Registry.MD5_HASH.equalsIgnoreCase(mdName))
-      {
-        return "1";
-      }
+      return "1";
     else if (Registry.RIPEMD128_HASH.equalsIgnoreCase(mdName))
-      {
-        return "2";
-      }
+      return "2";
     else if (Registry.RIPEMD160_HASH.equalsIgnoreCase(mdName))
-      {
-        return "3";
-      }
+      return "3";
     else if (Registry.SHA256_HASH.equalsIgnoreCase(mdName))
-      {
-        return "4";
-      }
+      return "4";
     else if (Registry.SHA384_HASH.equalsIgnoreCase(mdName))
-      {
-        return "5";
-      }
+      return "5";
     else if (Registry.SHA512_HASH.equalsIgnoreCase(mdName))
-      {
-        return "6";
-      }
+      return "6";
     return "0";
   }
 
-  // SRP password configuration file methods ---------------------------------
-
   /**
-   * <p>Checks if the current configuration file contains the &lt;N, g> pair
-   * for the designated <code>index</code>.</p>
-   *
+   * Checks if the current configuration file contains the &lt;N, g> pair for
+   * the designated <code>index</code>.
+   * 
    * @param index a string representing 1-digit identification of an &lt;N, g>
-   * pair used.
-   * @return <code>true</code> if the designated <code>index</code> is that of
-   * a known &lt;N, g> pair, and <code>false</code> otherwise.
+   *          pair used.
+   * @return <code>true</code> if the designated <code>index</code> is that
+   *         of a known &lt;N, g> pair, and <code>false</code> otherwise.
    * @throws IOException if an exception occurs during the process.
    * @see SRPRegistry#N_2048_BITS
    * @see SRPRegistry#N_1536_BITS
@@ -280,16 +239,16 @@ public class PasswordFile
   }
 
   /**
-   * <p>Returns a pair of strings representing the pair of <code>N</code> and
-   * <code>g</code> MPIs for the designated <code>index</code>.</p>
-   *
+   * Returns a pair of strings representing the pair of <code>N</code> and
+   * <code>g</code> MPIs for the designated <code>index</code>.
+   * 
    * @param index a string representing 1-digit identification of an &lt;N, g>
-   * pair to look up.
+   *          pair to look up.
    * @return a pair of strings, arranged in an array, where the first (at index
-   * position #0) is the repesentation of the MPI <code>N</code>, and the
-   * second (at index position #1) is the representation of the MPI
-   * <code>g</code>. If the <code>index</code> refers to an unknown pair, then
-   * an empty string array is returned.
+   *         position #0) is the repesentation of the MPI <code>N</code>, and
+   *         the second (at index position #1) is the representation of the MPI
+   *         <code>g</code>. If the <code>index</code> refers to an unknown
+   *         pair, then an empty string array is returned.
    * @throws IOException if an exception occurs during the process.
    */
   public synchronized String[] lookupConfig(final String index)
@@ -298,14 +257,10 @@ public class PasswordFile
     checkCurrent();
     String[] result = null;
     if (configurations.containsKey(index))
-      {
-        result = (String[]) configurations.get(index);
-      }
+      result = (String[]) configurations.get(index);
     return result;
   }
 
-  // SRP base and extended password configuration files methods --------------
-
   public synchronized boolean contains(final String user) throws IOException
   {
     checkCurrent();
@@ -318,9 +273,7 @@ public class PasswordFile
   {
     checkCurrent();
     if (entries.containsKey(user))
-      {
-        throw new UserAlreadyExistsException(user);
-      }
+      throw new UserAlreadyExistsException(user);
     final HashMap fields = new HashMap(4);
     fields.put(USER_FIELD, user); // 0
     fields.put(VERIFIERS_FIELD, newVerifiers(user, salt, passwd, index)); // 1
@@ -334,10 +287,8 @@ public class PasswordFile
       throws IOException
   {
     checkCurrent();
-    if (!entries.containsKey(user))
-      {
-        throw new NoSuchUserException(user);
-      }
+    if (! entries.containsKey(user))
+      throw new NoSuchUserException(user);
     final HashMap fields = (HashMap) entries.get(user);
     final byte[] salt;
     try
@@ -369,27 +320,23 @@ public class PasswordFile
     finally
       {
         if (pw1 != null)
-          {
-            try
-              {
-                pw1.flush();
-              }
-            finally
-              {
-                pw1.close();
-              }
-          }
+          try
+            {
+              pw1.flush();
+            }
+          finally
+            {
+              pw1.close();
+            }
         if (pw2 != null)
-          {
-            try
-              {
-                pw2.flush();
-              }
-            finally
-              {
-                pw2.close();
-              }
-          }
+          try
+            {
+              pw2.flush();
+            }
+          finally
+            {
+              pw2.close();
+            }
         try
           {
             f1.close();
@@ -410,24 +357,22 @@ public class PasswordFile
   }
 
   /**
-   * <p>Returns the triplet: verifier, salt and configuration file index, of a
+   * Returns the triplet: verifier, salt and configuration file index, of a
    * designated user, and a designated message digest algorithm name, as an
-   * array of strings.</p>
-   *
+   * array of strings.
+   * 
    * @param user the username.
    * @param mdName the canonical name of the SRP's message digest algorithm.
    * @return a string array containing, in this order, the BASE-64 encodings of
-   * the verifier, the salt and the index in the password configuration file of
-   * the MPIs N and g of the designated user.
+   *         the verifier, the salt and the index in the password configuration
+   *         file of the MPIs N and g of the designated user.
    */
   public synchronized String[] lookup(final String user, final String mdName)
       throws IOException
   {
     checkCurrent();
-    if (!entries.containsKey(user))
-      {
-        throw new NoSuchUserException(user);
-      }
+    if (! entries.containsKey(user))
+      throw new NoSuchUserException(user);
     final HashMap fields = (HashMap) entries.get(user);
     final HashMap verifiers = (HashMap) fields.get(VERIFIERS_FIELD);
     final String salt = (String) fields.get(SALT_FIELD);
@@ -436,8 +381,6 @@ public class PasswordFile
     return new String[] { verifier, salt, index };
   }
 
-  // Other instance methods --------------------------------------------------
-
   private synchronized void readOrCreateConf() throws IOException
   {
     configurations.clear();
@@ -469,13 +412,9 @@ public class PasswordFile
         finally
           {
             if (pw0 != null)
-              {
-                pw0.close();
-              }
+              pw0.close();
             else if (f0 != null)
-              {
-                f0.close();
-              }
+              f0.close();
           }
       }
   }
@@ -511,26 +450,27 @@ public class PasswordFile
       {
         ndx = (String) it.next();
         mpi = (String[]) configurations.get(ndx);
-        sb = new StringBuffer(ndx).append(":").append(mpi[0]).append(":").append(
-                                                                                 mpi[1]);
+        sb = new StringBuffer(ndx)
+            .append(":").append(mpi[0])
+            .append(":").append(mpi[1]);
         pw.println(sb.toString());
       }
   }
 
   /**
-   * <p>Compute the new verifiers for the designated username and password.</p>
-   *
-   * <p><b>IMPORTANT:</b> This method computes the verifiers as described in
+   * Compute the new verifiers for the designated username and password.
+   * <p>
+   * <b>IMPORTANT:</b> This method computes the verifiers as described in
    * RFC-2945, which differs from the description given on the web page for
-   * SRP-6.</p>
-   *
+   * SRP-6.
+   * 
    * @param user the user's name.
    * @param s the user's salt.
    * @param password the user's password
    * @param index the index of the &lt;N, g> pair to use for this user.
    * @return a {@link java.util.Map} of user verifiers.
    * @throws UnsupportedEncodingException if the US-ASCII decoder is not
-   * available on this platform.
+   *           available on this platform.
    */
   private HashMap newVerifiers(final String user, final byte[] s,
                                final String password, final String index)
@@ -540,7 +480,6 @@ public class PasswordFile
     final String[] mpi = (String[]) configurations.get(index);
     final BigInteger N = new BigInteger(1, Util.fromBase64(mpi[0]));
     final BigInteger g = new BigInteger(1, Util.fromBase64(mpi[1]));
-
     final HashMap result = new HashMap(srps.size());
     BigInteger x, v;
     SRP srp;
@@ -551,7 +490,6 @@ public class PasswordFile
         x = new BigInteger(1, srp.computeX(s, user, password));
         v = g.modPow(x, N);
         final String verifier = Util.toBase64(v.toByteArray());
-
         result.put(digestID, verifier);
       }
     return result;
@@ -560,7 +498,6 @@ public class PasswordFile
   private synchronized void update() throws IOException
   {
     entries.clear();
-
     FileInputStream fis;
     passwdFile = new File(pwName);
     lastmodPasswdFile = passwdFile.lastModified();
@@ -588,9 +525,7 @@ public class PasswordFile
   {
     if (passwdFile.lastModified() > lastmodPasswdFile
         || passwd2File.lastModified() > lastmodPasswd2File)
-      {
-        update();
-      }
+      update();
   }
 
   private void readPasswd(final InputStream in) throws IOException
@@ -612,16 +547,13 @@ public class PasswordFile
           {
             throw new IOException("SRP base password file corrupt");
           }
-
         final HashMap verifiers = new HashMap(6);
         verifiers.put("0", verifier);
-
         final HashMap fields = new HashMap(4);
         fields.put(USER_FIELD, user);
         fields.put(VERIFIERS_FIELD, verifiers);
         fields.put(SALT_FIELD, salt);
         fields.put(CONFIG_FIELD, index);
-
         entries.put(user, fields);
       }
   }
@@ -645,7 +577,6 @@ public class PasswordFile
           {
             throw new IOException("SRP extended password file corrupt");
           }
-
         fields = (HashMap) entries.get(user);
         if (fields != null)
           {
@@ -667,33 +598,28 @@ public class PasswordFile
       {
         user = (String) i.next();
         fields = (HashMap) entries.get(user);
-        if (!user.equals(fields.get(USER_FIELD)))
-          {
-            throw new IOException("Inconsistent SRP password data");
-          }
+        if (! user.equals(fields.get(USER_FIELD)))
+          throw new IOException("Inconsistent SRP password data");
         verifiers = (HashMap) fields.get(VERIFIERS_FIELD);
-        sb1 = new StringBuffer().append(user).append(":").append(
-                                                                 (String) verifiers.get("0")).append(
-                                                                                                     ":").append(
-                                                                                                                 (String) fields.get(SALT_FIELD)).append(
-                                                                                                                                                         ":").append(
-                                                                                                                                                                     (String) fields.get(CONFIG_FIELD));
+        sb1 = new StringBuffer(user)
+            .append(":").append((String) verifiers.get("0"))
+            .append(":").append((String) fields.get(SALT_FIELD))
+            .append(":").append((String) fields.get(CONFIG_FIELD));
         pw1.println(sb1.toString());
         // write extended information
         j = verifiers.keySet().iterator();
         while (j.hasNext())
           {
             digestID = (String) j.next();
-            if (!"0".equals(digestID))
+            if (! "0".equals(digestID))
               {
                 // #0 is the default digest, already present in tpasswd!
-                sb2 = new StringBuffer().append(digestID).append(":").append(
-                                                                             user).append(
-                                                                                          ":").append(
-                                                                                                      (String) verifiers.get(digestID));
+                sb2 = new StringBuffer(digestID)
+                    .append(":").append(user)
+                    .append(":").append((String) verifiers.get(digestID));
                 pw2.println(sb2.toString());
               }
           }
       }
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/srp/SRP.java b/libjava/classpath/gnu/javax/crypto/sasl/srp/SRP.java
index d3eb596d4c3..437e42a5a83 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/srp/SRP.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/srp/SRP.java
@@ -47,27 +47,18 @@ import java.math.BigInteger;
 import java.util.HashMap;
 
 /**
- * <p>A Factory class that returns SRP Singletons that know all SRP-related
+ * A Factory class that returns SRP Singletons that know all SRP-related
  * mathematical computations and protocol-related operations for both the
- * client- and server-sides.</p>
+ * client- and server-sides.
  */
 public final class SRP
 {
-
-  // Constants and variables
-  // --------------------------------------------------------------------------
-
   /** The map of already instantiated SRP algorithm instances. */
   private static final HashMap algorithms = new HashMap();
-
   private static final byte COLON = (byte) 0x3A;
-
   /** The underlying message digest algorithm used for all SRP calculations. */
   private IMessageDigest mda;
 
-  // Constructor(s)
-  // --------------------------------------------------------------------------
-
   /** Trivial private constructor to enforce Singleton pattern. */
   private SRP(final IMessageDigest mda)
   {
@@ -76,25 +67,18 @@ public final class SRP
     this.mda = mda;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns an instance of this object that uses the designated message
-   * digest algorithm as its digest function.</p>
-   *
+   * Returns an instance of this object that uses the designated message digest
+   * algorithm as its digest function.
+   * 
    * @return an instance of this object for the designated digest name.
    */
   public static synchronized SRP instance(String mdName)
   {
     if (mdName != null)
-      {
-        mdName = mdName.trim().toLowerCase();
-      }
+      mdName = mdName.trim().toLowerCase();
     if (mdName == null || mdName.equals(""))
-      {
-        mdName = SRPRegistry.SRP_DEFAULT_DIGEST_NAME;
-      }
+      mdName = SRPRegistry.SRP_DEFAULT_DIGEST_NAME;
     SRP result = (SRP) algorithms.get(mdName);
     if (result == null)
       {
@@ -110,31 +94,24 @@ public final class SRP
   {
     final byte[] result = new byte[length];
     for (int i = 0; i < length; ++i)
-      {
-        result[i] = (byte) (b1[i] ^ b2[i]);
-      }
+      result[i] = (byte)(b1[i] ^ b2[i]);
     return result;
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   /** @return the message digest algorithm name used by this instance. */
   public String getAlgorithm()
   {
     return mda.name();
   }
 
-  // Message Digest algorithm related methods --------------------------------
-
   /**
-   * <p>Returns a new instance of the SRP message digest algorithm --which is
+   * Returns a new instance of the SRP message digest algorithm --which is
    * SHA-160 by default, but could be anything else provided the proper
-   * conditions as specified in the SRP specifications.</p>
-   *
+   * conditions as specified in the SRP specifications.
+   * 
    * @return a new instance of the underlying SRP message digest algorithm.
    * @throws RuntimeException if the implementation of the message digest
-   * algorithm does not support cloning.
+   *           algorithm does not support cloning.
    */
   public IMessageDigest newDigest()
   {
@@ -142,12 +119,12 @@ public final class SRP
   }
 
   /**
-   * <p>Convenience method to return the result of digesting the designated
-   * input with a new instance of the SRP message digest algorithm.</p>
-   *
+   * Convenience method to return the result of digesting the designated input
+   * with a new instance of the SRP message digest algorithm.
+   * 
    * @param src some bytes to digest.
-   * @return the bytes constituting the result of digesting the designated
-   * input with a new instance of the SRP message digest algorithm.
+   * @return the bytes constituting the result of digesting the designated input
+   *         with a new instance of the SRP message digest algorithm.
    */
   public byte[] digest(final byte[] src)
   {
@@ -157,13 +134,13 @@ public final class SRP
   }
 
   /**
-   * <p>Convenience method to return the result of digesting the designated
-   * input with a new instance of the SRP message digest algorithm.</p>
-   *
+   * Convenience method to return the result of digesting the designated input
+   * with a new instance of the SRP message digest algorithm.
+   * 
    * @param src a String whose bytes (using US-ASCII encoding) are to be
-   * digested.
-   * @return the bytes constituting the result of digesting the designated
-   * input with a new instance of the SRP message digest algorithm.
+   *          digested.
+   * @return the bytes constituting the result of digesting the designated input
+   *         with a new instance of the SRP message digest algorithm.
    * @throws UnsupportedEncodingException if US-ASCII charset is not found.
    */
   public byte[] digest(final String src) throws UnsupportedEncodingException
@@ -171,17 +148,15 @@ public final class SRP
     return digest(src.getBytes("US-ASCII"));
   }
 
-  // Other methods -----------------------------------------------------------
-
   /**
-   * <p>Convenience method to XOR N bytes from two arrays; N being the output
-   * size of the SRP message digest algorithm.</p>
-   *
+   * Convenience method to XOR N bytes from two arrays; N being the output size
+   * of the SRP message digest algorithm.
+   * 
    * @param a the first byte array.
    * @param b the second one.
    * @return N bytes which are the result of the XOR operations on the first N
-   * bytes from the designated arrays. N is the size of the SRP message digest
-   * algorithm; eg. 20 for SHA-160.
+   *         bytes from the designated arrays. N is the size of the SRP message
+   *         digest algorithm; eg. 20 for SHA-160.
    */
   public byte[] xor(final byte[] a, final byte[] b)
   {
@@ -212,7 +187,6 @@ public final class SRP
     hash.update(b, 0, b.length);
     hash.update(cn, 0, cn.length);
     hash.update(cCB, 0, cCB.length);
-
     return hash.digest();
   }
 
@@ -235,14 +209,13 @@ public final class SRP
     b = digest(o);
     hash.update(b, 0, b.length);
     hash.update(sid, 0, sid.length);
-    hash.update((byte) (ttl >>> 24));
-    hash.update((byte) (ttl >>> 16));
-    hash.update((byte) (ttl >>> 8));
+    hash.update((byte)(ttl >>> 24));
+    hash.update((byte)(ttl >>> 16));
+    hash.update((byte)(ttl >>> 8));
     hash.update((byte) ttl);
     hash.update(cIV, 0, cIV.length);
     hash.update(sIV, 0, sIV.length);
     hash.update(sCB, 0, sCB.length);
-
     return hash.digest();
   }
 
@@ -252,7 +225,6 @@ public final class SRP
     hash.update(K, 0, K.length);
     hash.update(cn, 0, cn.length);
     hash.update(sn, 0, sn.length);
-
     return hash.digest();
   }
 
@@ -276,10 +248,8 @@ public final class SRP
     hash.update(COLON);
     hash.update(p, 0, p.length);
     final byte[] up = hash.digest();
-
     hash.update(s, 0, s.length);
     hash.update(up, 0, up.length);
-
     return hash.digest();
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/srp/SRPAuthInfoProvider.java b/libjava/classpath/gnu/javax/crypto/sasl/srp/SRPAuthInfoProvider.java
index 9ea21efb6c2..3a43a94a0b5 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/srp/SRPAuthInfoProvider.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/srp/SRPAuthInfoProvider.java
@@ -50,37 +50,21 @@ import java.util.Map;
 import javax.security.sasl.AuthenticationException;
 
 /**
- * <p>The SRP mechanism authentication information provider implementation.</p>
+ * The SRP mechanism authentication information provider implementation.
  */
-public class SRPAuthInfoProvider implements IAuthInfoProvider
+public class SRPAuthInfoProvider
+    implements IAuthInfoProvider
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   private PasswordFile passwordFile = null;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   // implicit 0-args constrcutor
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // IAuthInfoProvider interface implementation ------------------------------
-
   public void activate(Map context) throws AuthenticationException
   {
     try
       {
         if (context == null)
-          {
-            passwordFile = new PasswordFile();
-          }
+          passwordFile = new PasswordFile();
         else
           {
             passwordFile = (PasswordFile) context.get(SRPRegistry.PASSWORD_DB);
@@ -88,13 +72,9 @@ public class SRPAuthInfoProvider implements IAuthInfoProvider
               {
                 String pfn = (String) context.get(SRPRegistry.PASSWORD_FILE);
                 if (pfn == null)
-                  {
-                    passwordFile = new PasswordFile();
-                  }
+                  passwordFile = new PasswordFile();
                 else
-                  {
-                    passwordFile = new PasswordFile(pfn);
-                  }
+                  passwordFile = new PasswordFile(pfn);
               }
           }
       }
@@ -112,10 +92,8 @@ public class SRPAuthInfoProvider implements IAuthInfoProvider
   public boolean contains(String userName) throws AuthenticationException
   {
     if (passwordFile == null)
-      {
-        throw new AuthenticationException("contains()",
-                                          new IllegalStateException());
-      }
+      throw new AuthenticationException("contains()",
+                                        new IllegalStateException());
     boolean result = false;
     try
       {
@@ -131,20 +109,14 @@ public class SRPAuthInfoProvider implements IAuthInfoProvider
   public Map lookup(Map userID) throws AuthenticationException
   {
     if (passwordFile == null)
-      {
-        throw new AuthenticationException("lookup()",
-                                          new IllegalStateException());
-      }
+      throw new AuthenticationException("lookup()", new IllegalStateException());
     Map result = new HashMap();
     try
       {
         String userName = (String) userID.get(Registry.SASL_USERNAME);
         if (userName == null)
-          {
-            throw new NoSuchUserException("");
-          }
+          throw new NoSuchUserException("");
         String mdName = (String) userID.get(SRPRegistry.MD_NAME_FIELD);
-
         String[] data = passwordFile.lookup(userName, mdName);
         result.put(SRPRegistry.USER_VERIFIER_FIELD, data[0]);
         result.put(SRPRegistry.SALT_FIELD, data[1]);
@@ -153,9 +125,7 @@ public class SRPAuthInfoProvider implements IAuthInfoProvider
     catch (Exception x)
       {
         if (x instanceof AuthenticationException)
-          {
-            throw (AuthenticationException) x;
-          }
+          throw (AuthenticationException) x;
         throw new AuthenticationException("lookup()", x);
       }
     return result;
@@ -165,7 +135,6 @@ public class SRPAuthInfoProvider implements IAuthInfoProvider
   {
     if (passwordFile == null)
       throw new AuthenticationException("update()", new IllegalStateException());
-
     try
       {
         String userName = (String) userCredentials.get(Registry.SASL_USERNAME);
@@ -173,20 +142,14 @@ public class SRPAuthInfoProvider implements IAuthInfoProvider
         String salt = (String) userCredentials.get(SRPRegistry.SALT_FIELD);
         String config = (String) userCredentials.get(SRPRegistry.CONFIG_NDX_FIELD);
         if (salt == null || config == null)
-          {
-            passwordFile.changePasswd(userName, password);
-          }
+          passwordFile.changePasswd(userName, password);
         else
-          {
-            passwordFile.add(userName, password, Util.fromBase64(salt), config);
-          }
+          passwordFile.add(userName, password, Util.fromBase64(salt), config);
       }
     catch (Exception x)
       {
         if (x instanceof AuthenticationException)
-          {
-            throw (AuthenticationException) x;
-          }
+          throw (AuthenticationException) x;
         throw new AuthenticationException("update()", x);
       }
   }
@@ -194,10 +157,8 @@ public class SRPAuthInfoProvider implements IAuthInfoProvider
   public Map getConfiguration(String mode) throws AuthenticationException
   {
     if (passwordFile == null)
-      {
-        throw new AuthenticationException("getConfiguration()",
-                                          new IllegalStateException());
-      }
+      throw new AuthenticationException("getConfiguration()",
+                                        new IllegalStateException());
     Map result = new HashMap();
     try
       {
@@ -208,11 +169,9 @@ public class SRPAuthInfoProvider implements IAuthInfoProvider
     catch (Exception x)
       {
         if (x instanceof AuthenticationException)
-          {
-            throw (AuthenticationException) x;
-          }
+          throw (AuthenticationException) x;
         throw new AuthenticationException("getConfiguration()", x);
       }
     return result;
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/srp/SRPClient.java b/libjava/classpath/gnu/javax/crypto/sasl/srp/SRPClient.java
index 1a1664ff79d..f4ef4cc34c1 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/srp/SRPClient.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/srp/SRPClient.java
@@ -38,151 +38,91 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.sasl.srp;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.Registry;
 import gnu.java.security.hash.MD5;
 import gnu.java.security.util.PRNG;
 import gnu.java.security.util.Util;
-
+import gnu.javax.crypto.assembly.Direction;
+import gnu.javax.crypto.cipher.CipherFactory;
+import gnu.javax.crypto.cipher.IBlockCipher;
 import gnu.javax.crypto.key.IKeyAgreementParty;
 import gnu.javax.crypto.key.IncomingMessage;
-import gnu.javax.crypto.key.KeyAgreementFactory;
 import gnu.javax.crypto.key.KeyAgreementException;
+import gnu.javax.crypto.key.KeyAgreementFactory;
 import gnu.javax.crypto.key.OutgoingMessage;
 import gnu.javax.crypto.key.srp6.SRP6KeyAgreement;
-import gnu.javax.crypto.assembly.Direction;
-import gnu.javax.crypto.cipher.CipherFactory;
-import gnu.javax.crypto.cipher.IBlockCipher;
 import gnu.javax.crypto.sasl.ClientMechanism;
 import gnu.javax.crypto.sasl.IllegalMechanismStateException;
 import gnu.javax.crypto.sasl.InputBuffer;
 import gnu.javax.crypto.sasl.IntegrityException;
 import gnu.javax.crypto.sasl.OutputBuffer;
-
 import gnu.javax.security.auth.Password;
 
-import java.io.IOException;
-import java.io.PrintWriter;
 import java.io.ByteArrayOutputStream;
+import java.io.IOException;
 import java.io.UnsupportedEncodingException;
 import java.math.BigInteger;
 import java.security.NoSuchAlgorithmException;
 import java.util.Arrays;
 import java.util.HashMap;
 import java.util.StringTokenizer;
+import java.util.logging.Logger;
 
+import javax.security.auth.DestroyFailedException;
 import javax.security.auth.callback.Callback;
 import javax.security.auth.callback.NameCallback;
 import javax.security.auth.callback.PasswordCallback;
 import javax.security.auth.callback.UnsupportedCallbackException;
-import javax.security.auth.DestroyFailedException;
 import javax.security.sasl.AuthenticationException;
 import javax.security.sasl.SaslClient;
 import javax.security.sasl.SaslException;
 
 /**
- * <p>The SASL-SRP client-side mechanism.</p>
+ * The SASL-SRP client-side mechanism.
  */
-public class SRPClient extends ClientMechanism implements SaslClient
+public class SRPClient
+    extends ClientMechanism
+    implements SaslClient
 {
-
-  // Debugging methods and variables
-  // -------------------------------------------------------------------------
-
-  private static final String NAME = "SRPClient";
-
-  //   private static final String ERROR = "ERROR";
-  //   private static final String WARN =  " WARN";
-  private static final String INFO = " INFO";
-
-  private static final String TRACE = "DEBUG";
-
-  private static final boolean DEBUG = true;
-
-  private static final int debuglevel = 3;
-
-  private static final PrintWriter err = new PrintWriter(System.out, true);
-
-  private static void debug(final String level, final Object obj)
-  {
-    err.println("[" + level + "] " + NAME + ": " + String.valueOf(obj));
-  }
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  //   private static final HashMap uid2ctx = new HashMap();
-
+  private static final Logger log = Logger.getLogger(SRPClient.class.getName());
   private String uid; // the unique key for this type of client
-
   private String U; // the authentication identity
-
   BigInteger N, g, A, B;
-
   private Password password; // the authentication credentials
-
   private byte[] s; // the user's salt
-
   private byte[] cIV, sIV; // client+server IVs, when confidentiality is on
-
   private byte[] M1, M2; // client+server evidences
-
   private byte[] cn, sn; // client's and server's nonce
-
   private SRP srp; // SRP algorithm instance used by this client
-
   private byte[] sid; // session ID when re-used
-
   private int ttl; // session time-to-live in seconds
-
   private byte[] sCB; // the peer's channel binding data
-
   private String L; // available options
-
   private String o;
-
   private String chosenIntegrityAlgorithm;
-
   private String chosenConfidentialityAlgorithm;
-
   private int rawSendSize = Registry.SASL_BUFFER_MAX_LIMIT;
-
   private byte[] K; // shared session key
-
   private boolean replayDetection = true; // whether Replay Detection is on
-
   private int inCounter = 0; // messages sequence numbers
-
   private int outCounter = 0;
-
   private IALG inMac, outMac; // if !null, use for integrity
-
   private CALG inCipher, outCipher; // if !null, use for confidentiality
-
-  private IKeyAgreementParty clientHandler = KeyAgreementFactory.getPartyAInstance(Registry.SRP_SASL_KA);
-
+  private IKeyAgreementParty clientHandler =
+      KeyAgreementFactory.getPartyAInstance(Registry.SRP_SASL_KA);
   /** Our default source of randomness. */
   private PRNG prng = null;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public SRPClient()
   {
     super(Registry.SASL_SRP_MECHANISM);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // abstract methods implementation -----------------------------------------
-
   protected void initMechanism() throws SaslException
   {
-    // we shall keep track of the sid (and the security context of this
-    // SRP client) based on the initialisation parameters of an SRP session.
+    // we shall keep track of the sid (and the security context of this SRP
+    // client) based on the initialisation parameters of an SRP session.
     // we shall compute a unique key for those parameters and key the sid
     // (and the security context) accordingly.
     // 1. compute the mapping key. use MD5 (the fastest) for this purpose
@@ -195,9 +135,8 @@ public class SRPClient extends ClientMechanism implements SaslClient
     b = protocol.getBytes();
     md.update(b, 0, b.length);
     if (channelBinding.length > 0)
-      {
-        md.update(channelBinding, 0, channelBinding.length);
-      }
+      md.update(channelBinding, 0, channelBinding.length);
+
     uid = Util.toBase64(md.digest());
     if (ClientStore.instance().isAlive(uid))
       {
@@ -246,15 +185,12 @@ public class SRPClient extends ClientMechanism implements SaslClient
     sIV = null;
     inMac = outMac = null;
     inCipher = outCipher = null;
-
     sid = null;
     ttl = 0;
     cn = null;
     sn = null;
   }
 
-  // javax.security.sasl.SaslClient interface implementation -----------------
-
   public boolean hasInitialResponse()
   {
     return true;
@@ -282,7 +218,7 @@ public class SRPClient extends ClientMechanism implements SaslClient
           }
         return result;
       case 2: // should only occur if session re-use was rejected
-        if (!complete)
+        if (! complete)
           {
             state++;
             return receiveEvidence(challenge);
@@ -296,211 +232,139 @@ public class SRPClient extends ClientMechanism implements SaslClient
   protected byte[] engineUnwrap(final byte[] incoming, final int offset,
                                 final int len) throws SaslException
   {
-    if (DEBUG && debuglevel > 8)
-      debug(TRACE, "==> engineUnwrap()");
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "engineUnwrap");
     if (inMac == null && inCipher == null)
-      {
-        throw new IllegalStateException("connection is not protected");
-      }
-
+      throw new IllegalStateException("connection is not protected");
     // at this point one, or both, of confidentiality and integrity protection
     // services are active.
-
     final byte[] result;
     try
       {
-        //         final InputBuffer frameIn = InputBuffer.getInstance(incoming, offset, len);
-        //         result = frameIn.getEOS();
         if (inMac != null)
           { // integrity bytes are at the end of the stream
             final int macBytesCount = inMac.length();
             final int payloadLength = len - macBytesCount;
-            //            final byte[] received_mac = frameIn.getOS();
             final byte[] received_mac = new byte[macBytesCount];
             System.arraycopy(incoming, offset + payloadLength, received_mac, 0,
                              macBytesCount);
-            if (DEBUG && debuglevel > 6)
-              debug(TRACE, "Got C (received MAC): "
-                           + Util.dumpString(received_mac));
-            //            inMac.update(result);
+            if (Configuration.DEBUG)
+              log.fine("Got C (received MAC): " + Util.dumpString(received_mac));
             inMac.update(incoming, offset, payloadLength);
             if (replayDetection)
               {
                 inCounter++;
-                if (DEBUG && debuglevel > 6)
-                  debug(TRACE, "inCounter=" + String.valueOf(inCounter));
-                inMac.update(new byte[] { (byte) (inCounter >>> 24),
-                                         (byte) (inCounter >>> 16),
-                                         (byte) (inCounter >>> 8),
-                                         (byte) inCounter });
+                if (Configuration.DEBUG)
+                  log.fine("inCounter=" + inCounter);
+                inMac.update(new byte[] {
+                    (byte)(inCounter >>> 24),
+                    (byte)(inCounter >>> 16),
+                    (byte)(inCounter >>> 8),
+                    (byte) inCounter });
               }
-
             final byte[] computed_mac = inMac.doFinal();
-            if (DEBUG && debuglevel > 6)
-              debug(TRACE, "Computed MAC: " + Util.dumpString(computed_mac));
-            if (!Arrays.equals(received_mac, computed_mac))
-              {
-                throw new IntegrityException("engineUnwrap()");
-              }
-
+            if (Configuration.DEBUG)
+              log.fine("Computed MAC: " + Util.dumpString(computed_mac));
+            if (! Arrays.equals(received_mac, computed_mac))
+              throw new IntegrityException("engineUnwrap()");
             // deal with the payload, which can be either plain or encrypted
             if (inCipher != null)
-              {
-                result = inCipher.doFinal(incoming, offset, payloadLength);
-              }
+              result = inCipher.doFinal(incoming, offset, payloadLength);
             else
               {
                 result = new byte[len - macBytesCount];
                 System.arraycopy(incoming, offset, result, 0, result.length);
               }
           }
-        else
-          { // no integrity protection; just confidentiality
-          //            if (inCipher != null) {
-            result = inCipher.doFinal(incoming, offset, len);
-            //            } else {
-            //               result = new byte[len];
-            //               System.arraycopy(incoming, offset, result, 0, len);
-            //            }
-          }
-        //         if (inCipher != null) {
-        //            result = inCipher.doFinal(result);
-        //         }
+        else // no integrity protection; just confidentiality
+          result = inCipher.doFinal(incoming, offset, len);
       }
     catch (IOException x)
       {
         if (x instanceof SaslException)
-          {
-            throw (SaslException) x;
-          }
+          throw (SaslException) x;
         throw new SaslException("engineUnwrap()", x);
       }
-
-    if (DEBUG && debuglevel > 8)
-      debug(TRACE, "<== engineUnwrap()");
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "engineUnwrap");
     return result;
   }
 
   protected byte[] engineWrap(final byte[] outgoing, final int offset,
                               final int len) throws SaslException
   {
-    if (DEBUG && debuglevel > 8)
-      debug(TRACE, "==> engineWrap()");
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "engineWrap");
     if (outMac == null && outCipher == null)
-      {
-        throw new IllegalStateException("connection is not protected");
-      }
-
+      throw new IllegalStateException("connection is not protected");
     // at this point one, or both, of confidentiality and integrity protection
     // services are active.
-
-    //      byte[] data = new byte[len];
-    //      System.arraycopy(outgoing, offset, data, 0, len);
     byte[] result;
     try
       {
-        //         OutputBuffer frameOut = new OutputBuffer();
         final ByteArrayOutputStream out = new ByteArrayOutputStream();
         // Process the data
         if (outCipher != null)
           {
-            //            data = outCipher.doFinal(data);
             result = outCipher.doFinal(outgoing, offset, len);
-            if (DEBUG && debuglevel > 6)
-              debug(TRACE, "Encoding c (encrypted plaintext): "
-                           + Util.dumpString(result));
-
-            //            frameOut.setEOS(data);
+            if (Configuration.DEBUG)
+              log.fine("Encoding c (encrypted plaintext): "
+                       + Util.dumpString(result));
             out.write(result);
-
             if (outMac != null)
               {
                 outMac.update(result);
                 if (replayDetection)
                   {
                     outCounter++;
-                    if (DEBUG && debuglevel > 6)
-                      debug(TRACE, "outCounter=" + String.valueOf(outCounter));
-                    outMac.update(new byte[] { (byte) (outCounter >>> 24),
-                                              (byte) (outCounter >>> 16),
-                                              (byte) (outCounter >>> 8),
-                                              (byte) outCounter });
+                    if (Configuration.DEBUG)
+                      log.fine("outCounter=" + outCounter);
+                    outMac.update(new byte[] {
+                        (byte)(outCounter >>> 24),
+                        (byte)(outCounter >>> 16),
+                        (byte)(outCounter >>> 8),
+                        (byte) outCounter });
                   }
                 final byte[] C = outMac.doFinal();
-                //               frameOut.setOS(C);
                 out.write(C);
-                if (DEBUG && debuglevel > 6)
-                  debug(TRACE, "Encoding C (integrity checksum): "
-                               + Util.dumpString(C));
-              } // else confidentiality only; do nothing
+                if (Configuration.DEBUG)
+                  log.fine("Encoding C (integrity checksum): " + Util.dumpString(C));
+              }
+            // else confidentiality only; do nothing
           }
-        else
-          { // no confidentiality; just integrity [+ replay detection]
-          //            if (DEBUG && debuglevel > 6) debug(TRACE, "Encoding p (plaintext): "+Util.dumpString(data));
-            if (DEBUG && debuglevel > 6)
-              debug(TRACE, "Encoding p (plaintext): "
-                           + Util.dumpString(outgoing, offset, len));
-
-            //            frameOut.setEOS(data);
+        else // no confidentiality; just integrity [+ replay detection]
+          {
+            if (Configuration.DEBUG)
+              log.fine("Encoding p (plaintext): "
+                       + Util.dumpString(outgoing, offset, len));
             out.write(outgoing, offset, len);
-
-            //            if (outMac != null) {
-            //               outMac.update(data);
             outMac.update(outgoing, offset, len);
             if (replayDetection)
               {
                 outCounter++;
-                if (DEBUG && debuglevel > 6)
-                  debug(TRACE, "outCounter=" + String.valueOf(outCounter));
-                outMac.update(new byte[] { (byte) (outCounter >>> 24),
-                                          (byte) (outCounter >>> 16),
-                                          (byte) (outCounter >>> 8),
-                                          (byte) outCounter });
+                if (Configuration.DEBUG)
+                  log.fine("outCounter=" + outCounter);
+                outMac.update(new byte[] {
+                    (byte)(outCounter >>> 24),
+                    (byte)(outCounter >>> 16),
+                    (byte)(outCounter >>> 8),
+                    (byte) outCounter });
               }
             final byte[] C = outMac.doFinal();
-            //               frameOut.setOS(C);
             out.write(C);
-            if (DEBUG && debuglevel > 6)
-              debug(TRACE, "Encoding C (integrity checksum): "
-                           + Util.dumpString(C));
-            //            }
+            if (Configuration.DEBUG)
+              log.fine("Encoding C (integrity checksum): " + Util.dumpString(C));
           }
-
-        //         frameOut.setEOS(data);
-        //
-        //         if (outMac != null) {
-        //            outMac.update(data);
-        //            if (replayDetection) {
-        //               outCounter++;
-        //               if (DEBUG && debuglevel > 6) debug(TRACE, "outCounter="+String.valueOf(outCounter));
-        //               outMac.update(new byte[] {
-        //                  (byte)(outCounter >>> 24),
-        //                  (byte)(outCounter >>> 16),
-        //                  (byte)(outCounter >>>  8),
-        //                  (byte) outCounter });
-        //            }
-        //            byte[] C = outMac.doFinal();
-        //            frameOut.setOS(C);
-        //            if (DEBUG && debuglevel > 6) debug(TRACE, "Encoding C (integrity checksum): "+Util.dumpString(C));
-        //         }
-
-        //         result = frameOut.wrap();
         result = out.toByteArray();
-
       }
     catch (IOException x)
       {
         if (x instanceof SaslException)
-          {
-            throw (SaslException) x;
-          }
+          throw (SaslException) x;
         throw new SaslException("engineWrap()", x);
       }
-
-    if (DEBUG && debuglevel > 8)
-      debug(TRACE, "<== engineWrap()");
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "engineWrap");
     return result;
   }
 
@@ -509,13 +373,8 @@ public class SRPClient extends ClientMechanism implements SaslClient
     if (inMac != null)
       {
         if (inCipher != null)
-          {
-            return Registry.QOP_AUTH_CONF;
-          }
-        else
-          {
-            return Registry.QOP_AUTH_INT;
-          }
+          return Registry.QOP_AUTH_CONF;
+        return Registry.QOP_AUTH_INT;
       }
     return Registry.QOP_AUTH;
   }
@@ -525,13 +384,8 @@ public class SRPClient extends ClientMechanism implements SaslClient
     if (inMac != null)
       {
         if (inCipher != null)
-          {
-            return Registry.STRENGTH_HIGH;
-          }
-        else
-          {
-            return Registry.STRENGTH_MEDIUM;
-          }
+          return Registry.STRENGTH_HIGH;
+        return Registry.STRENGTH_MEDIUM;
       }
     return Registry.STRENGTH_LOW;
   }
@@ -546,23 +400,18 @@ public class SRPClient extends ClientMechanism implements SaslClient
     return Registry.REUSE_TRUE;
   }
 
-  // other methods -----------------------------------------------------------
-
   private byte[] sendIdentities() throws SaslException
   {
-    if (DEBUG && debuglevel > 8)
-      debug(TRACE, "==> sendIdentities()");
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "sendIdentities");
     // If necessary, prompt the client for the username and password
     getUsernameAndPassword();
-
-    if (DEBUG && debuglevel > 6)
-      debug(TRACE, "Password: \"" + new String(password.getPassword()) + "\"");
-    if (DEBUG && debuglevel > 6)
-      debug(TRACE, "Encoding U (username): \"" + U + "\"");
-    if (DEBUG && debuglevel > 6)
-      debug(TRACE, "Encoding I (userid): \"" + authorizationID + "\"");
-
+    if (Configuration.DEBUG)
+      {
+        log.fine("Password: \"" + new String(password.getPassword()) + "\"");
+        log.fine("Encoding U (username): \"" + U + "\"");
+        log.fine("Encoding I (userid): \"" + authorizationID + "\"");
+      }
     // if session re-use generate new 16-byte nonce
     if (sid.length != 0)
       {
@@ -570,10 +419,7 @@ public class SRPClient extends ClientMechanism implements SaslClient
         getDefaultPRNG().nextBytes(cn);
       }
     else
-      {
-        cn = new byte[0];
-      }
-
+      cn = new byte[0];
     final OutputBuffer frameOut = new OutputBuffer();
     try
       {
@@ -586,36 +432,30 @@ public class SRPClient extends ClientMechanism implements SaslClient
     catch (IOException x)
       {
         if (x instanceof SaslException)
-          {
-            throw (SaslException) x;
-          }
+          throw (SaslException) x;
         throw new AuthenticationException("sendIdentities()", x);
       }
     final byte[] result = frameOut.encode();
-    if (DEBUG && debuglevel > 8)
-      debug(TRACE, "<== sendIdentities()");
-    if (DEBUG && debuglevel > 2)
-      debug(INFO, "C: " + Util.dumpString(result));
-    if (DEBUG && debuglevel > 2)
-      debug(INFO, "  U = " + U);
-    if (DEBUG && debuglevel > 2)
-      debug(INFO, "  I = " + authorizationID);
-    if (DEBUG && debuglevel > 2)
-      debug(INFO, "sid = " + new String(sid));
-    if (DEBUG && debuglevel > 2)
-      debug(INFO, " cn = " + Util.dumpString(cn));
-    if (DEBUG && debuglevel > 2)
-      debug(INFO, "cCB = " + Util.dumpString(channelBinding));
+    if (Configuration.DEBUG)
+      {
+        log.fine("C: " + Util.dumpString(result));
+        log.fine("  U = " + U);
+        log.fine("  I = " + authorizationID);
+        log.fine("sid = " + new String(sid));
+        log.fine(" cn = " + Util.dumpString(cn));
+        log.fine("cCB = " + Util.dumpString(channelBinding));
+        log.exiting(this.getClass().getName(), "sendIdentities");
+      }
     return result;
   }
 
   private byte[] sendPublicKey(final byte[] input) throws SaslException
   {
-    if (DEBUG && debuglevel > 8)
-      debug(TRACE, "==> sendPublicKey()");
-    if (DEBUG && debuglevel > 6)
-      debug(TRACE, "S: " + Util.dumpString(input));
-
+    if (Configuration.DEBUG)
+      {
+        log.entering(this.getClass().getName(), "sendPublicKey");
+        log.fine("S: " + Util.dumpString(input));
+      }
     // Server sends [00], N, g, s, B, L
     // or [FF], sn, sCB
     final InputBuffer frameIn = new InputBuffer(input);
@@ -623,60 +463,50 @@ public class SRPClient extends ClientMechanism implements SaslClient
     try
       {
         ack = (int) frameIn.getScalar(1);
-        if (ack == 0x00)
-          { // new session
+        if (ack == 0x00) // new session
+          {
             N = frameIn.getMPI();
-            if (DEBUG && debuglevel > 6)
-              debug(TRACE, "Got N (modulus): " + Util.dump(N));
+            if (Configuration.DEBUG)
+              log.fine("Got N (modulus): " + Util.dump(N));
             g = frameIn.getMPI();
-            if (DEBUG && debuglevel > 6)
-              debug(TRACE, "Got g (generator): " + Util.dump(g));
+            if (Configuration.DEBUG)
+              log.fine("Got g (generator): " + Util.dump(g));
             s = frameIn.getOS();
-            if (DEBUG && debuglevel > 6)
-              debug(TRACE, "Got s (salt): " + Util.dumpString(s));
+            if (Configuration.DEBUG)
+              log.fine("Got s (salt): " + Util.dumpString(s));
             B = frameIn.getMPI();
-            if (DEBUG && debuglevel > 6)
-              debug(TRACE, "Got B (server ephermeral public key): "
-                           + Util.dump(B));
+            if (Configuration.DEBUG)
+              log.fine("Got B (server ephermeral public key): " + Util.dump(B));
             L = frameIn.getText();
-            if (DEBUG && debuglevel > 6)
-              debug(TRACE, "Got L (available options): \"" + L + "\"");
+            if (Configuration.DEBUG)
+              log.fine("Got L (available options): \"" + L + "\"");
           }
-        else if (ack == 0xFF)
-          { // session re-use
+        else if (ack == 0xFF) // session re-use
+          {
             sn = frameIn.getOS();
-            if (DEBUG && debuglevel > 6)
-              debug(TRACE, "Got sn (server nonce): " + Util.dumpString(sn));
+            if (Configuration.DEBUG)
+              log.fine("Got sn (server nonce): " + Util.dumpString(sn));
             sCB = frameIn.getEOS();
-            if (DEBUG && debuglevel > 6)
-              debug(TRACE, "Got sCB (server channel binding): "
-                           + Util.dumpString(sCB));
-          }
-        else
-          { // unexpected scalar
-            throw new SaslException("sendPublicKey(): Invalid scalar (" + ack
-                                    + ") in server's request");
+            if (Configuration.DEBUG)
+              log.fine("Got sCB (server channel binding): " + Util.dumpString(sCB));
           }
+        else // unexpected scalar
+          throw new SaslException("sendPublicKey(): Invalid scalar (" + ack
+                                  + ") in server's request");
       }
     catch (IOException x)
       {
         if (x instanceof SaslException)
-          {
-            throw (SaslException) x;
-          }
+          throw (SaslException) x;
         throw new SaslException("sendPublicKey()", x);
       }
-
     if (ack == 0x00)
       { // new session ---------------------------------------
         o = createO(L.toLowerCase()); // do this first to initialise the SRP hash
-
         final byte[] pBytes; // use ASCII encoding to inter-operate w/ non-java
         pBytes = password.getBytes();
-
         // ----------------------------------------------------------------------
         final HashMap mapA = new HashMap();
-        //         mapA.put(SRP6KeyAgreement.HASH_FUNCTION, srp.newDigest());
         mapA.put(SRP6KeyAgreement.HASH_FUNCTION, srp.getAlgorithm());
         mapA.put(SRP6KeyAgreement.USER_IDENTITY, U);
         mapA.put(SRP6KeyAgreement.USER_PASSWORD, pBytes);
@@ -689,9 +519,6 @@ public class SRPClient extends ClientMechanism implements SaslClient
           {
             throw new SaslException("sendPublicKey()", x);
           }
-
-        // ----------------------------------------------------------------------
-
         // -------------------------------------------------------------------
         try
           {
@@ -702,7 +529,6 @@ public class SRPClient extends ClientMechanism implements SaslClient
             out.writeMPI(B);
             IncomingMessage in = new IncomingMessage(out.toByteArray());
             out = clientHandler.processMessage(in);
-
             in = new IncomingMessage(out.toByteArray());
             A = in.readMPI();
             K = clientHandler.getSharedSecret();
@@ -712,13 +538,11 @@ public class SRPClient extends ClientMechanism implements SaslClient
             throw new SaslException("sendPublicKey()", x);
           }
         // -------------------------------------------------------------------
-
-        if (DEBUG && debuglevel > 6)
-          debug(TRACE, "K: " + Util.dumpString(K));
-        if (DEBUG && debuglevel > 6)
-          debug(TRACE, "Encoding A (client ephemeral public key): "
-                       + Util.dump(A));
-
+        if (Configuration.DEBUG)
+          {
+            log.fine("K: " + Util.dumpString(K));
+            log.fine("Encoding A (client ephemeral public key): " + Util.dump(A));
+          }
         try
           {
             M1 = srp.generateM1(N, g, U, s, A, B, K, authorizationID, L, cn,
@@ -728,13 +552,11 @@ public class SRPClient extends ClientMechanism implements SaslClient
           {
             throw new AuthenticationException("sendPublicKey()", x);
           }
-
-        if (DEBUG && debuglevel > 6)
-          debug(TRACE, "Encoding o (client chosen options): \"" + o + "\"");
-        if (DEBUG && debuglevel > 6)
-          debug(TRACE, "Encoding cIV (client IV): \"" + Util.dumpString(cIV)
-                       + "\"");
-
+        if (Configuration.DEBUG)
+          {
+            log.fine("Encoding o (client chosen options): \"" + o + "\"");
+            log.fine("Encoding cIV (client IV): \"" + Util.dumpString(cIV) + "\"");
+          }
         final OutputBuffer frameOut = new OutputBuffer();
         try
           {
@@ -746,74 +568,65 @@ public class SRPClient extends ClientMechanism implements SaslClient
         catch (IOException x)
           {
             if (x instanceof SaslException)
-              {
-                throw (SaslException) x;
-              }
+              throw (SaslException) x;
             throw new AuthenticationException("sendPublicKey()", x);
           }
         final byte[] result = frameOut.encode();
-        if (DEBUG && debuglevel > 8)
-          debug(TRACE, "<== sendPublicKey()");
-        if (DEBUG && debuglevel > 2)
-          debug(INFO, "New session, or session re-use rejected...");
-        if (DEBUG && debuglevel > 2)
-          debug(INFO, "C: " + Util.dumpString(result));
-        if (DEBUG && debuglevel > 2)
-          debug(INFO, "  A = 0x" + A.toString(16));
-        if (DEBUG && debuglevel > 2)
-          debug(INFO, " M1 = " + Util.dumpString(M1));
-        if (DEBUG && debuglevel > 2)
-          debug(INFO, "  o = " + o);
-        if (DEBUG && debuglevel > 2)
-          debug(INFO, "cIV = " + Util.dumpString(cIV));
-
+        if (Configuration.DEBUG)
+          {
+            log.fine("New session, or session re-use rejected...");
+            log.fine("C: " + Util.dumpString(result));
+            log.fine("  A = 0x" + A.toString(16));
+            log.fine(" M1 = " + Util.dumpString(M1));
+            log.fine("  o = " + o);
+            log.fine("cIV = " + Util.dumpString(cIV));
+            log.exiting(this.getClass().getName(), "sendPublicKey");
+          }
         return result;
       }
-    else
-      { // session re-use accepted -------------------------------------
+    else // session re-use accepted -------------------------------------------
+      {
         setupSecurityServices(true);
-        if (DEBUG && debuglevel > 8)
-          debug(TRACE, "<== sendPublicKey()");
-        if (DEBUG && debuglevel > 2)
-          debug(INFO, "Session re-use accepted...");
+        if (Configuration.DEBUG)
+          {
+            log.fine("Session re-use accepted...");
+            log.exiting(this.getClass().getName(), "sendPublicKey");
+          }
         return null;
       }
   }
 
   private byte[] receiveEvidence(byte[] input) throws SaslException
   {
-    if (DEBUG && debuglevel > 8)
-      debug(TRACE, "==> receiveEvidence()");
-    if (DEBUG && debuglevel > 6)
-      debug(TRACE, "S: " + Util.dumpString(input));
-
+    if (Configuration.DEBUG)
+      {
+        log.entering(this.getClass().getName(), "receiveEvidence");
+        log.fine("S: " + Util.dumpString(input));
+      }
     // Server send M2, sIV, sCB, sid, ttl
     final InputBuffer frameIn = new InputBuffer(input);
     try
       {
         M2 = frameIn.getOS();
-        if (DEBUG && debuglevel > 6)
-          debug(TRACE, "Got M2 (server evidence): " + Util.dumpString(M2));
+        if (Configuration.DEBUG)
+          log.fine("Got M2 (server evidence): " + Util.dumpString(M2));
         sIV = frameIn.getOS();
-        if (DEBUG && debuglevel > 6)
-          debug(TRACE, "Got sIV (server IV): " + Util.dumpString(sIV));
+        if (Configuration.DEBUG)
+          log.fine("Got sIV (server IV): " + Util.dumpString(sIV));
         sid = frameIn.getEOS();
-        if (DEBUG && debuglevel > 6)
-          debug(TRACE, "Got sid (session ID): " + new String(sid));
+        if (Configuration.DEBUG)
+          log.fine("Got sid (session ID): " + new String(sid));
         ttl = (int) frameIn.getScalar(4);
-        if (DEBUG && debuglevel > 6)
-          debug(TRACE, "Got ttl (session time-to-live): " + ttl + "sec.");
+        if (Configuration.DEBUG)
+          log.fine("Got ttl (session time-to-live): " + ttl + "sec.");
         sCB = frameIn.getEOS();
-        if (DEBUG && debuglevel > 6)
-          debug(TRACE, "Got sCB (server channel binding): "
-                       + Util.dumpString(sCB));
+        if (Configuration.DEBUG)
+          log.fine("Got sCB (server channel binding): " + Util.dumpString(sCB));
       }
     catch (IOException x)
       {
         if (x instanceof SaslException)
-          {
-            throw (SaslException) x;
-          }
+          throw (SaslException) x;
         throw new AuthenticationException("receiveEvidence()", x);
       }
 
@@ -827,18 +640,13 @@ public class SRPClient extends ClientMechanism implements SaslClient
       {
         throw new AuthenticationException("receiveEvidence()", x);
       }
-
-    if (DEBUG && debuglevel > 6)
-      debug(TRACE, "Expected: " + Util.dumpString(expected));
-    if (!Arrays.equals(M2, expected))
-      {
-        throw new AuthenticationException("M2 mismatch");
-      }
-
+    if (Configuration.DEBUG)
+      log.fine("Expected: " + Util.dumpString(expected));
+    if (! Arrays.equals(M2, expected))
+      throw new AuthenticationException("M2 mismatch");
     setupSecurityServices(false);
-
-    if (DEBUG && debuglevel > 8)
-      debug(TRACE, "<== receiveEvidence()");
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "receiveEvidence");
     return null;
   }
 
@@ -846,19 +654,15 @@ public class SRPClient extends ClientMechanism implements SaslClient
   {
     try
       {
-        if ((!properties.containsKey(Registry.SASL_USERNAME))
-            && (!properties.containsKey(Registry.SASL_PASSWORD)))
+        if ((! properties.containsKey(Registry.SASL_USERNAME))
+            && (! properties.containsKey(Registry.SASL_PASSWORD)))
           {
             final NameCallback nameCB;
             final String defaultName = System.getProperty("user.name");
             if (defaultName == null)
-              {
-                nameCB = new NameCallback("username: ");
-              }
+              nameCB = new NameCallback("username: ");
             else
-              {
-                nameCB = new NameCallback("username: ", defaultName);
-              }
+              nameCB = new NameCallback("username: ", defaultName);
             final PasswordCallback pwdCB = new PasswordCallback("password: ",
                                                                 false);
             handler.handle(new Callback[] { nameCB, pwdCB });
@@ -868,21 +672,15 @@ public class SRPClient extends ClientMechanism implements SaslClient
         else
           {
             if (properties.containsKey(Registry.SASL_USERNAME))
-              {
-                this.U = (String) properties.get(Registry.SASL_USERNAME);
-              }
+              this.U = (String) properties.get(Registry.SASL_USERNAME);
             else
               {
                 final NameCallback nameCB;
                 final String defaultName = System.getProperty("user.name");
                 if (defaultName == null)
-                  {
-                    nameCB = new NameCallback("username: ");
-                  }
+                  nameCB = new NameCallback("username: ");
                 else
-                  {
-                    nameCB = new NameCallback("username: ", defaultName);
-                  }
+                  nameCB = new NameCallback("username: ", defaultName);
                 this.handler.handle(new Callback[] { nameCB });
                 this.U = nameCB.getName();
               }
@@ -897,14 +695,12 @@ public class SRPClient extends ClientMechanism implements SaslClient
                 else if (pw instanceof String)
                   password = new Password(((String) pw).toCharArray());
                 else
-                  throw new IllegalArgumentException(
-                                                     pw.getClass().getName()
-                                                         + "is not a valid password class");
+                  throw new IllegalArgumentException(pw.getClass().getName()
+                                                     + "is not a valid password class");
               }
             else
               {
-                final PasswordCallback pwdCB = new PasswordCallback(
-                                                                    "password: ",
+                final PasswordCallback pwdCB = new PasswordCallback("password: ",
                                                                     false);
                 this.handler.handle(new Callback[] { pwdCB });
                 password = new Password(pwdCB.getPassword());
@@ -912,13 +708,9 @@ public class SRPClient extends ClientMechanism implements SaslClient
           }
 
         if (U == null)
-          {
-            throw new AuthenticationException("null username supplied");
-          }
+          throw new AuthenticationException("null username supplied");
         if (password == null)
-          {
-            throw new AuthenticationException("null password supplied");
-          }
+          throw new AuthenticationException("null password supplied");
       }
     catch (UnsupportedCallbackException x)
       {
@@ -935,9 +727,8 @@ public class SRPClient extends ClientMechanism implements SaslClient
   // to us by the client.
   private String createO(final String aol) throws AuthenticationException
   {
-    if (DEBUG && debuglevel > 8)
-      debug(TRACE, "==> createO(\"" + aol + "\")");
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "createO", aol);
     boolean replaydetectionAvailable = false;
     boolean integrityAvailable = false;
     boolean confidentialityAvailable = false;
@@ -945,7 +736,6 @@ public class SRPClient extends ClientMechanism implements SaslClient
     int i;
 
     String mdName = SRPRegistry.SRP_DEFAULT_DIGEST_NAME;
-
     final StringTokenizer st = new StringTokenizer(aol, ",");
     while (st.hasMoreTokens())
       {
@@ -953,55 +743,45 @@ public class SRPClient extends ClientMechanism implements SaslClient
         if (option.startsWith(SRPRegistry.OPTION_SRP_DIGEST + "="))
           {
             option = option.substring(option.indexOf('=') + 1);
-            if (DEBUG && debuglevel > 6)
-              debug(TRACE, "mda: <" + option + ">");
+            if (Configuration.DEBUG)
+              log.fine("mda: <" + option + ">");
             for (i = 0; i < SRPRegistry.INTEGRITY_ALGORITHMS.length; i++)
-              {
-                if (SRPRegistry.SRP_ALGORITHMS[i].equals(option))
-                  {
-                    mdName = option;
-                    break;
-                  }
-              }
+              if (SRPRegistry.SRP_ALGORITHMS[i].equals(option))
+                {
+                  mdName = option;
+                  break;
+                }
           }
         else if (option.equals(SRPRegistry.OPTION_REPLAY_DETECTION))
-          {
-            replaydetectionAvailable = true;
-          }
+          replaydetectionAvailable = true;
         else if (option.startsWith(SRPRegistry.OPTION_INTEGRITY + "="))
           {
             option = option.substring(option.indexOf('=') + 1);
-            if (DEBUG && debuglevel > 6)
-              debug(TRACE, "ialg: <" + option + ">");
+            if (Configuration.DEBUG)
+              log.fine("ialg: <" + option + ">");
             for (i = 0; i < SRPRegistry.INTEGRITY_ALGORITHMS.length; i++)
-              {
-                if (SRPRegistry.INTEGRITY_ALGORITHMS[i].equals(option))
-                  {
-                    chosenIntegrityAlgorithm = option;
-                    integrityAvailable = true;
-                    break;
-                  }
-              }
+              if (SRPRegistry.INTEGRITY_ALGORITHMS[i].equals(option))
+                {
+                  chosenIntegrityAlgorithm = option;
+                  integrityAvailable = true;
+                  break;
+                }
           }
         else if (option.startsWith(SRPRegistry.OPTION_CONFIDENTIALITY + "="))
           {
             option = option.substring(option.indexOf('=') + 1);
-            if (DEBUG && debuglevel > 6)
-              debug(TRACE, "calg: <" + option + ">");
+            if (Configuration.DEBUG)
+              log.fine("calg: <" + option + ">");
             for (i = 0; i < SRPRegistry.CONFIDENTIALITY_ALGORITHMS.length; i++)
-              {
-                if (SRPRegistry.CONFIDENTIALITY_ALGORITHMS[i].equals(option))
-                  {
-                    chosenConfidentialityAlgorithm = option;
-                    confidentialityAvailable = true;
-                    break;
-                  }
-              }
+              if (SRPRegistry.CONFIDENTIALITY_ALGORITHMS[i].equals(option))
+                {
+                  chosenConfidentialityAlgorithm = option;
+                  confidentialityAvailable = true;
+                  break;
+                }
           }
         else if (option.startsWith(SRPRegistry.OPTION_MANDATORY + "="))
-          {
-            mandatory = option.substring(option.indexOf('=') + 1);
-          }
+          mandatory = option.substring(option.indexOf('=') + 1);
         else if (option.startsWith(SRPRegistry.OPTION_MAX_BUFFER_SIZE + "="))
           {
             final String maxBufferSize = option.substring(option.indexOf('=') + 1);
@@ -1010,32 +790,27 @@ public class SRPClient extends ClientMechanism implements SaslClient
                 rawSendSize = Integer.parseInt(maxBufferSize);
                 if (rawSendSize > Registry.SASL_BUFFER_MAX_LIMIT
                     || rawSendSize < 1)
-                  {
-                    throw new AuthenticationException(
-                                                      "Illegal value for 'maxbuffersize' option");
-                  }
+                  throw new AuthenticationException(
+                      "Illegal value for 'maxbuffersize' option");
               }
             catch (NumberFormatException x)
               {
                 throw new AuthenticationException(
-                                                  SRPRegistry.OPTION_MAX_BUFFER_SIZE
-                                                      + "="
-                                                      + String.valueOf(maxBufferSize),
-                                                  x);
+                    SRPRegistry.OPTION_MAX_BUFFER_SIZE + "=" + maxBufferSize, x);
               }
           }
       }
-
-    replayDetection = replaydetectionAvailable
-                      && Boolean.valueOf(
-                                         (String) properties.get(SRPRegistry.SRP_REPLAY_DETECTION)).booleanValue();
-    boolean integrity = integrityAvailable
-                        && Boolean.valueOf(
-                                           (String) properties.get(SRPRegistry.SRP_INTEGRITY_PROTECTION)).booleanValue();
-    boolean confidentiality = confidentialityAvailable
-                              && Boolean.valueOf(
-                                                 (String) properties.get(SRPRegistry.SRP_CONFIDENTIALITY)).booleanValue();
-
+    String s;
+    Boolean flag;
+    s = (String) properties.get(SRPRegistry.SRP_REPLAY_DETECTION);
+    flag = Boolean.valueOf(s);
+    replayDetection = replaydetectionAvailable && flag.booleanValue();
+    s = (String) properties.get(SRPRegistry.SRP_INTEGRITY_PROTECTION);
+    flag = Boolean.valueOf(s);
+    boolean integrity = integrityAvailable && flag.booleanValue();
+    s = (String) properties.get(SRPRegistry.SRP_CONFIDENTIALITY);
+    flag = Boolean.valueOf(s);
+    boolean confidentiality = confidentialityAvailable && flag.booleanValue();
     // make sure we do the right thing
     if (SRPRegistry.OPTION_REPLAY_DETECTION.equals(mandatory))
       {
@@ -1043,95 +818,68 @@ public class SRPClient extends ClientMechanism implements SaslClient
         integrity = true;
       }
     else if (SRPRegistry.OPTION_INTEGRITY.equals(mandatory))
-      {
-        integrity = true;
-      }
+      integrity = true;
     else if (SRPRegistry.OPTION_CONFIDENTIALITY.equals(mandatory))
-      {
-        confidentiality = true;
-      }
+      confidentiality = true;
+
     if (replayDetection)
       {
         if (chosenIntegrityAlgorithm == null)
-          {
-            throw new AuthenticationException(
-                                              "Replay detection is required but no "
-                                                  + "integrity protection algorithm was chosen");
-          }
+          throw new AuthenticationException(
+              "Replay detection is required but no integrity protection "
+              + "algorithm was chosen");
       }
     if (integrity)
       {
         if (chosenIntegrityAlgorithm == null)
-          {
-            throw new AuthenticationException(
-                                              "Integrity protection is required but no "
-                                                  + "algorithm was chosen");
-          }
+          throw new AuthenticationException(
+              "Integrity protection is required but no algorithm was chosen");
       }
     if (confidentiality)
       {
         if (chosenConfidentialityAlgorithm == null)
-          {
-            throw new AuthenticationException(
-                                              "Confidentiality protection is required "
-                                                  + "but no algorithm was chosen");
-          }
+          throw new AuthenticationException(
+              "Confidentiality protection is required but no algorithm was chosen");
       }
-
     // 1. check if we'll be using confidentiality; if not set IV to 0-byte
     if (chosenConfidentialityAlgorithm == null)
-      {
-        cIV = new byte[0];
-      }
+      cIV = new byte[0];
     else
       {
         // 2. get the block size of the cipher
         final IBlockCipher cipher = CipherFactory.getInstance(chosenConfidentialityAlgorithm);
         if (cipher == null)
-          {
-            throw new AuthenticationException("createO()",
-                                              new NoSuchAlgorithmException());
-          }
+          throw new AuthenticationException("createO()",
+                                            new NoSuchAlgorithmException());
         final int blockSize = cipher.defaultBlockSize();
         // 3. generate random iv
         cIV = new byte[blockSize];
         getDefaultPRNG().nextBytes(cIV);
       }
-
     srp = SRP.instance(mdName);
-
     // Now create the options list specifying which of the available options
     // we have chosen.
 
     // For now we just select the defaults. Later we need to add support for
     // properties (perhaps in a file) where a user can specify the list of
     // algorithms they would prefer to use.
-
     final StringBuffer sb = new StringBuffer();
-    sb.append(SRPRegistry.OPTION_SRP_DIGEST).append("=").append(mdName).append(
-                                                                               ",");
+    sb.append(SRPRegistry.OPTION_SRP_DIGEST)
+      .append("=").append(mdName).append(",");
     if (replayDetection)
-      {
-        sb.append(SRPRegistry.OPTION_REPLAY_DETECTION).append(",");
-      }
+      sb.append(SRPRegistry.OPTION_REPLAY_DETECTION).append(",");
     if (integrity)
-      {
-        sb.append(SRPRegistry.OPTION_INTEGRITY).append("=").append(
-                                                                   chosenIntegrityAlgorithm).append(
-                                                                                                    ",");
-      }
+      sb.append(SRPRegistry.OPTION_INTEGRITY)
+        .append("=").append(chosenIntegrityAlgorithm).append(",");
     if (confidentiality)
-      {
-        sb.append(SRPRegistry.OPTION_CONFIDENTIALITY).append("=").append(
-                                                                         chosenConfidentialityAlgorithm).append(
-                                                                                                                ",");
-      }
-    final String result = sb.append(SRPRegistry.OPTION_MAX_BUFFER_SIZE).append(
-                                                                               "=").append(
-                                                                                           Registry.SASL_BUFFER_MAX_LIMIT).toString();
-
-    if (DEBUG && debuglevel > 8)
-      debug(TRACE, "<== createO() --> " + result);
+      sb.append(SRPRegistry.OPTION_CONFIDENTIALITY)
+        .append("=").append(chosenConfidentialityAlgorithm).append(",");
+
+    final String result = sb.append(SRPRegistry.OPTION_MAX_BUFFER_SIZE)
+                            .append("=").append(Registry.SASL_BUFFER_MAX_LIMIT)
+                            .toString();
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "createO", result);
     return result;
   }
 
@@ -1139,33 +887,30 @@ public class SRPClient extends ClientMechanism implements SaslClient
       throws SaslException
   {
     complete = true; // signal end of authentication phase
-    if (!sessionReUse)
+    if (! sessionReUse)
       {
         outCounter = inCounter = 0;
         // instantiate cipher if confidentiality protection filter is active
         if (chosenConfidentialityAlgorithm != null)
           {
-            if (DEBUG && debuglevel > 2)
-              debug(INFO, "Activating confidentiality protection filter");
+            if (Configuration.DEBUG)
+              log.fine("Activating confidentiality protection filter");
             inCipher = CALG.getInstance(chosenConfidentialityAlgorithm);
             outCipher = CALG.getInstance(chosenConfidentialityAlgorithm);
           }
         // instantiate hmacs if integrity protection filter is active
         if (chosenIntegrityAlgorithm != null)
           {
-            if (DEBUG && debuglevel > 2)
-              debug(INFO, "Activating integrity protection filter");
+            if (Configuration.DEBUG)
+              log.fine("Activating integrity protection filter");
             inMac = IALG.getInstance(chosenIntegrityAlgorithm);
             outMac = IALG.getInstance(chosenIntegrityAlgorithm);
           }
       }
-    else
-      { // same session new Keys
-        K = srp.generateKn(K, cn, sn);
-      }
+    else // same session new Keys
+      K = srp.generateKn(K, cn, sn);
 
     final KDF kdf = KDF.getInstance(K);
-
     // initialise in/out ciphers if confidentiality protection is used
     if (inCipher != null)
       {
@@ -1178,16 +923,13 @@ public class SRPClient extends ClientMechanism implements SaslClient
         inMac.init(kdf);
         outMac.init(kdf);
       }
-
     if (sid != null && sid.length != 0)
       { // update the security context and save in map
-        if (DEBUG && debuglevel > 2)
-          debug(INFO, "Updating security context for UID = " + uid);
-        ClientStore.instance().cacheSession(
-                                            uid,
+        if (Configuration.DEBUG)
+          log.fine("Updating security context for UID = " + uid);
+        ClientStore.instance().cacheSession(uid,
                                             ttl,
-                                            new SecurityContext(
-                                                                srp.getAlgorithm(),
+                                            new SecurityContext(srp.getAlgorithm(),
                                                                 sid,
                                                                 K,
                                                                 cIV,
@@ -1205,7 +947,6 @@ public class SRPClient extends ClientMechanism implements SaslClient
   {
     if (prng == null)
       prng = PRNG.getInstance();
-
     return prng;
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/srp/SRPRegistry.java b/libjava/classpath/gnu/javax/crypto/sasl/srp/SRPRegistry.java
index 262cbcba305..d474cb6f8c2 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/srp/SRPRegistry.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/srp/SRPRegistry.java
@@ -41,35 +41,29 @@ package gnu.javax.crypto.sasl.srp;
 import gnu.java.security.Registry;
 
 /**
- * <p>A list of key names designating the values exchanged between the server
- * and client in an SRP communication authentication phase.</p>
+ * A list of key names designating the values exchanged between the server
+ * and client in an SRP communication authentication phase.
  */
 public interface SRPRegistry
 {
-
   /** Indices of (N, g) parameter values for SRP (.conf) password database. */
   String N_2048_BITS = "1";
-
   String N_1536_BITS = "2";
-
   String N_1280_BITS = "3";
-
   String N_1024_BITS = "4";
-
   String N_768_BITS = "5";
-
   String N_640_BITS = "6";
-
   String N_512_BITS = "7";
-
   /** Available hash algorithms for all SRP calculations. */
-  String[] SRP_ALGORITHMS = { Registry.SHA160_HASH, // the default one
-                             Registry.MD5_HASH, Registry.RIPEMD128_HASH,
-                             Registry.RIPEMD160_HASH,
-
-                             Registry.SHA256_HASH, Registry.SHA384_HASH,
-                             Registry.SHA512_HASH };
-
+  String[] SRP_ALGORITHMS = {
+      Registry.SHA160_HASH, // the default one
+      Registry.MD5_HASH,
+      Registry.RIPEMD128_HASH,
+      Registry.RIPEMD160_HASH,
+
+      Registry.SHA256_HASH,
+      Registry.SHA384_HASH,
+      Registry.SHA512_HASH };
   /**
    * The name of the default message digest algorithm to use when no name is
    * explicitely given. In this implementation it is the <b>first</b> among
@@ -77,143 +71,95 @@ public interface SRPRegistry
    * 160-bit output.
    */
   String SRP_DEFAULT_DIGEST_NAME = SRP_ALGORITHMS[0];
-
   /**
    * The property name of the message digest algorithm name to use in a given
    * SRP incarnation.
    */
   String SRP_DIGEST_NAME = "srp.digest.name";
-
   /** The public shared modulus: n. */
   String SHARED_MODULUS = "srp.N";
-
   /** The GF generator used: g. */
   String FIELD_GENERATOR = "srp.g";
-
   /** The list of server's available security options. */
   String AVAILABLE_OPTIONS = "srp.L";
-
   /** The client's chosen security options. */
   String CHOSEN_OPTIONS = "srp.o";
-
   /** The client's username. */
   String USER_NAME = "srp.U";
-
   /** The client's authorization ID. */
   String USER_ROLE = "srp.I";
-
   /** The user's salt. */
   String USER_SALT = "srp.s";
-
   /** The user's password verifier. */
   String PASSWORD_VERIFIER = "srp.v";
-
   /** The client's public ephemeral exponent: A. */
   String CLIENT_PUBLIC_KEY = "srp.A";
-
   /** The server's public ephemeral exponent: B. */
   String SERVER_PUBLIC_KEY = "srp.B";
-
   /** The client's evidence: M1. */
   String CLIENT_EVIDENCE = "srp.M1";
-
   /** The server's evidence: M2. */
   String SERVER_EVIDENCE = "srp.M2";
-
   /** Name of underlying hash algorithm for use with all SRP calculations. */
   String SRP_HASH = "gnu.crypto.sasl.srp.hash";
-
   /** Name of SRP mandatory service property. */
   String SRP_MANDATORY = "gnu.crypto.sasl.srp.mandatory";
-
   /** Name of SRP replay detection property. */
   String SRP_REPLAY_DETECTION = "gnu.crypto.sasl.srp.replay.detection";
-
   /** Name of SRP integrity protection property. */
   String SRP_INTEGRITY_PROTECTION = "gnu.crypto.sasl.srp.integrity";
-
   /** Name of SRP confidentiality protection property. */
   String SRP_CONFIDENTIALITY = "gnu.crypto.sasl.srp.confidentiality";
-
   /** Name of the main SRP password file pathname property. */
   String PASSWORD_FILE = "gnu.crypto.sasl.srp.password.file";
-
   /**
    * Name of the SRP password database property --a reference to
-   * {@link gnu.crypto.sasl.srp.PasswordFile} object.
+   * {@link PasswordFile} object.
    */
   String PASSWORD_DB = "gnu.crypto.sasl.srp.password.db";
-
   /** Default fully qualified pathname of the SRP password file. */
   String DEFAULT_PASSWORD_FILE = "/etc/tpasswd";
-
   /** Default value for replay detection security service. */
   boolean DEFAULT_REPLAY_DETECTION = true;
-
   /** Default value for integrity protection security service. */
   boolean DEFAULT_INTEGRITY = true; // implied by the previous option
-
   /** Default value for confidentiality protection security service. */
   boolean DEFAULT_CONFIDENTIALITY = false;
-
   // constants defining HMAC names
   String HMAC_SHA1 = "hmac-sha1";
-
   String HMAC_MD5 = "hmac-md5";
-
   String HMAC_RIPEMD_160 = "hmac-ripemd-160";
-
   /** Available HMAC algorithms for integrity protection. */
   String[] INTEGRITY_ALGORITHMS = { HMAC_SHA1, HMAC_MD5, HMAC_RIPEMD_160 };
-
   // constants defining Cipher names
   String AES = "aes";
-
   String BLOWFISH = "blowfish";
-
   /** Available Cipher algorithms for confidentiality protection. */
   String[] CONFIDENTIALITY_ALGORITHMS = { AES, BLOWFISH };
-
   /** String for mandatory replay detection. */
   String OPTION_MANDATORY = "mandatory";
-
   /** String for mda: the SRP digest algorithm name. */
   String OPTION_SRP_DIGEST = "mda";
-
   /** String for mandatory replay detection. */
   String OPTION_REPLAY_DETECTION = "replay_detection";
-
   /** String for mandatory integrity protection. */
   String OPTION_INTEGRITY = "integrity";
-
   /** String for mandatory confidentiality protection. */
   String OPTION_CONFIDENTIALITY = "confidentiality";
-
   /** String for mandatory replay detection. */
   String OPTION_MAX_BUFFER_SIZE = "maxbuffersize";
-
   /** String for no mandatory security service. */
   String MANDATORY_NONE = "none";
-
   /** Default mandatory security service required. */
-  //   String DEFAULT_MANDATORY = MANDATORY_NONE;
   String DEFAULT_MANDATORY = OPTION_REPLAY_DETECTION;
-
-  //   String DEFAULT_MANDATORY = OPTION_INTEGRITY;
-  //   String DEFAULT_MANDATORY = OPTION_CONFIDENTIALITY;
-
   /** Name of the UID field in the plain password file. */
   String MD_NAME_FIELD = "srp.md.name";
-
   /** Name of the GID field in the plain password file. */
   String USER_VERIFIER_FIELD = "srp.user.verifier";
-
   /** Name of the GECOS field in the plain password file. */
   String SALT_FIELD = "srp.salt";
-
   /** Name of the SHELL field in the plain password file. */
   String CONFIG_NDX_FIELD = "srp.config.ndx";
-
   /** Minimum bitlength of the SRP public modulus. */
   int MINIMUM_MODULUS_BITLENGTH = 512;
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/srp/SRPServer.java b/libjava/classpath/gnu/javax/crypto/sasl/srp/SRPServer.java
index 672660b261c..ff7e4e9d689 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/srp/SRPServer.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/srp/SRPServer.java
@@ -38,18 +38,18 @@ exception statement from your version.  */
 
 package gnu.javax.crypto.sasl.srp;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.Registry;
 import gnu.java.security.util.PRNG;
 import gnu.java.security.util.Util;
-
 import gnu.javax.crypto.assembly.Direction;
 import gnu.javax.crypto.cipher.CipherFactory;
 import gnu.javax.crypto.cipher.IBlockCipher;
 import gnu.javax.crypto.key.IKeyAgreementParty;
-import gnu.javax.crypto.key.KeyAgreementFactory;
+import gnu.javax.crypto.key.IncomingMessage;
 import gnu.javax.crypto.key.KeyAgreementException;
+import gnu.javax.crypto.key.KeyAgreementFactory;
 import gnu.javax.crypto.key.OutgoingMessage;
-import gnu.javax.crypto.key.IncomingMessage;
 import gnu.javax.crypto.key.srp6.SRP6KeyAgreement;
 import gnu.javax.crypto.sasl.IllegalMechanismStateException;
 import gnu.javax.crypto.sasl.InputBuffer;
@@ -57,114 +57,58 @@ import gnu.javax.crypto.sasl.IntegrityException;
 import gnu.javax.crypto.sasl.OutputBuffer;
 import gnu.javax.crypto.sasl.ServerMechanism;
 
-import java.io.IOException;
-import java.io.PrintWriter;
 import java.io.ByteArrayOutputStream;
+import java.io.IOException;
 import java.io.UnsupportedEncodingException;
 import java.math.BigInteger;
 import java.util.Arrays;
 import java.util.HashMap;
 import java.util.StringTokenizer;
+import java.util.logging.Logger;
 
 import javax.security.sasl.AuthenticationException;
 import javax.security.sasl.SaslException;
 import javax.security.sasl.SaslServer;
 
 /**
- * <p>The SASL-SRP server-side mechanism.</p>
+ * The SASL-SRP server-side mechanism.
  */
-public class SRPServer extends ServerMechanism implements SaslServer
+public class SRPServer
+    extends ServerMechanism
+    implements SaslServer
 {
-
-  // Debugging methods and variables
-  // -------------------------------------------------------------------------
-
-  private static final String NAME = "SRPServer";
-
-  //   private static final String ERROR = "ERROR";
-  private static final String WARN = " WARN";
-
-  private static final String INFO = " INFO";
-
-  private static final String TRACE = "DEBUG";
-
-  private static final boolean DEBUG = true;
-
-  private static final int debuglevel = 3;
-
-  private static final PrintWriter err = new PrintWriter(System.out, true);
-
-  private static void debug(final String level, final Object obj)
-  {
-    err.println("[" + level + "] " + NAME + ": " + String.valueOf(obj));
-  }
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
+  private static final Logger log = Logger.getLogger(SRPServer.class.getName());
   private String U = null; // client's username
-
   private BigInteger N, g, A, B;
-
   private byte[] s; // salt
-
   private byte[] cIV, sIV; // client+server IVs, when confidentiality is on
-
   private byte[] cn, sn; // client's and server's nonce
-
   private SRP srp; // SRP algorithm instance used by this server
-
   private byte[] sid; // session ID when re-used
-
   private int ttl = 360; // session time-to-live in seconds
-
   private byte[] cCB; // peer's channel binding'
-
   private String mandatory; // List of available options
-
   private String L = null;
-
   private String o;
-
   private String chosenIntegrityAlgorithm;
-
   private String chosenConfidentialityAlgorithm;
-
   private int rawSendSize = Registry.SASL_BUFFER_MAX_LIMIT;
-
   private byte[] K; // shared session key
-
   private boolean replayDetection = true; // whether Replay Detection is on
-
   private int inCounter = 0; // messages sequence numbers
-
   private int outCounter = 0;
-
   private IALG inMac, outMac; // if !null, use for integrity
-
   private CALG inCipher, outCipher; // if !null, use for confidentiality
-
-  private IKeyAgreementParty serverHandler = KeyAgreementFactory.getPartyBInstance(Registry.SRP_SASL_KA);
-
+  private IKeyAgreementParty serverHandler =
+      KeyAgreementFactory.getPartyBInstance(Registry.SRP_SASL_KA);
   /** Our default source of randomness. */
   private PRNG prng = null;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   public SRPServer()
   {
     super(Registry.SASL_SRP_MECHANISM);
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // abstract methods implementation -----------------------------------------
-
   protected void initMechanism() throws SaslException
   {
     // TODO:
@@ -183,25 +127,20 @@ public class SRPServer extends ServerMechanism implements SaslServer
     K = null;
     inMac = outMac = null;
     inCipher = outCipher = null;
-
     sid = null;
   }
 
-  // javax.security.sasl.SaslServer interface implementation -----------------
-
   public byte[] evaluateResponse(final byte[] response) throws SaslException
   {
     switch (state)
       {
       case 0:
         if (response == null)
-          {
-            return null;
-          }
+          return null;
         state++;
         return sendProtocolElements(response);
       case 1:
-        if (!complete)
+        if (! complete)
           {
             state++;
             return sendEvidence(response);
@@ -215,65 +154,15 @@ public class SRPServer extends ServerMechanism implements SaslServer
   protected byte[] engineUnwrap(final byte[] incoming, final int offset,
                                 final int len) throws SaslException
   {
-    //      if (DEBUG && debuglevel > 8) debug(TRACE, "==> engineUnwrap()");
-    //
-    //      if (inMac == null && inCipher == null) {
-    //         throw new IllegalStateException("connection is not protected");
-    //      }
-    //
-    //      if (DEBUG && debuglevel > 6) debug(TRACE, "Incoming buffer (before security): "+Util.dumpString(incoming, offset, len));
-    //
-    //      byte[] data = null;
-    //      try {
-    //         InputBuffer frameIn = InputBuffer.getInstance(incoming, offset, len);
-    //         data = frameIn.getEOS();
-    //         if (inMac != null) {
-    //            byte[] received_mac = frameIn.getOS();
-    //            if (DEBUG && debuglevel > 6) debug(TRACE, "Got C (received MAC): "+Util.dumpString(received_mac));
-    //            inMac.update(data);
-    //            if (replayDetection) {
-    //               inCounter++;
-    //               if (DEBUG && debuglevel > 6) debug(TRACE, "inCounter="+String.valueOf(inCounter));
-    //               inMac.update(new byte[] {
-    //                  (byte)(inCounter >>> 24),
-    //                  (byte)(inCounter >>> 16),
-    //                  (byte)(inCounter >>>  8),
-    //                  (byte) inCounter });
-    //            }
-    //            final byte[] computed_mac = inMac.doFinal();
-    //            if (DEBUG && debuglevel > 6) debug(TRACE, "Computed MAC: "+Util.dumpString(computed_mac));
-    //            if (!Arrays.equals(received_mac, computed_mac))
-    //               throw new IntegrityException("engineUnwrap()");
-    //         }
-    //         if (inCipher != null) {
-    //            data = inCipher.doFinal(data);
-    //         }
-    //       } catch (IOException x) {
-    //          if (x instanceof SaslException) {
-    //             throw (SaslException) x;
-    //          }
-    //          throw new SaslException("engineUnwrap()", x);
-    //       }
-    //
-    //      if (DEBUG && debuglevel > 6) debug(TRACE, "Incoming buffer (after security): "+Util.dumpString(data));
-    //      if (DEBUG && debuglevel > 8) debug(TRACE, "<== engineUnwrap()");
-    //      return data;
-
-    if (DEBUG && debuglevel > 8)
-      debug(TRACE, "==> engineUnwrap()");
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "engineUnwrap");
     if (inMac == null && inCipher == null)
-      {
-        throw new IllegalStateException("connection is not protected");
-      }
-
-    if (DEBUG && debuglevel > 6)
-      debug(TRACE, "Incoming buffer (before security): "
-                   + Util.dumpString(incoming, offset, len));
-
+      throw new IllegalStateException("connection is not protected");
+    if (Configuration.DEBUG)
+      log.fine("Incoming buffer (before security): "
+               + Util.dumpString(incoming, offset, len));
     // at this point one, or both, of confidentiality and integrity protection
     // services are active.
-
     final byte[] result;
     try
       {
@@ -284,137 +173,67 @@ public class SRPServer extends ServerMechanism implements SaslServer
             final byte[] received_mac = new byte[macBytesCount];
             System.arraycopy(incoming, offset + payloadLength, received_mac, 0,
                              macBytesCount);
-            if (DEBUG && debuglevel > 6)
-              debug(TRACE, "Got C (received MAC): "
-                           + Util.dumpString(received_mac));
+            if (Configuration.DEBUG)
+              log.fine("Got C (received MAC): " + Util.dumpString(received_mac));
             inMac.update(incoming, offset, payloadLength);
             if (replayDetection)
               {
                 inCounter++;
-                if (DEBUG && debuglevel > 6)
-                  debug(TRACE, "inCounter=" + String.valueOf(inCounter));
-                inMac.update(new byte[] { (byte) (inCounter >>> 24),
-                                         (byte) (inCounter >>> 16),
-                                         (byte) (inCounter >>> 8),
-                                         (byte) inCounter });
+                if (Configuration.DEBUG)
+                  log.fine("inCounter=" + String.valueOf(inCounter));
+                inMac.update(new byte[] {
+                    (byte)(inCounter >>> 24),
+                    (byte)(inCounter >>> 16),
+                    (byte)(inCounter >>> 8),
+                    (byte) inCounter });
               }
-
             final byte[] computed_mac = inMac.doFinal();
-            if (DEBUG && debuglevel > 6)
-              debug(TRACE, "Computed MAC: " + Util.dumpString(computed_mac));
-            if (!Arrays.equals(received_mac, computed_mac))
-              {
-                throw new IntegrityException("engineUnwrap()");
-              }
-
+            if (Configuration.DEBUG)
+              log.fine("Computed MAC: " + Util.dumpString(computed_mac));
+            if (! Arrays.equals(received_mac, computed_mac))
+              throw new IntegrityException("engineUnwrap()");
             // deal with the payload, which can be either plain or encrypted
             if (inCipher != null)
-              {
-                result = inCipher.doFinal(incoming, offset, payloadLength);
-              }
+              result = inCipher.doFinal(incoming, offset, payloadLength);
             else
               {
                 result = new byte[payloadLength];
                 System.arraycopy(incoming, offset, result, 0, result.length);
               }
           }
-        else
-          { // no integrity protection; just confidentiality
-          //            if (inCipher != null) {
-            result = inCipher.doFinal(incoming, offset, len);
-            //            } else {
-            //               result = new byte[len];
-            //               System.arraycopy(incoming, offset, result, 0, len);
-            //            }
-          }
+        else // no integrity protection; just confidentiality
+          result = inCipher.doFinal(incoming, offset, len);
       }
     catch (IOException x)
       {
         if (x instanceof SaslException)
-          {
-            throw (SaslException) x;
-          }
+          throw (SaslException) x;
         throw new SaslException("engineUnwrap()", x);
       }
-    if (DEBUG && debuglevel > 6)
-      debug(TRACE, "Incoming buffer (after security): "
-                   + Util.dumpString(result));
-    if (DEBUG && debuglevel > 8)
-      debug(TRACE, "<== engineUnwrap()");
+    if (Configuration.DEBUG)
+      {
+        log.fine("Incoming buffer (after security): " + Util.dumpString(result));
+        log.exiting(this.getClass().getName(), "engineUnwrap");
+      }
     return result;
   }
 
   protected byte[] engineWrap(final byte[] outgoing, final int offset,
                               final int len) throws SaslException
   {
-    //      if (DEBUG && debuglevel > 8) debug(TRACE, "==> engineWrap()");
-    //
-    //      if (outMac == null && outCipher == null) {
-    //         throw new IllegalStateException("connection is not protected");
-    //      }
-    //
-    //      byte[] data = new byte[len];
-    //      System.arraycopy(outgoing, offset, data, 0, len);
-    //
-    //      if (DEBUG && debuglevel > 6) debug(TRACE, "Outgoing buffer (before security) (hex): "+Util.dumpString(data));
-    //      if (DEBUG && debuglevel > 6) debug(TRACE, "Outgoing buffer (before security) (str): \""+new String(data)+"\"");
-    //
-    //      final byte[] result;
-    //      try {
-    //         OutputBuffer frameOut = new OutputBuffer();
-    //         // Process the data
-    //         if (outCipher != null) {
-    //            data = outCipher.doFinal(data);
-    //            if (DEBUG && debuglevel > 6) debug(TRACE, "Encoding c (encrypted plaintext): "+Util.dumpString(data));
-    //         } else {
-    //            if (DEBUG && debuglevel > 6) debug(TRACE, "Encoding p (plaintext): "+Util.dumpString(data));
-    //         }
-    //         frameOut.setEOS(data);
-    //         if (outMac != null) {
-    //            outMac.update(data);
-    //            if (replayDetection) {
-    //               outCounter++;
-    //               if (DEBUG && debuglevel > 6) debug(TRACE, "outCounter="+String.valueOf(outCounter));
-    //               outMac.update(new byte[] {
-    //                  (byte)(outCounter >>> 24),
-    //                  (byte)(outCounter >>> 16),
-    //                  (byte)(outCounter >>>  8),
-    //                  (byte) outCounter});
-    //            }
-    //            byte[] C = outMac.doFinal();
-    //            frameOut.setOS(C);
-    //            if (DEBUG && debuglevel > 6) debug(TRACE, "Encoding C (integrity checksum): "+Util.dumpString(C));
-    //         }
-    //         result = frameOut.wrap();
-    //
-    //      } catch (IOException x) {
-    //         if (x instanceof SaslException) {
-    //            throw (SaslException) x;
-    //         }
-    //         throw new SaslException("engineWrap()", x);
-    //      }
-    //
-    //      if (DEBUG && debuglevel > 8) debug(TRACE, "<== engineWrap()");
-    //      return result;
-
-    if (DEBUG && debuglevel > 8)
-      debug(TRACE, "==> engineWrap()");
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "engineWrap");
     if (outMac == null && outCipher == null)
+      throw new IllegalStateException("connection is not protected");
+    if (Configuration.DEBUG)
       {
-        throw new IllegalStateException("connection is not protected");
+        log.fine("Outgoing buffer (before security) (hex): "
+                 + Util.dumpString(outgoing, offset, len));
+        log.fine("Outgoing buffer (before security) (str): \""
+                 + new String(outgoing, offset, len) + "\"");
       }
-
-    if (DEBUG && debuglevel > 6)
-      debug(TRACE, "Outgoing buffer (before security) (hex): "
-                   + Util.dumpString(outgoing, offset, len));
-    if (DEBUG && debuglevel > 6)
-      debug(TRACE, "Outgoing buffer (before security) (str): \""
-                   + new String(outgoing, offset, len) + "\"");
-
     // at this point one, or both, of confidentiality and integrity protection
     // services are active.
-
     byte[] result;
     try
       {
@@ -422,74 +241,64 @@ public class SRPServer extends ServerMechanism implements SaslServer
         if (outCipher != null)
           {
             result = outCipher.doFinal(outgoing, offset, len);
-            if (DEBUG && debuglevel > 6)
-              debug(TRACE, "Encoding c (encrypted plaintext): "
-                           + Util.dumpString(result));
-
+            if (Configuration.DEBUG)
+              log.fine("Encoding c (encrypted plaintext): "
+                       + Util.dumpString(result));
             out.write(result);
-
             if (outMac != null)
               {
                 outMac.update(result);
                 if (replayDetection)
                   {
                     outCounter++;
-                    if (DEBUG && debuglevel > 6)
-                      debug(TRACE, "outCounter=" + String.valueOf(outCounter));
-                    outMac.update(new byte[] { (byte) (outCounter >>> 24),
-                                              (byte) (outCounter >>> 16),
-                                              (byte) (outCounter >>> 8),
-                                              (byte) outCounter });
+                    if (Configuration.DEBUG)
+                      log.fine("outCounter=" + outCounter);
+                    outMac.update(new byte[] {
+                        (byte)(outCounter >>> 24),
+                        (byte)(outCounter >>> 16),
+                        (byte)(outCounter >>> 8),
+                        (byte) outCounter });
                   }
                 final byte[] C = outMac.doFinal();
                 out.write(C);
-                if (DEBUG && debuglevel > 6)
-                  debug(TRACE, "Encoding C (integrity checksum): "
-                               + Util.dumpString(C));
-              } // else ciphertext only; do nothing
+                if (Configuration.DEBUG)
+                  log.fine("Encoding C (integrity checksum): " + Util.dumpString(C));
+              }
+            // else ciphertext only; do nothing
           }
-        else
-          { // no confidentiality; just integrity [+ replay detection]
-            if (DEBUG && debuglevel > 6)
-              debug(TRACE, "Encoding p (plaintext): "
-                           + Util.dumpString(outgoing, offset, len));
-
+        else // no confidentiality; just integrity [+ replay detection]
+          {
+            if (Configuration.DEBUG)
+              log.fine("Encoding p (plaintext): "
+                       + Util.dumpString(outgoing, offset, len));
             out.write(outgoing, offset, len);
-
-            //            if (outMac != null) {
             outMac.update(outgoing, offset, len);
             if (replayDetection)
               {
                 outCounter++;
-                if (DEBUG && debuglevel > 6)
-                  debug(TRACE, "outCounter=" + String.valueOf(outCounter));
-                outMac.update(new byte[] { (byte) (outCounter >>> 24),
-                                          (byte) (outCounter >>> 16),
-                                          (byte) (outCounter >>> 8),
-                                          (byte) outCounter });
+                if (Configuration.DEBUG)
+                  log.fine("outCounter=" + outCounter);
+                outMac.update(new byte[] {
+                    (byte)(outCounter >>> 24),
+                    (byte)(outCounter >>> 16),
+                    (byte)(outCounter >>> 8),
+                    (byte) outCounter });
               }
             final byte[] C = outMac.doFinal();
             out.write(C);
-            if (DEBUG && debuglevel > 6)
-              debug(TRACE, "Encoding C (integrity checksum): "
-                           + Util.dumpString(C));
-            //            } // else plaintext only; do nothing
+            if (Configuration.DEBUG)
+              log.fine("Encoding C (integrity checksum): " + Util.dumpString(C));
           }
-
         result = out.toByteArray();
-
       }
     catch (IOException x)
       {
         if (x instanceof SaslException)
-          {
-            throw (SaslException) x;
-          }
+          throw (SaslException) x;
         throw new SaslException("engineWrap()", x);
       }
-
-    if (DEBUG && debuglevel > 8)
-      debug(TRACE, "<== engineWrap()");
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "engineWrap");
     return result;
   }
 
@@ -498,13 +307,8 @@ public class SRPServer extends ServerMechanism implements SaslServer
     if (inMac != null)
       {
         if (inCipher != null)
-          {
-            return Registry.QOP_AUTH_CONF;
-          }
-        else
-          {
-            return Registry.QOP_AUTH_INT;
-          }
+          return Registry.QOP_AUTH_CONF;
+        return Registry.QOP_AUTH_INT;
       }
     return Registry.QOP_AUTH;
   }
@@ -514,13 +318,8 @@ public class SRPServer extends ServerMechanism implements SaslServer
     if (inMac != null)
       {
         if (inCipher != null)
-          {
-            return Registry.STRENGTH_HIGH;
-          }
-        else
-          {
-            return Registry.STRENGTH_MEDIUM;
-          }
+          return Registry.STRENGTH_HIGH;
+        return Registry.STRENGTH_MEDIUM;
       }
     return Registry.STRENGTH_LOW;
   }
@@ -535,45 +334,39 @@ public class SRPServer extends ServerMechanism implements SaslServer
     return Registry.REUSE_TRUE;
   }
 
-  // other methods -----------------------------------------------------------
-
   private byte[] sendProtocolElements(final byte[] input) throws SaslException
   {
-    if (DEBUG && debuglevel > 8)
-      debug(TRACE, "==> sendProtocolElements()");
-    if (DEBUG && debuglevel > 6)
-      debug(TRACE, "C: " + Util.dumpString(input));
-
+    if (Configuration.DEBUG)
+      {
+        log.entering(this.getClass().getName(), "sendProtocolElements");
+        log.fine("C: " + Util.dumpString(input));
+      }
     // Client send U, I, sid, cn
     final InputBuffer frameIn = new InputBuffer(input);
     try
       {
         U = frameIn.getText(); // Extract username
-        if (DEBUG && debuglevel > 6)
-          debug(TRACE, "Got U (username): \"" + U + "\"");
+        if (Configuration.DEBUG)
+          log.fine("Got U (username): \"" + U + "\"");
         authorizationID = frameIn.getText(); // Extract authorisation ID
-        if (DEBUG && debuglevel > 6)
-          debug(TRACE, "Got I (userid): \"" + authorizationID + "\"");
+        if (Configuration.DEBUG)
+          log.fine("Got I (userid): \"" + authorizationID + "\"");
         sid = frameIn.getEOS();
-        if (DEBUG && debuglevel > 6)
-          debug(TRACE, "Got sid (session ID): " + new String(sid));
+        if (Configuration.DEBUG)
+          log.fine("Got sid (session ID): " + new String(sid));
         cn = frameIn.getOS();
-        if (DEBUG && debuglevel > 6)
-          debug(TRACE, "Got cn (client nonce): " + Util.dumpString(cn));
+        if (Configuration.DEBUG)
+          log.fine("Got cn (client nonce): " + Util.dumpString(cn));
         cCB = frameIn.getEOS();
-        if (DEBUG && debuglevel > 6)
-          debug(TRACE, "Got cCB (client channel binding): "
-                       + Util.dumpString(cCB));
+        if (Configuration.DEBUG)
+          log.fine("Got cCB (client channel binding): " + Util.dumpString(cCB));
       }
     catch (IOException x)
       {
         if (x instanceof SaslException)
-          {
-            throw (SaslException) x;
-          }
+          throw (SaslException) x;
         throw new AuthenticationException("sendProtocolElements()", x);
       }
-
     // do/can we re-use?
     if (ServerStore.instance().isAlive(sid))
       {
@@ -589,15 +382,10 @@ public class SRPServer extends ServerMechanism implements SaslServer
         outMac = ctx.getOutMac();
         inCipher = ctx.getInCipher();
         outCipher = ctx.getOutCipher();
-
         if (sn == null || sn.length != 16)
-          {
-            sn = new byte[16];
-          }
+          sn = new byte[16];
         getDefaultPRNG().nextBytes(sn);
-
         setupSecurityServices(false);
-
         final OutputBuffer frameOut = new OutputBuffer();
         try
           {
@@ -608,34 +396,27 @@ public class SRPServer extends ServerMechanism implements SaslServer
         catch (IOException x)
           {
             if (x instanceof SaslException)
-              {
-                throw (SaslException) x;
-              }
+              throw (SaslException) x;
             throw new AuthenticationException("sendProtocolElements()", x);
           }
         final byte[] result = frameOut.encode();
-        if (DEBUG && debuglevel > 8)
-          debug(TRACE, "<== sendProtocolElements()");
-        if (DEBUG && debuglevel > 2)
-          debug(INFO, "Old session...");
-        if (DEBUG && debuglevel > 2)
-          debug(INFO, "S: " + Util.dumpString(result));
-        if (DEBUG && debuglevel > 2)
-          debug(INFO, "  sn = " + Util.dumpString(sn));
-        if (DEBUG && debuglevel > 2)
-          debug(INFO, " sCB = " + Util.dumpString(channelBinding));
+        if (Configuration.DEBUG)
+          {
+            log.fine("Old session...");
+            log.fine("S: " + Util.dumpString(result));
+            log.fine("  sn = " + Util.dumpString(sn));
+            log.fine(" sCB = " + Util.dumpString(channelBinding));
+            log.exiting(this.getClass().getName(), "sendProtocolElements");
+          }
         return result;
       }
     else
       { // new session
         authenticator.activate(properties);
-
         // -------------------------------------------------------------------
         final HashMap mapB = new HashMap();
-        //         mapB.put(SRP6KeyAgreement.HASH_FUNCTION,    srp.newDigest());
         mapB.put(SRP6KeyAgreement.HASH_FUNCTION, srp.getAlgorithm());
         mapB.put(SRP6KeyAgreement.HOST_PASSWORD_DB, authenticator);
-
         try
           {
             serverHandler.init(mapB);
@@ -643,7 +424,6 @@ public class SRPServer extends ServerMechanism implements SaslServer
             out.writeString(U);
             IncomingMessage in = new IncomingMessage(out.toByteArray());
             out = serverHandler.processMessage(in);
-
             in = new IncomingMessage(out.toByteArray());
             N = in.readMPI();
             g = in.readMPI();
@@ -655,26 +435,22 @@ public class SRPServer extends ServerMechanism implements SaslServer
             throw new SaslException("sendProtocolElements()", x);
           }
         // -------------------------------------------------------------------
-
-        if (DEBUG && debuglevel > 6)
-          debug(TRACE, "Encoding N (modulus): " + Util.dump(N));
-        if (DEBUG && debuglevel > 6)
-          debug(TRACE, "Encoding g (generator): " + Util.dump(g));
-        if (DEBUG && debuglevel > 6)
-          debug(TRACE, "Encoding s (client's salt): " + Util.dumpString(s));
-        if (DEBUG && debuglevel > 6)
-          debug(TRACE, "Encoding B (server ephemeral public key): "
-                       + Util.dump(B));
-
+        if (Configuration.DEBUG)
+          {
+            log.fine("Encoding N (modulus): " + Util.dump(N));
+            log.fine("Encoding g (generator): " + Util.dump(g));
+            log.fine("Encoding s (client's salt): " + Util.dumpString(s));
+            log.fine("Encoding B (server ephemeral public key): " + Util.dump(B));
+          }
         // The server creates an options list (L), which consists of a
         // comma-separated list of option strings that specify the security
         // service options the server supports.
         L = createL();
-        if (DEBUG && debuglevel > 6)
-          debug(TRACE, "Encoding L (available options): \"" + L + "\"");
-        if (DEBUG && debuglevel > 6)
-          debug(TRACE, "Encoding sIV (server IV): " + Util.dumpString(sIV));
-
+        if (Configuration.DEBUG)
+          {
+            log.fine("Encoding L (available options): \"" + L + "\"");
+            log.fine("Encoding sIV (server IV): " + Util.dumpString(sIV));
+          }
         final OutputBuffer frameOut = new OutputBuffer();
         try
           {
@@ -688,69 +464,58 @@ public class SRPServer extends ServerMechanism implements SaslServer
         catch (IOException x)
           {
             if (x instanceof SaslException)
-              {
-                throw (SaslException) x;
-              }
+              throw (SaslException) x;
             throw new AuthenticationException("sendProtocolElements()", x);
           }
         final byte[] result = frameOut.encode();
-        if (DEBUG && debuglevel > 8)
-          debug(TRACE, "<== sendProtocolElements()");
-        if (DEBUG && debuglevel > 2)
-          debug(INFO, "New session...");
-        if (DEBUG && debuglevel > 2)
-          debug(INFO, "S: " + Util.dumpString(result));
-        if (DEBUG && debuglevel > 2)
-          debug(INFO, "   N = 0x" + N.toString(16));
-        if (DEBUG && debuglevel > 2)
-          debug(INFO, "   g = 0x" + g.toString(16));
-        if (DEBUG && debuglevel > 2)
-          debug(INFO, "   s = " + Util.dumpString(s));
-        if (DEBUG && debuglevel > 2)
-          debug(INFO, "   B = 0x" + B.toString(16));
-        if (DEBUG && debuglevel > 2)
-          debug(INFO, "   L = " + L);
+        if (Configuration.DEBUG)
+          {
+            log.fine("New session...");
+            log.fine("S: " + Util.dumpString(result));
+            log.fine("   N = 0x" + N.toString(16));
+            log.fine("   g = 0x" + g.toString(16));
+            log.fine("   s = " + Util.dumpString(s));
+            log.fine("   B = 0x" + B.toString(16));
+            log.fine("   L = " + L);
+            log.exiting(this.getClass().getName(), "sendProtocolElements");
+          }
         return result;
       }
   }
 
   private byte[] sendEvidence(final byte[] input) throws SaslException
   {
-    if (DEBUG && debuglevel > 8)
-      debug(TRACE, "==> sendEvidence()");
-    if (DEBUG && debuglevel > 6)
-      debug(TRACE, "C: " + Util.dumpString(input));
-
+    if (Configuration.DEBUG)
+      {
+        log.entering(this.getClass().getName(), "sendEvidence");
+        log.fine("C: " + Util.dumpString(input));
+      }
     // Client send A, M1, o, cIV
     final InputBuffer frameIn = new InputBuffer(input);
     final byte[] M1;
     try
       {
         A = frameIn.getMPI(); // Extract client's ephemeral public key
-        if (DEBUG && debuglevel > 6)
-          debug(TRACE, "Got A (client ephemeral public key): " + Util.dump(A));
+        if (Configuration.DEBUG)
+          log.fine("Got A (client ephemeral public key): " + Util.dump(A));
         M1 = frameIn.getOS(); // Extract evidence
-        if (DEBUG && debuglevel > 6)
-          debug(TRACE, "Got M1 (client evidence): " + Util.dumpString(M1));
+        if (Configuration.DEBUG)
+          log.fine("Got M1 (client evidence): " + Util.dumpString(M1));
         o = frameIn.getText(); // Extract client's options list
-        if (DEBUG && debuglevel > 6)
-          debug(TRACE, "Got o (client chosen options): \"" + o + "\"");
+        if (Configuration.DEBUG)
+          log.fine("Got o (client chosen options): \"" + o + "\"");
         cIV = frameIn.getOS(); // Extract client's IV
-        if (DEBUG && debuglevel > 6)
-          debug(TRACE, "Got cIV (client IV): " + Util.dumpString(cIV));
+        if (Configuration.DEBUG)
+          log.fine("Got cIV (client IV): " + Util.dumpString(cIV));
       }
     catch (IOException x)
       {
         if (x instanceof SaslException)
-          {
-            throw (SaslException) x;
-          }
+          throw (SaslException) x;
         throw new AuthenticationException("sendEvidence()", x);
       }
-
     // Parse client's options and set security layer variables
     parseO(o);
-
     // ----------------------------------------------------------------------
     try
       {
@@ -765,10 +530,8 @@ public class SRPServer extends ServerMechanism implements SaslServer
         throw new SaslException("sendEvidence()", x);
       }
     // ----------------------------------------------------------------------
-
-    if (DEBUG && debuglevel > 6)
-      debug(TRACE, "K: " + Util.dumpString(K));
-
+    if (Configuration.DEBUG)
+      log.fine("K: " + Util.dumpString(K));
     final byte[] expected;
     try
       {
@@ -779,15 +542,10 @@ public class SRPServer extends ServerMechanism implements SaslServer
       {
         throw new AuthenticationException("sendEvidence()", x);
       }
-
     // Verify client evidence
-    if (!Arrays.equals(M1, expected))
-      {
-        throw new AuthenticationException("M1 mismatch");
-      }
-
+    if (! Arrays.equals(M1, expected))
+      throw new AuthenticationException("M1 mismatch");
     setupSecurityServices(true);
-
     final byte[] M2;
     try
       {
@@ -798,7 +556,6 @@ public class SRPServer extends ServerMechanism implements SaslServer
       {
         throw new AuthenticationException("sendEvidence()", x);
       }
-
     final OutputBuffer frameOut = new OutputBuffer();
     try
       {
@@ -811,93 +568,71 @@ public class SRPServer extends ServerMechanism implements SaslServer
     catch (IOException x)
       {
         if (x instanceof SaslException)
-          {
-            throw (SaslException) x;
-          }
+          throw (SaslException) x;
         throw new AuthenticationException("sendEvidence()", x);
       }
     final byte[] result = frameOut.encode();
-    if (DEBUG && debuglevel > 2)
-      debug(INFO, "S: " + Util.dumpString(result));
-    if (DEBUG && debuglevel > 2)
-      debug(INFO, "  M2 = " + Util.dumpString(M2));
-    if (DEBUG && debuglevel > 2)
-      debug(INFO, " sIV = " + Util.dumpString(sIV));
-    if (DEBUG && debuglevel > 2)
-      debug(INFO, " sid = " + new String(sid));
-    if (DEBUG && debuglevel > 2)
-      debug(INFO, " ttl = " + ttl);
-    if (DEBUG && debuglevel > 2)
-      debug(INFO, " sCB = " + Util.dumpString(channelBinding));
-
-    if (DEBUG && debuglevel > 8)
-      debug(TRACE, "<== sendEvidence()");
+    if (Configuration.DEBUG)
+      {
+        log.fine("S: " + Util.dumpString(result));
+        log.fine("  M2 = " + Util.dumpString(M2));
+        log.fine(" sIV = " + Util.dumpString(sIV));
+        log.fine(" sid = " + new String(sid));
+        log.fine(" ttl = " + ttl);
+        log.fine(" sCB = " + Util.dumpString(channelBinding));
+        log.exiting(this.getClass().getName(), "sendEvidence");
+      }
     return result;
   }
 
   private String createL()
   {
-    if (DEBUG && debuglevel > 8)
-      debug(TRACE, "==> createL()");
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "createL()");
     String s = (String) properties.get(SRPRegistry.SRP_MANDATORY);
     if (s == null)
+      s = SRPRegistry.DEFAULT_MANDATORY;
+
+    if (! SRPRegistry.MANDATORY_NONE.equals(s)
+        && ! SRPRegistry.OPTION_REPLAY_DETECTION.equals(s)
+        && ! SRPRegistry.OPTION_INTEGRITY.equals(s)
+        && ! SRPRegistry.OPTION_CONFIDENTIALITY.equals(s))
       {
+        if (Configuration.DEBUG)
+          log.fine("Unrecognised mandatory option (" + s + "). Using default...");
         s = SRPRegistry.DEFAULT_MANDATORY;
       }
-    if (!SRPRegistry.MANDATORY_NONE.equals(s)
-        && !SRPRegistry.OPTION_REPLAY_DETECTION.equals(s)
-        && !SRPRegistry.OPTION_INTEGRITY.equals(s)
-        && !SRPRegistry.OPTION_CONFIDENTIALITY.equals(s))
-      {
-        if (DEBUG && debuglevel > 4)
-          debug(WARN, "Unrecognised mandatory option (" + s
-                      + "). Using default...");
-        s = SRPRegistry.DEFAULT_MANDATORY;
-      }
-
     mandatory = s;
-
     s = (String) properties.get(SRPRegistry.SRP_CONFIDENTIALITY);
     final boolean confidentiality = (s == null ? SRPRegistry.DEFAULT_CONFIDENTIALITY
-                                              : Boolean.valueOf(s).booleanValue());
-
+                                               : Boolean.valueOf(s).booleanValue());
     s = (String) properties.get(SRPRegistry.SRP_INTEGRITY_PROTECTION);
     boolean integrity = (s == null ? SRPRegistry.DEFAULT_INTEGRITY
-                                  : Boolean.valueOf(s).booleanValue());
-
+                                   : Boolean.valueOf(s).booleanValue());
     s = (String) properties.get(SRPRegistry.SRP_REPLAY_DETECTION);
     final boolean replayDetection = (s == null ? SRPRegistry.DEFAULT_REPLAY_DETECTION
-                                              : Boolean.valueOf(s).booleanValue());
-
+                                               : Boolean.valueOf(s).booleanValue());
     final StringBuffer sb = new StringBuffer();
-    sb.append(SRPRegistry.OPTION_SRP_DIGEST).append("=").append(
-                                                                srp.getAlgorithm()).append(
-                                                                                           ",");
+    sb.append(SRPRegistry.OPTION_SRP_DIGEST).append("=")
+      .append(srp.getAlgorithm()).append(",");
+
+    if (! SRPRegistry.MANDATORY_NONE.equals(mandatory))
+      sb.append(SRPRegistry.OPTION_MANDATORY)
+        .append("=").append(mandatory).append(",");
 
-    if (!SRPRegistry.MANDATORY_NONE.equals(mandatory))
-      {
-        sb.append(SRPRegistry.OPTION_MANDATORY).append("=").append(mandatory).append(
-                                                                                     ",");
-      }
     if (replayDetection)
       {
         sb.append(SRPRegistry.OPTION_REPLAY_DETECTION).append(",");
         // if replay detection is on then force integrity protection
         integrity = true;
       }
-
     int i;
     if (integrity)
       {
         for (i = 0; i < SRPRegistry.INTEGRITY_ALGORITHMS.length; i++)
-          {
-            sb.append(SRPRegistry.OPTION_INTEGRITY).append("=").append(
-                                                                       SRPRegistry.INTEGRITY_ALGORITHMS[i]).append(
-                                                                                                                   ",");
-          }
+          sb.append(SRPRegistry.OPTION_INTEGRITY).append("=")
+            .append(SRPRegistry.INTEGRITY_ALGORITHMS[i]).append(",");
       }
-
     if (confidentiality)
       {
         IBlockCipher cipher;
@@ -905,19 +640,15 @@ public class SRPServer extends ServerMechanism implements SaslServer
           {
             cipher = CipherFactory.getInstance(SRPRegistry.CONFIDENTIALITY_ALGORITHMS[i]);
             if (cipher != null)
-              {
-                sb.append(SRPRegistry.OPTION_CONFIDENTIALITY).append("=").append(
-                                                                                 SRPRegistry.CONFIDENTIALITY_ALGORITHMS[i]).append(
-                                                                                                                                   ",");
-              }
+              sb.append(SRPRegistry.OPTION_CONFIDENTIALITY).append("=")
+                .append(SRPRegistry.CONFIDENTIALITY_ALGORITHMS[i]).append(",");
           }
       }
-
-    final String result = sb.append(SRPRegistry.OPTION_MAX_BUFFER_SIZE).append(
-                                                                               "=").append(
-                                                                                           Registry.SASL_BUFFER_MAX_LIMIT).toString();
-    if (DEBUG && debuglevel > 8)
-      debug(TRACE, "<== createL()");
+    final String result = sb.append(SRPRegistry.OPTION_MAX_BUFFER_SIZE)
+                            .append("=").append(Registry.SASL_BUFFER_MAX_LIMIT)
+                            .toString();
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "createL");
     return result;
   }
 
@@ -934,69 +665,51 @@ public class SRPServer extends ServerMechanism implements SaslServer
     while (st.hasMoreTokens())
       {
         option = st.nextToken();
-        if (DEBUG && debuglevel > 6)
-          debug(TRACE, "option: <" + option + ">");
+        if (Configuration.DEBUG)
+          log.fine("option: <" + option + ">");
         if (option.equals(SRPRegistry.OPTION_REPLAY_DETECTION))
-          {
-            replayDetection = true;
-          }
+          replayDetection = true;
         else if (option.startsWith(SRPRegistry.OPTION_INTEGRITY + "="))
           {
             if (integrity)
+              throw new AuthenticationException(
+                  "Only one integrity algorithm may be chosen");
+            option = option.substring(option.indexOf('=') + 1);
+            if (Configuration.DEBUG)
+              log.fine("algorithm: <" + option + ">");
+            for (i = 0; i < SRPRegistry.INTEGRITY_ALGORITHMS.length; i++)
               {
-                throw new AuthenticationException(
-                                                  "Only one integrity algorithm may be chosen");
-              }
-            else
-              {
-                option = option.substring(option.indexOf('=') + 1);
-                if (DEBUG && debuglevel > 6)
-                  debug(TRACE, "algorithm: <" + option + ">");
-                for (i = 0; i < SRPRegistry.INTEGRITY_ALGORITHMS.length; i++)
-                  {
-                    if (SRPRegistry.INTEGRITY_ALGORITHMS[i].equals(option))
-                      {
-                        chosenIntegrityAlgorithm = option;
-                        integrity = true;
-                        break;
-                      }
-                  }
-                if (!integrity)
+                if (SRPRegistry.INTEGRITY_ALGORITHMS[i].equals(option))
                   {
-                    throw new AuthenticationException(
-                                                      "Unknown integrity algorithm: "
-                                                          + option);
+                    chosenIntegrityAlgorithm = option;
+                    integrity = true;
+                    break;
                   }
               }
+            if (! integrity)
+              throw new AuthenticationException("Unknown integrity algorithm: "
+                                                + option);
           }
         else if (option.startsWith(SRPRegistry.OPTION_CONFIDENTIALITY + "="))
           {
             if (confidentiality)
+              throw new AuthenticationException(
+                  "Only one confidentiality algorithm may be chosen");
+            option = option.substring(option.indexOf('=') + 1);
+            if (Configuration.DEBUG)
+              log.fine("algorithm: <" + option + ">");
+            for (i = 0; i < SRPRegistry.CONFIDENTIALITY_ALGORITHMS.length; i++)
               {
-                throw new AuthenticationException(
-                                                  "Only one confidentiality algorithm may be chosen");
-              }
-            else
-              {
-                option = option.substring(option.indexOf('=') + 1);
-                if (DEBUG && debuglevel > 6)
-                  debug(TRACE, "algorithm: <" + option + ">");
-                for (i = 0; i < SRPRegistry.CONFIDENTIALITY_ALGORITHMS.length; i++)
-                  {
-                    if (SRPRegistry.CONFIDENTIALITY_ALGORITHMS[i].equals(option))
-                      {
-                        chosenConfidentialityAlgorithm = option;
-                        confidentiality = true;
-                        break;
-                      }
-                  }
-                if (!confidentiality)
+                if (SRPRegistry.CONFIDENTIALITY_ALGORITHMS[i].equals(option))
                   {
-                    throw new AuthenticationException(
-                                                      "Unknown confidentiality algorithm: "
-                                                          + option);
+                    chosenConfidentialityAlgorithm = option;
+                    confidentiality = true;
+                    break;
                   }
               }
+            if (! confidentiality)
+              throw new AuthenticationException("Unknown confidentiality algorithm: "
+                                                + option);
           }
         else if (option.startsWith(SRPRegistry.OPTION_MAX_BUFFER_SIZE + "="))
           {
@@ -1007,70 +720,51 @@ public class SRPServer extends ServerMechanism implements SaslServer
                 if (rawSendSize > Registry.SASL_BUFFER_MAX_LIMIT
                     || rawSendSize < 1)
                   throw new AuthenticationException(
-                                                    "Illegal value for 'maxbuffersize' option");
+                      "Illegal value for 'maxbuffersize' option");
               }
             catch (NumberFormatException x)
               {
                 throw new AuthenticationException(
-                                                  SRPRegistry.OPTION_MAX_BUFFER_SIZE
-                                                      + "="
-                                                      + String.valueOf(maxBufferSize),
-                                                  x);
+                    SRPRegistry.OPTION_MAX_BUFFER_SIZE + "=" + maxBufferSize, x);
               }
           }
       }
-
     // check if client did the right thing
     if (replayDetection)
       {
-        if (!integrity)
-          {
-            throw new AuthenticationException(
-                                              "Missing integrity protection algorithm "
-                                                  + "but replay detection is chosen");
-          }
+        if (! integrity)
+          throw new AuthenticationException(
+              "Missing integrity protection algorithm but replay detection is chosen");
       }
     if (mandatory.equals(SRPRegistry.OPTION_REPLAY_DETECTION))
       {
-        if (!replayDetection)
-          {
-            throw new AuthenticationException(
-                                              "Replay detection is mandatory but was not chosen");
-          }
+        if (! replayDetection)
+          throw new AuthenticationException(
+              "Replay detection is mandatory but was not chosen");
       }
     if (mandatory.equals(SRPRegistry.OPTION_INTEGRITY))
       {
-        if (!integrity)
-          {
-            throw new AuthenticationException(
-                                              "Integrity protection is mandatory but was not chosen");
-          }
+        if (! integrity)
+          throw new AuthenticationException(
+              "Integrity protection is mandatory but was not chosen");
       }
     if (mandatory.equals(SRPRegistry.OPTION_CONFIDENTIALITY))
       {
-        if (!confidentiality)
-          {
-            throw new AuthenticationException(
-                                              "Confidentiality is mandatory but was not chosen");
-          }
+        if (! confidentiality)
+          throw new AuthenticationException(
+              "Confidentiality is mandatory but was not chosen");
       }
-
     int blockSize = 0;
     if (chosenConfidentialityAlgorithm != null)
       {
         final IBlockCipher cipher = CipherFactory.getInstance(chosenConfidentialityAlgorithm);
         if (cipher != null)
-          {
-            blockSize = cipher.defaultBlockSize();
-          }
-        else
-          { // should not happen
-            throw new AuthenticationException("Confidentiality algorithm ("
-                                              + chosenConfidentialityAlgorithm
-                                              + ") not available");
-          }
+          blockSize = cipher.defaultBlockSize();
+        else // should not happen
+          throw new AuthenticationException("Confidentiality algorithm ("
+                                            + chosenConfidentialityAlgorithm
+                                            + ") not available");
       }
-
     sIV = new byte[blockSize];
     if (blockSize > 0)
       getDefaultPRNG().nextBytes(sIV);
@@ -1086,30 +780,26 @@ public class SRPServer extends ServerMechanism implements SaslServer
         // instantiate cipher if confidentiality protection filter is active
         if (chosenConfidentialityAlgorithm != null)
           {
-            if (DEBUG && debuglevel > 2)
-              debug(INFO, "Activating confidentiality protection filter");
+            if (Configuration.DEBUG)
+              log.fine("Activating confidentiality protection filter");
             inCipher = CALG.getInstance(chosenConfidentialityAlgorithm);
             outCipher = CALG.getInstance(chosenConfidentialityAlgorithm);
           }
         // instantiate hmacs if integrity protection filter is active
         if (chosenIntegrityAlgorithm != null)
           {
-            if (DEBUG && debuglevel > 2)
-              debug(INFO, "Activating integrity protection filter");
+            if (Configuration.DEBUG)
+              log.fine("Activating integrity protection filter");
             inMac = IALG.getInstance(chosenIntegrityAlgorithm);
             outMac = IALG.getInstance(chosenIntegrityAlgorithm);
           }
-
         // generate a new sid if at least integrity is used
         sid = (inMac != null ? ServerStore.getNewSessionID() : new byte[0]);
       }
-    else
-      { // same session new keys
-        K = srp.generateKn(K, cn, sn);
-      }
+    else // same session new keys
+      K = srp.generateKn(K, cn, sn);
 
     final KDF kdf = KDF.getInstance(K);
-
     // initialise in/out ciphers if confidentaility protection is used
     if (inCipher != null)
       {
@@ -1122,15 +812,12 @@ public class SRPServer extends ServerMechanism implements SaslServer
         outMac.init(kdf);
         inMac.init(kdf);
       }
-
     if (sid != null && sid.length != 0)
       { // update the security context and save in map
-        if (DEBUG && debuglevel > 2)
-          debug(INFO, "Updating security context for sid = " + new String(sid));
-        ServerStore.instance().cacheSession(
-                                            ttl,
-                                            new SecurityContext(
-                                                                srp.getAlgorithm(),
+        if (Configuration.DEBUG)
+          log.fine("Updating security context for sid = " + new String(sid));
+        ServerStore.instance().cacheSession(ttl,
+                                            new SecurityContext(srp.getAlgorithm(),
                                                                 sid,
                                                                 K,
                                                                 cIV,
@@ -1148,7 +835,6 @@ public class SRPServer extends ServerMechanism implements SaslServer
   {
     if (prng == null)
       prng = PRNG.getInstance();
-
     return prng;
   }
 }
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/srp/SecurityContext.java b/libjava/classpath/gnu/javax/crypto/sasl/srp/SecurityContext.java
index feca25cadb8..1111d95b4f0 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/srp/SecurityContext.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/srp/SecurityContext.java
@@ -39,41 +39,23 @@ exception statement from your version.  */
 package gnu.javax.crypto.sasl.srp;
 
 /**
- * <p>A package-private placeholder for an SRP security context.</p>
+ * A package-private placeholder for an SRP security context.
  */
 class SecurityContext
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   private String mdName;
-
   private byte[] sid;
-
   private byte[] K;
-
   private byte[] cIV;
-
   private byte[] sIV;
-
   private boolean replayDetection;
-
   private int inCounter;
-
   private int outCounter;
-
   private IALG inMac;
-
   private IALG outMac;
-
   private CALG inCipher;
-
   private CALG outCipher;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   SecurityContext(final String mdName, final byte[] sid, final byte[] K,
                   final byte[] cIV, final byte[] sIV,
                   final boolean replayDetection, final int inCounter,
@@ -96,12 +78,6 @@ class SecurityContext
     this.outCipher = outCipher;
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   String getMdName()
   {
     return mdName;
@@ -161,4 +137,4 @@ class SecurityContext
   {
     return outCipher;
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/srp/ServerStore.java b/libjava/classpath/gnu/javax/crypto/sasl/srp/ServerStore.java
index 99bf96a9444..e9b1a728273 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/srp/ServerStore.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/srp/ServerStore.java
@@ -41,32 +41,21 @@ package gnu.javax.crypto.sasl.srp;
 import java.util.HashMap;
 
 /**
- * <p>The server-side implementation of the SRP security context store.</p>
+ * The server-side implementation of the SRP security context store.
  */
 public class ServerStore
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   /** The underlying singleton. */
   private static ServerStore singleton = null;
-
   /** The map of sid --> Security Context record. */
   private static final HashMap sid2ssc = new HashMap();
-
   /** The map of sid --> Session timing record. */
   private static final HashMap sid2ttl = new HashMap();
-
   /** A synchronisation lock. */
   private static final Object lock = new Object();
-
   /** A counter to generate legible SIDs. */
   private static int counter = 0;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   /** Private constructor to enforce Singleton pattern. */
   private ServerStore()
   {
@@ -75,48 +64,38 @@ public class ServerStore
     // TODO: add a cleaning timer thread
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns the classloader Singleton.</p>
-   *
+   * Returns the classloader Singleton.
+   * 
    * @return the classloader Singleton instance.
    */
   static synchronized final ServerStore instance()
   {
     if (singleton == null)
-      {
-        singleton = new ServerStore();
-      }
+      singleton = new ServerStore();
     return singleton;
   }
 
   /**
-   * <p>Returns a legible new session identifier.</p>
-   *
+   * Returns a legible new session identifier.
+   * 
    * @return a new session identifier.
    */
   static synchronized final byte[] getNewSessionID()
   {
     final String sid = String.valueOf(++counter);
-    return new StringBuffer("SID-").append(
-                                           "0000000000".substring(
-                                                                  0,
-                                                                  10 - sid.length())).append(
-                                                                                             sid).toString().getBytes();
+    return new StringBuffer("SID-")
+        .append("0000000000".substring(0, 10 - sid.length())).append(sid)
+        .toString().getBytes();
   }
 
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns a boolean flag indicating if the designated session is still
-   * alive or not.</p>
-   *
+   * Returns a boolean flag indicating if the designated session is still alive
+   * or not.
+   * 
    * @param sid the identifier of the session to check.
    * @return <code>true</code> if the designated session is still alive.
-   * <code>false</code> otherwise.
+   *         <code>false</code> otherwise.
    */
   boolean isAlive(final byte[] sid)
   {
@@ -130,8 +109,8 @@ public class ServerStore
             if (ctx != null)
               {
                 result = ctx.isAlive();
-                if (!result)
-                  { // invalidate it en-passant
+                if (! result) // invalidate it en-passant
+                  {
                     sid2ssc.remove(key);
                     sid2ttl.remove(key);
                   }
@@ -142,9 +121,9 @@ public class ServerStore
   }
 
   /**
-   * <p>Records a mapping between a session identifier and the Security Context
-   * of the designated SRP server mechanism instance.</p>
-   *
+   * Records a mapping between a session identifier and the Security Context of
+   * the designated SRP server mechanism instance.
+   * 
    * @param ttl the session's Time-To-Live indicator (in seconds).
    * @param ctx the server's security context.
    */
@@ -159,11 +138,11 @@ public class ServerStore
   }
 
   /**
-   * <p>Updates the mapping between the designated session identifier and the
-   * designated server's SASL Security Context. In the process, computes
-   * and return the underlying mechanism server's evidence that shall be
-   * returned to the client in a session re-use exchange.</p>
-   *
+   * Updates the mapping between the designated session identifier and the
+   * designated server's SASL Security Context. In the process, computes and
+   * return the underlying mechanism server's evidence that shall be returned to
+   * the client in a session re-use exchange.
+   * 
    * @param sid the identifier of the session to restore.
    * @return an SRP server's security context.
    */
@@ -180,8 +159,8 @@ public class ServerStore
   }
 
   /**
-   * <p>Removes all information related to the designated session ID.</p>
-   *
+   * Removes all information related to the designated session ID.
+   * 
    * @param sid the identifier of the seesion to invalidate.
    */
   void invalidateSession(final byte[] sid)
@@ -193,4 +172,4 @@ public class ServerStore
         sid2ttl.remove(key);
       }
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/crypto/sasl/srp/StoreEntry.java b/libjava/classpath/gnu/javax/crypto/sasl/srp/StoreEntry.java
index c5041fa4b38..130678ebd7a 100644
--- a/libjava/classpath/gnu/javax/crypto/sasl/srp/StoreEntry.java
+++ b/libjava/classpath/gnu/javax/crypto/sasl/srp/StoreEntry.java
@@ -39,21 +39,13 @@ exception statement from your version.  */
 package gnu.javax.crypto.sasl.srp;
 
 /**
- * <p>A simple timing-related object for use by SRP re-use code.</p>
+ * A simple timing-related object for use by SRP re-use code.
  */
 class StoreEntry
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
   private boolean perenial;
-
   private long timeToDie;
 
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   StoreEntry(int ttl)
   {
     super();
@@ -70,20 +62,14 @@ class StoreEntry
       }
   }
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
   /**
-   * <p>Returns <code>true</code> if the Time-To_live period has not elapsed.</p>
-   *
+   * Returns <code>true</code> if the Time-To_live period has not elapsed.
+   * 
    * @return <code>true</code> if the Time-To-Live period (in seconds) has not
-   * elapsed yet; <code>false</code> otherwise.
+   *         elapsed yet; <code>false</code> otherwise.
    */
   boolean isAlive()
   {
     return (perenial ? true : (System.currentTimeMillis() < timeToDie));
   }
-}
\ No newline at end of file
+}
diff --git a/libjava/classpath/gnu/javax/imageio/IIOInputStream.java b/libjava/classpath/gnu/javax/imageio/IIOInputStream.java
new file mode 100644
index 00000000000..2638e2fe240
--- /dev/null
+++ b/libjava/classpath/gnu/javax/imageio/IIOInputStream.java
@@ -0,0 +1,102 @@
+/* GIFStream.java --
+   Copyright (C)  2006  Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.imageio;
+
+import java.io.InputStream;
+import java.io.IOException;
+import javax.imageio.stream.ImageInputStream;
+
+/**
+ * Implements InputStream on an ImageInputStream
+ * The purpose of this is to avoid IIO dependencies in the various decoders.
+ * (which only use read() anyway).
+ */
+public class IIOInputStream extends InputStream
+{
+  private ImageInputStream is;
+
+  public IIOInputStream( ImageInputStream is )
+  {
+    this.is = is;
+  }
+
+  public int available()
+  {
+    return 0;
+  }
+
+  public void close() throws IOException
+  {
+    is.close();
+  }
+
+  public void mark(int readlimit)
+  {
+    is.mark();
+  }
+
+  public boolean markSupported()
+  {
+    return true;
+  }
+
+  public int read() throws IOException
+  {
+    return is.read();    
+  }
+
+  public int read(byte[] b) throws IOException
+  {
+    return is.read(b);
+  }
+
+  public int read(byte[] b, int offset, int length) throws IOException
+  {
+    return is.read(b, offset, length);
+  }
+
+  public void reset() throws IOException
+  {
+    is.reset();
+  }
+
+  public long skip(long n) throws IOException
+  {
+    return is.skipBytes(n);
+  }
+}
diff --git a/libjava/classpath/gnu/javax/imageio/gif/GIFFile.java b/libjava/classpath/gnu/javax/imageio/gif/GIFFile.java
new file mode 100644
index 00000000000..a11a8c0c6f5
--- /dev/null
+++ b/libjava/classpath/gnu/javax/imageio/gif/GIFFile.java
@@ -0,0 +1,709 @@
+/* GIFFile.java -- GIF decoder
+   Copyright (C) 2006  Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.imageio.gif;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.Vector;
+
+/**
+ * GIFFile - reads a GIF file.
+ * 
+ * This class only does the bare minimum work, and returns the data in raw
+ * formats (described below). The class is J2ME compatible, and hopefully
+ * we can keep it that way without any significant overhead.
+ *
+ * @author Sven de Marothy. 
+ */
+public class GIFFile 
+{
+  // "NETSCAPE2.0" - identifier
+  private final static byte[] nsBlock = new byte[]
+  {0x4e, 0x45, 0x54, 0x53, 0x43, 0x41, 0x50, 0x45, 0x32, 0x2e, 0x30 };
+
+  /**
+   * Block identifiers
+   */
+  private final static int EXTENSION = 0x21;
+  private final static int LOCAL = 0x2C;
+  private final static int TERMINATOR = 0x3B;
+
+  /**
+   * Extension block types
+   */
+  private final static int EXTENSION_COMMENT = 254;
+  private final static int EXTENSION_GCONTROL = 249; 
+  private final static int EXTENSION_APPLICATION = 255;
+
+  /**
+   * Undraw commands for animation.
+   */
+  private final static int UNDRAW_OVERWRITE = 1;
+  private final static int UNDRAW_RESTORE_BACKGROUND = 2;
+  private final static int UNDRAW_RESTORE_PREVIOUS = 3; 
+
+  /**
+   * Image position and dimensions (images may be partial)
+   */
+  private int x, y, width, height;
+
+  /**
+   * Global dimensions
+   */
+  private int globalWidth, globalHeight;
+
+  /**
+   * Background color index.
+   */
+  private byte bgIndex;
+
+  /**
+   * Number of colors
+   */
+  private int nColors;
+
+  /**
+   * Global palette, if any
+   */
+  private byte[] globalPalette;
+
+  /**
+   * Any
+   */
+  private boolean hasGlobalColorMap;
+
+  /**
+   * Local palette, if any (used if available)
+   */
+  private byte[] localPalette;
+
+  /**
+   * Interlaced GIF or not?
+   */
+  private boolean interlaced;
+
+  /**
+   * Has transparency?
+   */
+  private boolean hasTransparency;
+  
+  /**
+   * Undraw mode (animations)
+   */
+  private int undraw;
+
+  /**
+   * Transparent index;
+   */
+  private int transparentIndex;
+
+  /**
+   * The uncompressed raster
+   */
+  private byte[] raster;
+
+  /**
+   * The compressed data (freed after uncompressing)
+   */
+  private byte[] compressedData;
+
+  /**
+   * Frame delay in 100ths of a second ( centiseconds, metrically )
+   */
+  private int duration;
+
+  /**
+   * Indices used during decompression
+   */
+  private int dataBlockIndex;
+
+  /**
+   * The file comment , if a comment block exists.
+   */
+  private String comment;
+
+  /**
+   * Fields used by getBits()
+   */
+  private int remainingBits = 0;
+  private int currentBits = 0;
+
+  /**
+   * Netscape animation extension
+   */
+  private boolean isLooped = false;
+
+  /** Number of loops, 0 = infinite */
+  private int loops;
+
+  /**
+   * Additional frames if it's an animated GIF.
+   */
+  private Vector animationFrames;
+
+  /**
+   * Loads the file from an input stream, which is not closed.
+   * @throws IOException if an I/O error occured.
+   * @throws GIFException if some file parsing error occured
+   */
+  public GIFFile(InputStream in) throws IOException, GIFException 
+  {
+    // Validate the signature
+    if( !readSignature( in ) )
+      throw new GIFException("Invalid GIF signature.");
+
+    {
+      byte[] data = new byte[7];
+      if (in.read(data) != 7)
+	throw new IOException("Couldn't read global descriptor.");
+
+      globalWidth = ((data[1] & 0xFF) << 8) | (data[0] & 0xFF);
+      globalHeight = ((data[3] & 0xFF) << 8) | (data[2] & 0xFF);
+      byte flags = data[4];
+      bgIndex = data[5];
+      nColors = (1 << (( flags & 0x07) + 1));
+      hasGlobalColorMap = ((flags & 0x80) != 0);
+    }
+
+    if( hasGlobalColorMap )
+      {
+	globalPalette = new byte[ nColors * 3 ];
+	if( in.read( globalPalette ) != nColors * 3 )
+	  throw new IOException("Couldn't read color map.");
+      }
+    
+    int c = in.read();
+    while( c == EXTENSION )
+      {
+	readExtension( in );
+	c = in.read();
+      }
+      
+    if( c != LOCAL )
+      throw new GIFException("Extension blocks not followed by a local descriptor ("+c+")");
+
+    loadImage( in );
+    c = in.read(); 
+
+    if( c == TERMINATOR ) // Not an animated GIF.
+      return;
+
+    // Load animation frames. Just quit if an error occurs instead 
+    // of throwing an exception.
+    animationFrames = new Vector();
+    try 
+      {
+	while( c != TERMINATOR )
+	  {
+	    animationFrames.add( new GIFFile( this, in, c ) );
+	    c = in.read(); 
+	  }
+      }
+    catch(IOException ioe)
+      {
+      }
+    catch(GIFException gife)
+      {
+      }
+  }
+
+  /**
+   * Constructor for additional animation frames.
+   */
+  private GIFFile(GIFFile parent, InputStream in, int c) 
+    throws IOException, GIFException 
+  {
+    // Copy global properties.
+    globalWidth = parent.globalWidth;
+    globalHeight = parent.globalHeight;
+    nColors = parent.nColors;
+    globalPalette = parent.globalPalette;
+    hasGlobalColorMap = parent.hasGlobalColorMap;
+    interlaced = parent.interlaced;
+    comment = parent.comment;
+    isLooped = parent.isLooped;
+    loops = parent.loops;
+
+    while( c == EXTENSION )
+    {
+      readExtension( in );      
+      c = in.read();
+    }
+      
+    if( c != LOCAL )
+      throw new GIFException("Extension blocks not followed by a local descriptor ("+c+")");
+
+    loadImage( in );
+  }
+
+  /**
+   * Reads a GIF file signature from an inputstream and checks it.
+   *
+   * @param in - the stream (reads 6 bytes, does not close or reset).
+   * @return true if the signature is a valid GIF signature.
+   * @throws an IOException if the signature could not be read.
+   */
+  public static boolean readSignature( InputStream in ) throws IOException
+  { 
+    byte[] data = new byte[6];
+    if (in.read(data) != 6)
+      throw new IOException("Couldn't read signature.");
+
+    if( data[0] != 0x47 || data[1] != 0x49 || data[2] != 0x46 ||
+	data[3] != 0x38 ) // GIF8
+      return false;
+
+    if( (data[4] != 0x39 && data[4] != 0x37) || // 7 | 9
+	(data[5] != 0x61 && data[5] != 0x62) ) // 'a' or 'b'
+      return false;
+    return true;
+  }
+  
+
+  /**
+   * Loads the image local descriptor and then loads/decodes the image raster,
+   * and then performs any necessary postprocessing like deinterlacing.
+   */
+  private void loadImage(InputStream in)
+    throws IOException, GIFException
+  {
+    readLocal( in );
+
+    try
+      {
+	decodeRaster( in );
+      }
+    catch(ArrayIndexOutOfBoundsException aioobe)
+      {
+	throw new GIFException("Error decompressing image.");
+      }
+    
+    if( interlaced )  // Clean up
+      deinterlace();
+    packPixels();
+  }
+
+  /**
+   * Pack the pixels if it's a 2, 4 or 16 color image.
+   * While GIF may support any number of colors from 2-256, we won't bother
+   * trying to pack pixels not resulting in even byte boundaries.
+   * (AWT doesn't support that anyway, and most apps do the same.)
+   */
+  private void packPixels()
+  {
+    if( nColors != 2 && nColors != 4 && nColors != 16 )
+      return;
+
+    int nbits = 1;
+    int ppbyte = 8; 
+    if( nColors == 4 )
+      {
+	nbits = 2;
+	ppbyte = 4;
+      }
+    else if( nColors == 16 )
+      {
+	nbits = 4;
+	ppbyte = 2;
+      }
+
+    int rem = (width & (ppbyte - 1));
+    int w = ( rem == 0 ) ? (width / ppbyte) : 
+      ((width + ppbyte - rem) / ppbyte); 
+    byte[] nr = new byte[ w * height ];
+    for(int j = 0; j < height; j++)
+      {
+	for(int i = 0; i < width - ppbyte; i += ppbyte)
+	  for(int k = 0; k < ppbyte; k++)
+	    nr[ j * w + (i / ppbyte) ] |= (byte)((raster[ width * j + i + k ]
+						  << (8 - nbits * (1 + k))));
+ 	for(int i = 0; i < rem; i++)
+ 	  nr[ j * w + w - 1 ] |= (byte)((raster[ width * j + width - rem + i ]
+					 << (nbits * (rem - i))));
+      }
+    raster = nr;
+  }
+
+  /**
+   * Returns the (global) width
+   */
+  public int getWidth()
+  {
+    return width;
+  }
+
+  /**
+   * Returns the image height
+   */
+  public int getHeight()
+  {
+    return height;
+  }
+
+  /**
+   * Returns the # of colors.
+   */
+  public int getNColors()
+  {
+    return nColors;
+  }
+
+  /**
+   * Returns whether the GIF has transparency.
+   */
+  public boolean hasTransparency()
+  {
+    return hasTransparency;
+  }
+
+  /**
+   * Returns the index of the transparent color.
+   */
+  public int getTransparentIndex()
+  {
+    return transparentIndex;
+  }
+
+  /**
+   * Retuns the GIF file comment, or null if none exists.
+   */
+  public String getComment()
+  {
+    return comment;
+  }
+
+  /**
+   * Get duration of the frame for animations.
+   */
+  public int getDuration()
+  {
+    return duration;
+  }
+
+  /**
+   * Deinterlaces the image.
+   */
+  private void deinterlace()
+  {
+    byte[] nr = new byte[ width * height ];
+    int n = 0;
+    for(int i = 0; i < ((height + 7) >> 3); i++)
+      {
+	System.arraycopy( raster, n, nr, width * i * 8, width );
+	n += width;
+      }
+    for(int i = 0; i < ((height + 3) >> 3); i++)
+      {
+	System.arraycopy( raster, n, nr, width * ( 8 * i + 4 ), width );
+	n += width;
+      }
+    for(int i = 0; i < (height >> 2); i++)
+      {
+	System.arraycopy( raster, n, nr, width * (4 * i + 2), width );
+	n += width;
+      }
+    for(int i = 0; i < (height >> 1); i++)
+      {
+	System.arraycopy( raster, n, nr, width * (2 * i + 1), width );
+	n += width;
+      }
+    raster = nr;
+  }
+
+  /**
+   * Reads the local descriptor
+   */
+  private void readLocal(InputStream in) throws IOException
+  {
+    byte[] data = new byte[9];
+    if (in.read(data) != 9)
+      throw new IOException("Couldn't read local descriptor.");
+    x = ((data[1] & 0xFF) << 8) | (data[0] & 0xFF);
+    y = ((data[3] & 0xFF) << 8) | (data[2] & 0xFF);
+    width = ((data[5] & 0xFF) << 8) | (data[4] & 0xFF);
+    height = ((data[7] & 0xFF) << 8) | (data[6] & 0xFF);
+    byte flags = data[8];
+    interlaced = (( flags & 0x40 ) != 0);
+    if( (flags & 0x80) != 0 )
+      { // has a local color map
+	int nLocalColors = (1 << (( flags & 0x07) + 1));
+	if( !hasGlobalColorMap )
+	  nColors = nLocalColors;
+	localPalette = new byte[ nLocalColors * 3 ];
+	if( in.read( localPalette ) != nLocalColors * 3 )
+	  throw new IOException("Couldn't read color map.");
+      }
+  }   
+
+  /**
+   * Returns the image's palette in raw format 
+   * (r0,g0,b0,r1,g1,b2..r(Ncolors-1),g(Ncolors-1),b(Ncolors-1))
+   */
+  public byte[] getRawPalette()
+  {
+    return hasGlobalColorMap ? globalPalette : localPalette;
+  }
+
+  /**
+   * Returns the image file for animated gifs.
+   */
+  public GIFFile getImage( int index )
+  {
+    if( index == 0 )
+      return this;
+    if( animationFrames == null )
+      throw new ArrayIndexOutOfBoundsException("Only one image in file");
+    return (GIFFile)animationFrames.elementAt( index - 1 );
+  }
+
+  /**
+   * Return the image's raw image data.
+   * If the color depth is 1,2 or 4 bits per pixel the pixels are packed
+   * and the scanlines padded up to the nearest byte if needed.
+   */
+  public byte[] getRawImage()
+  {
+    return raster;
+  }
+
+  /**
+   * Return the number of images in the GIF file
+   */
+  public int nImages()
+  {
+    if( animationFrames != null )
+      return 1 + animationFrames.size();
+    return 1;
+  }
+
+  /**
+   * Handles extension blocks.
+   */
+  private void readExtension(InputStream in) throws IOException, GIFException 
+  {
+    int functionCode = in.read();
+    byte[] data = readData(in);
+    switch( functionCode )
+      {
+      case EXTENSION_COMMENT: // comment block
+	comment = new String(data, "8859_1");
+	break;
+
+      case EXTENSION_GCONTROL: // Graphics control extension
+	undraw = (data[0] & 0x1C) >> 2;
+	// allegedly there can be bad values of this.
+	if( undraw < 1 && undraw > 3 ) undraw = 1; 
+	hasTransparency = ((data[0] & 0x01) == 1);
+	transparentIndex = (data[3] & 0xFF);
+	duration = ((data[2] & 0xFF) << 8) | (data[1] & 0xFF);
+	break;
+
+	// Application extension. We only parse the Netscape animation
+	// extension here. Which is the only one most use anyway.
+      case EXTENSION_APPLICATION:
+	boolean isNS = true;
+	for(int i = 0; i < nsBlock.length; i++ )
+	  if( nsBlock[i] != data[i] )
+	    isNS = false;
+	if( isNS )
+	  {
+	    isLooped = true;
+	    loops = ((data[12] & 0xFF) << 8) | (data[13] & 0xFF);
+	  }
+	break;
+
+      default:
+	break;
+      }
+  }
+
+  /**
+   * Reads a series of data blocks and merges them into a single one.
+   */
+  private byte[] readData(InputStream in) throws IOException
+  {
+    Vector v = new Vector();
+    int totalBytes = 0;
+
+    int n = in.read();
+    do
+      {
+	totalBytes += n;
+	byte[] block = new byte[ n ];
+	in.read(block);
+	v.add(block);
+	n = in.read();
+      }
+    while( n > 0 );
+
+    n = 0;
+    byte[] bigBuffer = new byte[ totalBytes ];
+    for( int i = 0; i < v.size(); i++ )
+      {
+	byte[] block = (byte[])v.elementAt(i);
+	System.arraycopy(block, 0, bigBuffer, n, block.length);
+	n += block.length;
+      }
+    return bigBuffer;
+  }
+
+  /**
+   * Loads a compressed image block and decompresses it.
+   */
+  private void decodeRaster(InputStream in) throws IOException
+  {
+    int initialCodeSize = in.read();
+    compressedData = readData( in );
+    dataBlockIndex = 0;
+
+    int rasterIndex = 0; // Index into the raster
+    int clearCode = (1 << initialCodeSize); // 256 usually
+    int endCode = clearCode + 1; // The stop code.
+
+    raster = new byte[ width * height ];
+
+    int codeSize = initialCodeSize + 1;
+    int code = getBits( codeSize ); // = clear
+    int nextCode = endCode + 1;
+
+    /*
+     * Initialize LZW dictionary
+     *
+     * First index - code #
+     * Second index:
+     * 0 = color index
+     * 1 = parent (-1 - no parent)
+     * 2 = first value
+     * 3 - depth
+     * The latter two aren't strictly necessary but make things faster, since
+     * copying the values forward is faster than going back and looking.
+     */
+    short[][] dictionary = new short[ 4096 ][ 4 ];
+
+    for(short i = 0; i < nColors; i ++ )
+      {
+	dictionary[i][0] = i;  // color index	
+	dictionary[i][1] = -1; // parent
+	dictionary[i][2] = i;  // first	
+	dictionary[i][3] = 1;  // depth
+      }
+
+    code = getBits( codeSize ); // get second code
+    raster[ rasterIndex++ ] = (byte)dictionary[code][0];
+    int old = code;    
+    code = getBits( codeSize ); // start at the third code
+    int c;
+
+    do
+      {
+	if( code == clearCode )
+	  {
+	    codeSize = initialCodeSize + 1;
+ 	    nextCode = endCode + 1; 
+	    // get and output second code
+	    code = getBits( codeSize ); 
+	    raster[ rasterIndex++ ] = (byte)dictionary[code][0];
+	    old = code;
+	  }
+	else
+	  {
+	    dictionary[nextCode][1] = (short)old; // parent = old
+	    dictionary[nextCode][2] = dictionary[old][2]; // first pixel
+	    dictionary[nextCode][3] = (short)(dictionary[old][3] + 1); // depth
+	
+	    // appended pixel  = first pixel of c
+	    if( code < nextCode )
+	      {
+		dictionary[nextCode][0] = dictionary[code][2]; 
+		old = code;
+	      }
+	    else // first of old
+	      {
+		dictionary[nextCode][0] = dictionary[old][2]; 
+		old = nextCode;
+	      }
+
+	    c = old;
+	    // output the code c
+	    int depth = dictionary[c][3];
+	    for( int i = depth - 1; i >= 0; i-- )
+	      {
+		raster[ rasterIndex + i ] = (byte)dictionary[c][0];
+		c = dictionary[c][1]; // go to parent.
+	      }
+	    rasterIndex += depth;
+	    nextCode ++;
+
+	    if( codeSize < 12 && nextCode >= (1 << codeSize) )
+	      codeSize++;
+	  }
+	code = getBits( codeSize );
+      }
+    while( code != endCode && dataBlockIndex < compressedData.length );
+    
+    compressedData = null; // throw away compressed data.
+  }
+
+  /**
+   * Returns nbits number of bits (in the LSBs) from compressedData
+   */
+  private int getBits( int nbits )
+  {
+    while( nbits > remainingBits )
+      {
+	int c = (compressedData[ dataBlockIndex++ ] & 0xFF) << remainingBits;
+	currentBits |= c;
+	remainingBits += 8;
+      }
+    int rval = (currentBits & ((1 << nbits) - 1));
+    currentBits = (currentBits >> nbits);
+    remainingBits -= nbits;
+    return rval;
+  }
+
+  /**
+   * Generic exception used by GIFFile to report decoding errors.
+   */
+  public static class GIFException extends Exception 
+  {
+    public GIFException(String message)
+    {
+      super(message);
+    }
+  }
+}
diff --git a/libjava/classpath/gnu/javax/imageio/gif/GIFImageReader.java b/libjava/classpath/gnu/javax/imageio/gif/GIFImageReader.java
new file mode 100644
index 00000000000..47108dd0c17
--- /dev/null
+++ b/libjava/classpath/gnu/javax/imageio/gif/GIFImageReader.java
@@ -0,0 +1,241 @@
+/* GIFImageReader.java --
+   Copyright (C)  2006  Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.imageio.gif;
+
+import gnu.javax.imageio.IIOInputStream;
+
+import java.io.IOException;
+import java.io.InputStream;
+import javax.imageio.*;
+import javax.imageio.spi.*;
+import javax.imageio.metadata.*;
+import javax.imageio.stream.ImageInputStream;
+import java.util.Iterator;
+import java.awt.image.BufferedImage;
+import java.awt.image.IndexColorModel;
+import java.awt.image.SampleModel;
+import java.awt.image.MultiPixelPackedSampleModel;
+import java.awt.image.SinglePixelPackedSampleModel;
+import java.awt.image.DataBuffer;
+import java.awt.image.DataBufferByte;
+import java.awt.image.Raster;
+import java.awt.image.WritableRaster;
+
+public class GIFImageReader extends ImageReader 
+{
+  private GIFFile file;
+
+  protected GIFImageReader(ImageReaderSpi originatingProvider)
+  {
+    super( originatingProvider );
+    file = null;
+  }
+  
+  private void readImage() throws IOException
+  {
+    if( file != null )
+      return;
+
+    try
+      {
+	if( input instanceof InputStream )
+	  file = new GIFFile( (InputStream)input );
+	else
+	  file = new GIFFile( new IIOInputStream((ImageInputStream)input) );
+      }
+    catch(GIFFile.GIFException ge)
+      {
+	throw new IIOException(ge.getMessage());
+      }
+  }
+
+  /**
+   * Returns the Global/Local palette as an IndexColorModel
+   */
+  private IndexColorModel getPalette(int index)
+  {
+    GIFFile f = file.getImage( index );
+    byte[] data = f.getRawPalette();
+    int nc = f.getNColors();
+    byte[] r = new byte[nc];
+    byte[] g = new byte[nc];
+    byte[] b = new byte[nc];
+
+    for(int i = 0; i < nc; i ++ )
+      {
+	r[i] = data[ i * 3 ];
+	g[i] = data[ i * 3 + 1 ];
+	b[i] = data[ i * 3 + 2 ];
+      }
+
+    if( f.hasTransparency() )
+      {
+	byte[] a = new byte[nc];
+	for(int i = 0; i < nc; i ++ )
+	  a[i] = (byte)0xFF;
+	a[f.getTransparentIndex()] = 0;
+	return new IndexColorModel(8, nc, r, g, b, a);
+      }
+    
+    return new IndexColorModel(8, nc, r, g, b);
+  }
+
+  private void validateIndex(int imageIndex) 
+    throws IndexOutOfBoundsException 
+  {
+    if( imageIndex < 0 || imageIndex >= getNumImages(false) )
+      throw new IndexOutOfBoundsException("Invalid image index.");
+  }
+
+  public void setInput(Object input) 
+  {
+    super.setInput(input);
+  }
+
+  public void setInput(Object input, 
+		       boolean seekForwardOnly, 
+		       boolean ignoreMetadata) 
+  {
+    super.setInput(input, seekForwardOnly, ignoreMetadata);
+  }
+	
+  public void setInput(Object input, boolean isStreamable) 
+  {
+    super.setInput(input, isStreamable);
+	
+    if (!(input instanceof ImageInputStream) && 
+	!(input instanceof InputStream))
+      throw new IllegalArgumentException("Input not an ImageInputStream.");
+  }
+
+  private void checkStream() throws IOException 
+  {
+    if (!(input instanceof ImageInputStream) &&
+	!(input instanceof InputStream))
+      throw new IllegalStateException("Input not an ImageInputStream or InputStream.");
+
+    if(input == null)
+      throw new IllegalStateException("No input stream.");
+  }
+
+  public int getWidth(int imageIndex) throws IOException 
+  {
+    validateIndex( imageIndex );
+    return file.getImage( imageIndex ).getWidth();
+  }
+
+  public int getHeight(int imageIndex) throws IOException 
+  {
+    validateIndex( imageIndex );
+    return file.getImage( imageIndex ).getHeight();
+  }
+
+  public Iterator getImageTypes(int imageIndex)
+  {
+    validateIndex( imageIndex );
+    return null;
+  }
+
+  /**
+   * Returns the number of images. 
+   */
+  public int getNumImages(boolean allowSearch)
+  {
+    try // Image should be loaded here already. But just in case:
+      {
+	readImage();
+      }
+    catch(IOException ioe)
+      {
+	return 0; // Well, now we're in trouble. But return something anyway.
+      }
+    return file.nImages();
+  }
+
+
+  // FIXME: Support metadata
+  public IIOMetadata getImageMetadata(int imageIndex)
+  {
+    validateIndex( imageIndex );
+    return null;
+  }
+
+  // FIXME: Support metadata
+  public IIOMetadata getStreamMetadata()
+  {
+    return null;
+  }
+
+  /**
+   * Reads the image indexed by imageIndex and returns it as 
+   * a complete BufferedImage, using a supplied ImageReadParam.
+   */	      
+  public BufferedImage read(int imageIndex, ImageReadParam param) 
+    throws IOException, IIOException 
+  {
+    validateIndex( imageIndex );
+    GIFFile f = file.getImage( imageIndex );
+    int width = f.getWidth();
+    int height = f.getHeight();
+    SampleModel sm;
+    switch( f.getNColors() )
+      {
+      case 16:
+	sm = new MultiPixelPackedSampleModel(DataBuffer.TYPE_BYTE, 
+					     width, height, 4);
+	break;
+      case 4:
+	sm = new MultiPixelPackedSampleModel(DataBuffer.TYPE_BYTE, 
+					     width, height, 2);
+	break;
+      case 2:
+	sm = new MultiPixelPackedSampleModel(DataBuffer.TYPE_BYTE, 
+					     width, height, 1);
+	break;
+      default:
+	sm = new SinglePixelPackedSampleModel(DataBuffer.TYPE_BYTE, 
+					      width, height, 
+					      new int[] {0xFF});
+	break;
+      }
+    DataBuffer db = new DataBufferByte(f.getRawImage(), width * height, 0);
+    WritableRaster raster = Raster.createWritableRaster(sm, db, null);
+    
+    return new BufferedImage(getPalette( imageIndex ), raster, false, null);
+  }
+}
diff --git a/libjava/classpath/gnu/javax/imageio/gif/GIFImageReaderSpi.java b/libjava/classpath/gnu/javax/imageio/gif/GIFImageReaderSpi.java
new file mode 100644
index 00000000000..a3184862353
--- /dev/null
+++ b/libjava/classpath/gnu/javax/imageio/gif/GIFImageReaderSpi.java
@@ -0,0 +1,124 @@
+/* GIFImageReaderSpi.java --
+   Copyright (C)  2006  Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.imageio.gif;
+
+import gnu.javax.imageio.IIOInputStream;
+
+import java.io.InputStream;
+import java.io.IOException;
+import java.util.Locale;
+import javax.imageio.ImageReader;
+import javax.imageio.spi.ImageReaderSpi;
+import javax.imageio.stream.ImageInputStream;
+
+public class GIFImageReaderSpi extends ImageReaderSpi 
+{
+  static final String vendorName = "GNU";
+  static final String version = "0.1";
+  static final String readerClassName =
+    "gnu.javax.imageio.gif.GIFImageReader";
+  static final String[] names = { "Compuserve GIF" };
+  static final String[] suffixes = { ".gif" };
+  static final String[] MIMETypes = {
+    "image/gif",
+    "image/x-gif"}; // Not sure this is legal, but it seems to be used a bit
+  static final String[] writerSpiNames = null;
+  static final boolean supportsStandardStreamMetadataFormat = false;
+  static final String nativeStreamMetadataFormatName = null;
+  static final String nativeStreamMetadataFormatClassName = null;
+  static final String[] extraStreamMetadataFormatNames = null;
+  static final String[] extraStreamMetadataFormatClassNames = null;
+  static final boolean supportsStandardImageMetadataFormat = false;
+  static final String nativeImageMetadataFormatName = null;
+  static final String nativeImageMetadataFormatClassName = null;
+  static final String[] extraImageMetadataFormatNames = null;
+  static final String[] extraImageMetadataFormatClassNames = null;
+    
+  public GIFImageReaderSpi() 
+  {
+    super(vendorName, version,
+	  names, suffixes, MIMETypes,
+	  readerClassName,
+	  new Class[]{ ImageInputStream.class, InputStream.class },
+	  writerSpiNames,
+	  supportsStandardStreamMetadataFormat,
+	  nativeStreamMetadataFormatName,
+	  nativeStreamMetadataFormatClassName,
+	  extraStreamMetadataFormatNames,
+	  extraStreamMetadataFormatClassNames,
+	  supportsStandardImageMetadataFormat,
+	  nativeImageMetadataFormatName,
+	  nativeImageMetadataFormatClassName,
+	  extraImageMetadataFormatNames,
+	  extraImageMetadataFormatClassNames);
+  }
+    
+  public String getDescription(Locale locale) 
+  {
+    return "Compuserve GIF";
+  }
+    
+  public boolean canDecodeInput(Object input)
+    throws IOException 
+  {
+    if( input == null )
+      throw new IllegalArgumentException("Input object cannot be null.");
+
+    if( !(input instanceof ImageInputStream) && 
+	!(input instanceof InputStream)) 
+      return false;
+
+    boolean retval;
+    InputStream in;
+    if( input instanceof ImageInputStream )
+      in = new IIOInputStream( (ImageInputStream)input );
+    else
+      in = (InputStream)input;
+
+    in.mark(10); // we read 6 bytes
+    retval = GIFFile.readSignature( in );
+    in.reset();
+
+    return retval;
+  }
+    
+  public ImageReader createReaderInstance(Object extension) 
+  {
+    return new GIFImageReader(this);
+  }
+}
diff --git a/libjava/classpath/gnu/javax/imageio/jpeg/DCT.java b/libjava/classpath/gnu/javax/imageio/jpeg/DCT.java
new file mode 100644
index 00000000000..91b6eb88f25
--- /dev/null
+++ b/libjava/classpath/gnu/javax/imageio/jpeg/DCT.java
@@ -0,0 +1,347 @@
+/* DCT.java --
+   Copyright (C)  2005  Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.imageio.jpeg;
+
+/**
+ * Discrete Cosine Transformations.
+ */
+public class DCT
+{
+
+  /**
+   * Cosine matrix
+   */
+  public double c[][] = new double[8][8];
+
+  /**
+   * Transformed cosine matrix
+   */
+  public double cT[][] = new double[8][8];
+
+  public DCT()
+  {
+    initMatrix();
+  }
+
+  /**
+   * Figure A.3.3 IDCT, Cu Cv on A-5 of the ISO DIS 10918-1. Requirements and
+   * Guidelines.
+   * 
+   * @param u
+   * @return
+   */
+  public static double C(int u)
+  {
+    return ((u == 0) ? (double) 1 / (double) Math.sqrt((double) 2)
+                     : (double) 1);
+  }
+
+  /**
+   * Initialize matrix values for the fast_idct function
+   */
+  private void initMatrix()
+  {
+    for (int j = 0; j < 8; j++)
+      {
+        double nn = (double) (8);
+        c[0][j] = 1.0 / Math.sqrt(nn);
+        cT[j][0] = c[0][j];
+      }
+    for (int i = 1; i < 8; i++)
+      {
+      for (int j = 0; j < 8; j++)
+        {
+          double jj = (double) j;
+          double ii = (double) i;
+          c[i][j] =
+            Math.sqrt(2.0 / 8.0)
+            * Math.cos(((2.0 * jj + 1.0) * ii * Math.PI) / (2.0 * 8.0));
+          cT[j][i] = c[i][j];
+        }
+      }
+  }
+
+  /**
+   * slow_idct - Figure A.3.3 IDCT (informative) on A-5 of the ISO DIS
+   * 10918-1. Requirements and Guidelines. This is a slow IDCT, there are
+   * better algorithms to use, it's fairly expensive with processor speed.
+   * 
+   * @param matrix
+   * @return
+   */
+  public static double[][] slow_idct(double[][] matrix)
+  {
+    double[][] output = new double[matrix.length][matrix.length];
+    for (int y = 0; y < 8; y++)
+      {
+        for (int x = 0; x < 8; x++)
+          {
+            double val = 0;
+            for (double v = 0; v < 8; v++)
+              {
+                double innerloop = 0;
+                for (double u = 0; u < 8; u++)
+                  innerloop += (DCT.C((int) u) / (double) 2)
+                           * matrix[(int) v][(int) u]
+                           * Math.cos((2 * x + 1) * u * Math.PI / (double) 16)
+                           * Math.cos((2 * y + 1) * v * Math.PI / (double) 16);
+                val += (DCT.C((int) v) / (double) 2) * innerloop;
+              }
+            output[y][x] = (val + 128);
+          }
+      }
+    return (output);
+  }
+
+  public static float[][] slow_fdct(float[][] value)
+  {
+    float[][] buffer = new float[8][8];
+
+    for (int u = 0; u < 8; u++)
+      {
+        for (int v = 0; v < 8; v++)
+          {
+            buffer[u][v] =
+              (float) (1 / 4) * (float) C((int) u) * (float) C((int) v);
+            float innerval = 0;
+            for (int x = 0; x < 8; x++)
+              {
+                for (int y = 0; y < 8; y++)
+                  {
+                    innerval += value[y][x]
+                                  * Math.cos(((2 * x + 1) * u * Math.PI) / 16)
+                                  * Math.cos(((2 * y + 1) * v * Math.PI) / 16);
+                  }
+              }
+            buffer[u][v] *= innerval;
+          }
+      }
+    return (buffer);
+  }
+
+  public float[][] fast_fdct(float[][] input)
+  {
+    float output[][] = new float[8][8];
+    double temp[][] = new double[8][8];
+    double temp1;
+    int i;
+    int j;
+    int k;
+
+    for (i = 0; i < 8; i++)
+      {
+        for (j = 0; j < 8; j++)
+          {
+            temp[i][j] = 0.0;
+            for (k = 0; k < 8; k++)
+              {
+                temp[i][j] += (((int) (input[i][k]) - 128) * cT[k][j]);
+              }
+          }
+      }
+
+    for (i = 0; i < 8; i++)
+      {
+        for (j = 0; j < 8; j++)
+          {
+            temp1 = 0.0;
+
+            for (k = 0; k < 8; k++)
+              {
+                temp1 += (c[i][k] * temp[k][j]);
+              }
+
+            output[i][j] = (int) Math.round(temp1) * 8;
+          }
+      }
+
+    return output;
+  }
+
+  /**
+   * fast_idct - Figure A.3.3 IDCT (informative) on A-5 of the ISO DIS
+   * 10918-1. Requires and Guidelines. This is a fast IDCT, it much more
+   * effecient and only inaccurate at about 1/1000th of a percent of values
+   * analyzed. Cannot be static because initMatrix must run before any
+   * fast_idct values can be computed.
+   * 
+   * @param input
+   * @return
+   */
+  public double[][] fast_idct(double[][] input)
+  {
+    double output[][] = new double[8][8];
+    double temp[][] = new double[8][8];
+    double temp1;
+    int i, j, k;
+    for (i = 0; i < 8; i++)
+      {
+        for (j = 0; j < 8; j++)
+          {
+            temp[i][j] = 0.0;
+            for (k = 0; k < 8; k++)
+              {
+                temp[i][j] += input[i][k] * c[k][j];
+              }
+          }
+      }
+    for (i = 0; i < 8; i++)
+      {
+        for (j = 0; j < 8; j++)
+          {
+            temp1 = 0.0;
+            for (k = 0; k < 8; k++)
+              temp1 += cT[i][k] * temp[k][j];
+            temp1 += 128.0;
+            if (temp1 < 0)
+              output[i][j] = 0;
+            else if (temp1 > 255)
+              output[i][j] = 255;
+            else
+              output[i][j] = (int) Math.round(temp1);
+          }
+      }
+    return output;
+  }
+
+  public double[][] idj_fast_fdct(float input[][])
+  {
+    double output[][] = new double[8][8];
+    double tmp0, tmp1, tmp2, tmp3, tmp4, tmp5, tmp6, tmp7;
+    double tmp10, tmp11, tmp12, tmp13;
+    double z1, z2, z3, z4, z5, z11, z13;
+    int i;
+    int j;
+
+    // Subtracts 128 from the input values
+    for (i = 0; i < 8; i++)
+      {
+        for (j = 0; j < 8; j++)
+          {
+            output[i][j] = ((double) input[i][j] - (double) 128.0);
+            //                        input[i][j] -= 128;
+            
+          }
+      }
+
+    for (i = 0; i < 8; i++)
+      {
+        tmp0 = output[i][0] + output[i][7];
+        tmp7 = output[i][0] - output[i][7];
+        tmp1 = output[i][1] + output[i][6];
+        tmp6 = output[i][1] - output[i][6];
+        tmp2 = output[i][2] + output[i][5];
+        tmp5 = output[i][2] - output[i][5];
+        tmp3 = output[i][3] + output[i][4];
+        tmp4 = output[i][3] - output[i][4];
+
+        tmp10 = tmp0 + tmp3;
+        tmp13 = tmp0 - tmp3;
+        tmp11 = tmp1 + tmp2;
+        tmp12 = tmp1 - tmp2;
+
+        output[i][0] = tmp10 + tmp11;
+        output[i][4] = tmp10 - tmp11;
+
+        z1 = (tmp12 + tmp13) * (double) 0.707106781;
+        output[i][2] = tmp13 + z1;
+        output[i][6] = tmp13 - z1;
+
+        tmp10 = tmp4 + tmp5;
+        tmp11 = tmp5 + tmp6;
+        tmp12 = tmp6 + tmp7;
+
+        z5 = (tmp10 - tmp12) * (double) 0.382683433;
+        z2 = ((double) 0.541196100) * tmp10 + z5;
+        z4 = ((double) 1.306562965) * tmp12 + z5;
+        z3 = tmp11 * ((double) 0.707106781);
+
+        z11 = tmp7 + z3;
+        z13 = tmp7 - z3;
+
+        output[i][5] = z13 + z2;
+        output[i][3] = z13 - z2;
+        output[i][1] = z11 + z4;
+        output[i][7] = z11 - z4;
+      }
+
+    for (i = 0; i < 8; i++)
+      {
+        tmp0 = output[0][i] + output[7][i];
+        tmp7 = output[0][i] - output[7][i];
+        tmp1 = output[1][i] + output[6][i];
+        tmp6 = output[1][i] - output[6][i];
+        tmp2 = output[2][i] + output[5][i];
+        tmp5 = output[2][i] - output[5][i];
+        tmp3 = output[3][i] + output[4][i];
+        tmp4 = output[3][i] - output[4][i];
+
+        tmp10 = tmp0 + tmp3;
+        tmp13 = tmp0 - tmp3;
+        tmp11 = tmp1 + tmp2;
+        tmp12 = tmp1 - tmp2;
+
+        output[0][i] = tmp10 + tmp11;
+        output[4][i] = tmp10 - tmp11;
+
+        z1 = (tmp12 + tmp13) * (double) 0.707106781;
+        output[2][i] = tmp13 + z1;
+        output[6][i] = tmp13 - z1;
+
+        tmp10 = tmp4 + tmp5;
+        tmp11 = tmp5 + tmp6;
+        tmp12 = tmp6 + tmp7;
+
+        z5 = (tmp10 - tmp12) * (double) 0.382683433;
+        z2 = ((double) 0.541196100) * tmp10 + z5;
+        z4 = ((double) 1.306562965) * tmp12 + z5;
+        z3 = tmp11 * ((double) 0.707106781);
+
+        z11 = tmp7 + z3;
+        z13 = tmp7 - z3;
+
+        output[5][i] = z13 + z2;
+        output[3][i] = z13 - z2;
+        output[1][i] = z11 + z4;
+        output[7][i] = z11 - z4;
+      }
+
+    return output;
+  }
+
+}
diff --git a/libjava/classpath/gnu/javax/imageio/jpeg/HuffmanTable.java b/libjava/classpath/gnu/javax/imageio/jpeg/HuffmanTable.java
new file mode 100644
index 00000000000..78f3c1c4f38
--- /dev/null
+++ b/libjava/classpath/gnu/javax/imageio/jpeg/HuffmanTable.java
@@ -0,0 +1,207 @@
+/* HuffmanTable.java --
+   Copyright (C)  2006  Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.imageio.jpeg;
+
+import java.io.IOException;
+
+import javax.imageio.plugins.jpeg.JPEGHuffmanTable;
+
+
+/**
+ * This Object construct a JPEGHuffmanTable which can be used to encode/decode
+ * a scan from a JPEG codec stream. The table must be initalized with either a
+ * BITS byte amount and a Huffman Table Value for decoding or a Huffman Size
+ * and Huffman Code table for encoding.
+ */
+public class HuffmanTable
+{
+  public final static int HUFFMAN_MAX_TABLES = 4;
+
+  private short[]  huffcode = new short[256];
+  private short[]  huffsize = new short[256];
+  private short[]  EHUFCO;
+  private short[]  EHUFSI;
+  private short[]  valptr = new short[16];
+  private short[]  mincode = {-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+                            -1,-1,-1};
+  private short[]  maxcode = {-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+                            -1, -1, -1};
+  private short[] huffval;
+  private short[] bits;
+
+  static byte JPEG_DC_TABLE = 0;
+  static byte JPEG_AC_TABLE = 1;
+
+  private short lastk = 0;
+
+  public HuffmanTable(JPEGHuffmanTable table)
+  {
+    huffcode = table.getValues();
+    bits = table.getLengths();
+  }
+
+  /**
+   * Generated from FIGURE C.1 - Generation of table of Huffman code sizes on
+   * ISO DIS 10918-1. Requirements and Guidelines
+   */
+  private void generateSizeTable()
+  {
+    short index=0;
+    for(short i=0; i < bits.length ; i++)
+      {
+        for(short j=0; j < bits[i] ; j++)
+          {
+            huffsize[index] = (short) (i+1);
+            index++;
+          }
+      }
+    lastk = index;
+  }
+
+  /**
+   * Generated from FIGURE C.2 - Generation of table of Huffman codes on
+   * ISO DIS 10918-1. Requirements and Guidelines
+   */
+  private void generateCodeTable()
+  {
+    short k=0;
+    short si = huffsize[0];
+    short code = 0;
+    for(short i=0; i < huffsize.length ; i++)
+      {
+        while(huffsize[k]==si)
+          {
+            huffcode[k] = code;
+            code++;
+            k++;
+          }
+        code <<= 1;
+        si++;
+      }
+  }
+
+  /**
+   * Generated from FIGURE F.15 - Generation of decode table generation on
+   * ISO DIS 10918-1. Requirements and Guidelines
+   */
+  private void generateDecoderTables()
+  {
+    short bitcount = 0;
+    for(int i=0; i < 16 ; i++)
+      {
+        if(bits[i]!=0)
+          valptr[i] = bitcount;
+        for(int j=0 ; j < bits[i] ; j++)
+          {
+            if(huffcode[j+bitcount] < mincode[i] || mincode[i] == -1)
+              mincode[i] = huffcode[j+bitcount];
+
+            if(huffcode[j+bitcount] > maxcode[i])
+              maxcode[i] = huffcode[j+bitcount];
+          }
+        if(mincode[i]!=-1)
+          valptr[i] = (short) (valptr[i] - mincode[i]);
+        bitcount += bits[i];
+      }
+  }
+
+  /**
+   * Generated from FIGURE C.3 - Generation of Order Codes and tables EHUFCO
+   * and EHUFSI from the ISO DIS 10918-1. Requirements and Guidelines
+   */
+  public void orderCodes(boolean isDC)
+  {
+    EHUFCO = new short[isDC ? 15 : 255];
+    EHUFSI = new short[isDC ? 15 : 255];
+
+    for (int p=0; p < lastk ; p++)
+      {
+        int i = huffval[p];
+        if(i < 0 || i > EHUFCO.length || EHUFSI[i]!=0)
+          System.err.println("Error, bad huffman table.");
+        EHUFCO[i] = huffcode[p];
+        EHUFSI[i] = huffsize[p];
+      }
+  }
+
+  /**
+   * Generated from FIGURE F.12 - Extending the sign bit of a decoded value in on
+   * ISO DIS 10918-1. Requirements and Guidelines<p>
+   *
+   * @param diff TODO
+   * @param t TODO
+   * @return TODO
+   */
+  public static int extend(int diff, int t)
+  {
+    int Vt = (int)Math.pow(2,(t-1));
+    if(diff<Vt)
+      {
+        Vt=(-1 << t)+1;
+        diff=diff+Vt;
+      }
+    return diff;
+  }
+
+  /**
+   * Generated from FIGURE F.16 - Procedure for DECODE on
+   * ISO DIS 10918-1. Requirements and Guidelines<p>
+   *
+   * This function takes in a dynamic amount of bits and using the Huffman
+   * table returns information on how many bits must be read in to a byte in
+   * order to reconstruct said byte.
+   *
+   * @param JPEGStream the bits of the data stream.
+   */
+  public int decode(JPEGImageInputStream JPEGStream)
+    throws IOException, JPEGException
+  {
+    int i=0;
+    short code = (short) JPEGStream.readBits(1);
+    while(code > maxcode[i])
+      {
+        i++;
+        code <<= 1;
+        code |= JPEGStream.readBits(1);
+      }
+    int val = huffval[code+(valptr[i])];
+    if(val < 0)
+      val = 256 + val;
+    return val;
+  }
+}
diff --git a/libjava/classpath/gnu/javax/imageio/jpeg/JPEGComponent.java b/libjava/classpath/gnu/javax/imageio/jpeg/JPEGComponent.java
new file mode 100644
index 00000000000..d5799fd412b
--- /dev/null
+++ b/libjava/classpath/gnu/javax/imageio/jpeg/JPEGComponent.java
@@ -0,0 +1,351 @@
+/* JPEGComponent.java --
+   Copyright (C)  2005  Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.imageio.jpeg;
+
+import java.util.ArrayList;
+import java.io.IOException;
+import java.awt.image.WritableRaster;
+
+import javax.imageio.plugins.jpeg.JPEGHuffmanTable;
+
+/**
+ * This class holds the methods to decode and write a component information to
+ * a raster.
+ */
+public class JPEGComponent
+{
+  public byte factorH, factorV, component_id, quant_id;
+  public int width = 0, height = 0, maxV = 0, maxH = 0;
+  public HuffmanTable ACTable;
+  public HuffmanTable DCTable;
+  public int[] quantizationTable;
+  public double previousDC = 0;
+  ArrayList data = new ArrayList();
+
+  /**
+   * Initializes the component
+   * 
+   * @param id
+   * @param factorHorizontal
+   * @param factorVertical
+   * @param quantizationID
+   */
+  public JPEGComponent(byte id, byte factorHorizontal, byte factorVertical,
+                       byte quantizationID)
+  {
+    component_id = id;
+    factorH = factorHorizontal;
+    factorV = factorVertical;
+    quant_id = quantizationID;
+  }
+
+  /**
+   * If a restart marker is found with too little of an MCU count (i.e. our
+   * Restart Interval is 63 and we have 61 we copy the last MCU until it's
+   * full)
+   * 
+   * @param index
+   * @param length
+   */
+  public void padMCU(int index, int length)
+  {
+    double[] src = (double[]) data.get(index - 1);
+    for (int i = 0; i < length; i++)
+      data.add(index, src);
+  }
+
+  /**
+   * Reset the interval by setting the previous DC value
+   */
+  public void resetInterval()
+  {
+    previousDC = 0;
+  }
+
+  /**
+   * Run the Quantization backward method on all of the block data.
+   */
+  public void quantitizeData()
+  {
+    for (int i = 0; i < data.size(); i++)
+      {
+        double[] mydata = (double[]) data.get(i);
+        for (int j = 0; j < mydata.length; j++)
+          mydata[j] *= quantizationTable[j];
+      }
+  }
+
+  public void setDCTable(JPEGHuffmanTable table)
+  {
+    DCTable = new HuffmanTable(table);
+  }
+
+  public void setACTable(JPEGHuffmanTable table)
+  {
+    ACTable = new HuffmanTable(table);
+  }
+
+  /**
+   * Run the Inverse DCT method on all of the block data
+   */
+  public void idctData(DCT myDCT)
+  {
+    for (int i = 0; i < data.size(); i++)
+      data.add(i,myDCT.fast_idct(ZigZag.decode8x8_map((double[]) data.remove(i))));
+  }
+
+  /**
+   * This scales up the component size based on the factor size. This
+   * calculates everyting up automatically so it's simply ran at the end of
+   * the frame to normalize the size of all of the components.
+   */
+  public void scaleByFactors()
+  {
+    int factorUpVertical = maxV / factorV;
+    int factorUpHorizontal = maxH / factorH;
+
+    if (factorUpVertical > 1)
+      {
+        for (int i = 0; i < data.size(); i++)
+          {
+            double[][] src = (double[][]) data.remove(i);
+            double[][] dest =
+              new double[src.length * factorUpVertical][src[0].length];
+            for (int j = 0; j < src.length; j++)
+              {
+                for (int u = 0; u < factorUpVertical; u++)
+                  {
+                    dest[j * factorUpVertical + u] = src[j];
+                  }
+              }
+            data.add(i, dest);
+          }
+      }
+
+    if (factorUpHorizontal > 1)
+      {
+        for (int i = 0; i < data.size(); i++)
+          {
+            double[][] src = (double[][]) data.remove(i);
+            double[][] dest =
+              new double[src.length][src[0].length * factorUpHorizontal];
+            for (int j = 0; j < src.length; j++)
+              {
+                for (int u = 0; u < src[0].length; u++)
+                  {
+                    for (int v = 0; v < factorUpHorizontal; v++)
+                      dest[j][u * factorUpHorizontal + v] = src[j][u];
+                  }
+              }
+            data.add(i, dest);
+          }
+      }
+  }
+
+  /**
+   * This write the block of data to the raster throwing out anything that
+   * spills over the raster width or height.
+   * 
+   * @param raster
+   * @param data
+   * @param compIndex
+   * @param x
+   * @param y
+   */
+  public void writeBlock(WritableRaster raster, double[][] data,
+                         int compIndex, int x, int y)
+  {
+    for (int yIndex = 0; yIndex < data.length; yIndex++)
+      {
+        for (int xIndex = 0; xIndex < data[yIndex].length; xIndex++)
+          {
+            // The if statement is needed because blocks can spill over the
+            // frame width because they are padded to make sure we keep the
+            // height of the block the same as the width of the block
+            if (x + xIndex < raster.getWidth()
+                && y + yIndex < raster.getHeight())
+              raster.setSample(x + xIndex, y + yIndex, compIndex,
+                               data[yIndex][xIndex]);
+          }
+      }
+  }
+
+  /**
+   * This writes data to a raster block, so really it's reading not writing
+   * but it writes the data to the raster block by factor size in a zig zag
+   * fashion. This has the helper function writeBlock which does the actual
+   * writing.
+   * 
+   * @param raster
+   * @param componentIndex
+   */
+  public void writeData(WritableRaster raster, int componentIndex)
+  {
+    int x = 0, y = 0, lastblockheight = 0, incrementblock = 0;
+
+    // Keep looping through all of the blocks until there are no more.
+    while(data.size() > 0)
+      {
+        int blockwidth = 0;
+        int blockheight = 0;
+
+        if (x >= raster.getWidth())
+          {
+            x = 0;
+            y += incrementblock;
+          }
+
+        // Loop through the horizontal component blocks of the MCU first
+        // then for each horizontal line write out all of the vertical
+        // components
+        for (int factorVIndex = 0; factorVIndex < factorV; factorVIndex++)
+          {
+            blockwidth = 0;
+
+            for (int factorHIndex = 0; factorHIndex < factorH; factorHIndex++)
+              {
+                // Captures the width of this block so we can increment the
+                // X coordinate
+                double[][] blockdata = (double[][]) data.remove(0);
+
+                // Writes the data at the specific X and Y coordinate of
+                // this component
+                writeBlock(raster, blockdata, componentIndex, x, y);
+                blockwidth += blockdata[0].length;
+                x += blockdata[0].length;
+                blockheight = blockdata.length;
+              }
+            y += blockheight;
+            x -= blockwidth;
+            lastblockheight += blockheight;
+          }
+        y -= lastblockheight;
+        incrementblock = lastblockheight;
+        lastblockheight = 0;
+        x += blockwidth;
+      }
+  }
+
+  /**
+   * Set the quantization table for this component.
+   * 
+   * @param quanttable
+   */
+  public void setQuantizationTable(int[] quanttable)
+  {
+    quantizationTable = quanttable;
+  }
+
+  /**
+   * Read in a partial MCU for this component
+   * 
+   * @param stream TODO
+   * @throws JPEGException TODO
+   * @throws IOException TODO
+   */
+  public void readComponentMCU(JPEGImageInputStream stream)
+    throws JPEGException, IOException
+  {
+    for (int i = 0; i < factorH * factorV; i++)
+      {
+        double dc = decode_dc_coefficient(stream);
+        double[] datablock = decode_ac_coefficients(stream);
+        datablock[0] = dc;
+        data.add(datablock);
+      }
+  }
+
+  /**
+   * Generated from text on F-22, F.2.2.1 - Huffman decoding of DC
+   * coefficients on ISO DIS 10918-1. Requirements and Guidelines.
+   * 
+   * @param JPEGStream TODO
+   *
+   * @return TODO
+   * @throws JPEGException TODO
+   * @throws IOException TODO
+   */
+  public double decode_dc_coefficient(JPEGImageInputStream JPEGStream)
+	throws JPEGException, IOException
+  {
+    int t = DCTable.decode(JPEGStream);
+    double diff = JPEGStream.readBits(t);
+    diff = HuffmanTable.extend((int) diff, t);
+    diff = (previousDC + diff);
+    previousDC = diff;
+    return diff;
+  }
+
+  /**
+   * Generated from text on F-23, F.13 - Huffman decoded of AC coefficients
+   * on ISO DIS 10918-1. Requirements and Guidelines.
+   * 
+   * @param JPEGStream TODO
+   * @return TODO
+   *
+   * @throws JPEGException TODO
+   * @throws IOException TODO
+   */
+  public double[] decode_ac_coefficients(JPEGImageInputStream JPEGStream)
+    throws JPEGException, IOException
+  {
+    double[] zz = new double[64];
+
+    for (int k = 1; k < 64; k++)
+      {
+        int s = ACTable.decode(JPEGStream);
+        int r = s >> 4;
+        s &= 15;
+
+        if (s != 0)
+          {
+            k += r;
+            r = (int) JPEGStream.readBits(s);
+            s = (int) HuffmanTable.extend(r, s);
+            zz[k] = s;
+          }
+        else
+          {
+            if (r != 15)
+              return (zz);
+            k += 15;
+          }
+      }
+    return zz;
+  }
+}
diff --git a/libjava/classpath/gnu/javax/imageio/jpeg/JPEGDecoder.java b/libjava/classpath/gnu/javax/imageio/jpeg/JPEGDecoder.java
new file mode 100644
index 00000000000..3610ebe874f
--- /dev/null
+++ b/libjava/classpath/gnu/javax/imageio/jpeg/JPEGDecoder.java
@@ -0,0 +1,630 @@
+/* JPEGDecoder.java --
+   Copyright (C)  2006  Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.imageio.jpeg;
+
+import java.io.IOException;
+import java.nio.ByteOrder;
+
+import javax.imageio.*;
+import javax.imageio.plugins.jpeg.JPEGHuffmanTable;
+import javax.imageio.plugins.jpeg.JPEGQTable;
+import javax.imageio.spi.*;
+import javax.imageio.metadata.*;
+import javax.imageio.stream.ImageInputStream;
+
+import java.util.ArrayList;
+import java.util.Hashtable;
+import java.util.Iterator;
+import java.awt.Point;
+import java.awt.Transparency;
+import java.awt.color.ColorSpace;
+import java.awt.image.BufferedImage;
+import java.awt.image.ComponentColorModel;
+import java.awt.image.DataBuffer;
+import java.awt.image.Raster;
+import java.awt.image.WritableRaster;
+
+public class JPEGDecoder
+{
+  byte majorVersion;
+  byte minorVersion;
+  byte units;
+  short Xdensity;
+  short Ydensity;
+  byte Xthumbnail;
+  byte Ythumbnail;
+  byte[] thumbnail;
+  BufferedImage image;
+  int width;
+  int height;
+  
+  byte marker;
+
+  /**
+   * This decoder expects JFIF 1.02 encoding.
+   */
+  public static final byte MAJOR_VERSION = (byte) 1;
+  public static final byte MINOR_VERSION = (byte) 2;
+
+  /**
+   * The length of the JFIF field not including thumbnail data.
+   */
+  public static final short JFIF_FIXED_LENGTH = 16;
+
+  /**
+   * The length of the JFIF extension field not including extension
+   * data.
+   */
+  public static final short JFXX_FIXED_LENGTH = 8;
+
+  private JPEGImageInputStream jpegStream;
+
+  ArrayList jpegFrames = new ArrayList();
+
+  JPEGHuffmanTable[] dcTables = new JPEGHuffmanTable[4];
+  JPEGHuffmanTable[] acTables = new JPEGHuffmanTable[4];
+  JPEGQTable[] qTables = new JPEGQTable[4];
+
+    public int getHeight()
+    {
+      return height;
+    }
+    
+    public int getWidth()
+    {
+        return width;
+    }
+  public JPEGDecoder(ImageInputStream in)
+    throws IOException, JPEGException
+  {
+    jpegStream = new JPEGImageInputStream(in);
+    jpegStream.setByteOrder(ByteOrder.LITTLE_ENDIAN);
+
+    if (jpegStream.findNextMarker() != JPEGMarker.SOI)
+      throw new JPEGException("Failed to find SOI marker.");
+
+    if (jpegStream.findNextMarker() != JPEGMarker.APP0)
+      throw new JPEGException("Failed to find APP0 marker.");
+
+    int length = jpegStream.readShort();
+    if (!(length >= JFIF_FIXED_LENGTH))
+      throw new JPEGException("Failed to find JFIF field.");
+
+    byte[] identifier = new byte[5];
+    jpegStream.read(identifier);
+    if (identifier[0] != JPEGMarker.JFIF_J
+        || identifier[1] != JPEGMarker.JFIF_F
+        || identifier[2] != JPEGMarker.JFIF_I
+        || identifier[3] != JPEGMarker.JFIF_F
+        || identifier[4] != JPEGMarker.X00)
+      throw new JPEGException("Failed to read JFIF identifier.");
+
+    majorVersion = jpegStream.readByte();
+    minorVersion = jpegStream.readByte();
+    if (majorVersion != MAJOR_VERSION
+        || (majorVersion == MAJOR_VERSION
+            && minorVersion < MINOR_VERSION))
+      throw new JPEGException("Unsupported JFIF version.");
+
+    units = jpegStream.readByte();
+    if (units > (byte) 2)
+      throw new JPEGException("Units field is out of range.");
+
+    Xdensity = jpegStream.readShort();
+    Ydensity = jpegStream.readShort();
+    Xthumbnail = jpegStream.readByte();
+    Ythumbnail = jpegStream.readByte();
+
+    // 3 * for RGB data
+    int thumbnailLength = 3 * Xthumbnail * Ythumbnail;
+    if (length > JFIF_FIXED_LENGTH
+        && thumbnailLength != length - JFIF_FIXED_LENGTH)
+      throw new JPEGException("Invalid length, Xthumbnail"
+                              + " or Ythumbnail field.");
+
+    if (thumbnailLength > 0)
+      {
+        thumbnail = new byte[thumbnailLength];
+        if (jpegStream.read(thumbnail) != thumbnailLength)
+          throw new IOException("Failed to read thumbnail.");
+      }
+  }
+
+  public void decode()
+    throws IOException
+  {
+    System.out.println ("DECODE!!!");
+    // The frames in this jpeg are loaded into a list. There is
+    // usually just one frame except in heirarchial progression where
+    // there are multiple frames.
+    JPEGFrame frame = null;
+
+    // The restart interval defines how many MCU's we should have
+    // between the 8-modulo restart marker. The restart markers allow
+    // us to tell whether or not our decoding process is working
+    // correctly, also if there is corruption in the image we can
+    // recover with these restart intervals. (See RSTm DRI).
+    int resetInterval = 0;
+
+    // The JPEGDecoder constructor parses the JFIF field.  At this
+    // point jpegStream points to the first byte after the JFIF field.
+
+    // Find the first marker after the JFIF field.
+    byte marker = jpegStream.findNextMarker();
+
+    // Check for a JFIF extension field directly following the JFIF
+    // header and advance the current marker to the next marker in the
+    // stream, if necessary.
+    decodeJFIFExtension();
+
+    // Loop through until there are no more markers to read in, at
+    // that point everything is loaded into the jpegFrames array and
+    // can be processed.
+    while (true)
+      {
+        switch (marker)
+          {
+            // APPn Application Reserved Information - Just throw this
+            // information away because we wont be using it.
+          case JPEGMarker.APP0:
+          case JPEGMarker.APP1:
+          case JPEGMarker.APP2:
+          case JPEGMarker.APP3:
+          case JPEGMarker.APP4:
+          case JPEGMarker.APP5:
+          case JPEGMarker.APP6:
+          case JPEGMarker.APP7:
+          case JPEGMarker.APP8:
+          case JPEGMarker.APP9:
+          case JPEGMarker.APP10:
+          case JPEGMarker.APP11:
+          case JPEGMarker.APP12:
+          case JPEGMarker.APP13:
+          case JPEGMarker.APP14:
+          case JPEGMarker.APP15:
+            jpegStream.skipBytes(jpegStream.readShort() - 2);
+            break;
+
+          case JPEGMarker.SOF0:
+            // SOFn Start of Frame Marker, Baseline DCT - This is the start
+            // of the frame header that defines certain variables that will
+            // be carried out through the rest of the encoding. Multiple
+            // frames are used in a heirarchiel system, however most JPEG's
+            // only contain a single frame.
+            jpegFrames.add(new JPEGFrame());
+            frame = (JPEGFrame) jpegFrames.get(jpegFrames.size() - 1);
+            // Skip the frame length.
+            jpegStream.readShort();
+            // Bits percision, either 8 or 12.
+            frame.setPrecision(jpegStream.readByte());
+            // Scan lines = to the height of the frame.
+            frame.setScanLines(jpegStream.readShort());
+            // Scan samples per line = to the width of the frame.
+            frame.setSamplesPerLine(jpegStream.readShort());
+            // Number of Color Components (or channels).
+            frame.setComponentCount(jpegStream.readByte());
+
+            // Set the color mode for this frame, so far only 2 color
+            // modes are supported.
+            if (frame.getComponentCount() == 1)
+              frame.setColorMode(JPEGFrame.JPEG_COLOR_GRAY);
+            else
+              frame.setColorMode(JPEGFrame.JPEG_COLOR_YCbCr);
+            // Add all of the necessary components to the frame.
+            for (int i = 0; i < frame.getComponentCount(); i++)
+              frame.addComponent(jpegStream.readByte(), jpegStream.readByte(),
+                                 jpegStream.readByte());
+            break;
+
+          case JPEGMarker.SOF2:
+            jpegFrames.add(new JPEGFrame());
+            frame = (JPEGFrame) jpegFrames.get(jpegFrames.size() - 1);
+            // Skip the frame length.
+            jpegStream.readShort();
+            // Bits percision, either 8 or 12.
+            frame.setPrecision(jpegStream.readByte());
+            // Scan lines = to the height of the frame.
+            frame.setScanLines(jpegStream.readShort());
+            // Scan samples per line = to the width of the frame.
+            frame.setSamplesPerLine(jpegStream.readShort());
+            // Number of Color Components (or channels).
+            frame.setComponentCount(jpegStream.readByte());
+
+            // Set the color mode for this frame, so far only 2 color
+            // modes are supported.
+            if (frame.getComponentCount() == 1)
+              frame.setColorMode(JPEGFrame.JPEG_COLOR_GRAY);
+            else
+              frame.setColorMode(JPEGFrame.JPEG_COLOR_YCbCr);
+
+            // Add all of the necessary components to the frame.
+            for (int i = 0; i < frame.getComponentCount(); i++)
+              frame.addComponent(jpegStream.readByte(), jpegStream.readByte(),
+                                 jpegStream.readByte());
+            break;
+
+          case JPEGMarker.DHT:
+            // DHT non-SOF Marker - Huffman Table is required for decoding
+            // the JPEG stream, when we receive a marker we load in first
+            // the table length (16 bits), the table class (4 bits), table
+            // identifier (4 bits), then we load in 16 bytes and each byte
+            // represents the count of bytes to load in for each of the 16
+            // bytes. We load this into an array to use later and move on 4
+            // huffman tables can only be used in an image.
+            int huffmanLength = (jpegStream.readShort() - 2);
+
+            // Keep looping until we are out of length.
+            int index = huffmanLength;
+
+            // Multiple tables may be defined within a DHT marker. This
+            // will keep reading until there are no tables left, most
+            // of the time there are just one tables.
+            while (index > 0)
+              {
+                // Read the identifier information and class
+                // information about the Huffman table, then read the
+                // 16 byte codelength in and read in the Huffman values
+                // and put it into table info.
+                byte huffmanInfo = jpegStream.readByte();
+                byte tableClass = (byte) (huffmanInfo >> 4);
+                byte huffmanIndex = (byte) (huffmanInfo & 0x0f);
+                short[] codeLength = new short[16];
+                jpegStream.readFully(codeLength, 0, codeLength.length);
+                int huffmanValueLen = 0;
+                for (int i = 0; i < 16; i++)
+                  huffmanValueLen += codeLength[i];
+                index -= (huffmanValueLen + 17);
+                short[] huffmanVal = new short[huffmanValueLen];
+                for (int i = 0; i < huffmanVal.length; i++)
+                  huffmanVal[i] = jpegStream.readByte();
+                // Assign DC Huffman Table.
+                if (tableClass == HuffmanTable.JPEG_DC_TABLE)
+                  dcTables[(int) huffmanIndex] = new JPEGHuffmanTable(codeLength,
+                                                                      huffmanVal);
+                // Assign AC Huffman Table.
+                else if (tableClass == HuffmanTable.JPEG_AC_TABLE)
+                  acTables[(int) huffmanIndex] = new JPEGHuffmanTable(codeLength,
+                                                                      huffmanVal);
+              }
+            break;
+          case JPEGMarker.DQT:
+            // DQT non-SOF Marker - This defines the quantization
+            // coeffecients, this allows us to figure out the quality of
+            // compression and unencode the data. The data is loaded and
+            // then stored in to an array.
+            short quantizationLength = (short) (jpegStream.readShort() - 2);
+            for (int j = 0; j < quantizationLength / 65; j++)
+              {
+                byte quantSpecs = jpegStream.readByte();
+                int[] quantData = new int[64];
+                if ((byte) (quantSpecs >> 4) == 0)
+                  // Precision 8 bit.
+                  {
+                    for (int i = 0; i < 64; i++)
+                      quantData[i] = jpegStream.readByte();
+                  
+                  }
+                else if ((byte) (quantSpecs >> 4) == 1)
+                  // Precision 16 bit.
+                  {
+                    for (int i = 0; i < 64; i++)
+                      quantData[i] = jpegStream.readShort();
+                  }
+                qTables[(int) (quantSpecs & 0x0f)] = new JPEGQTable (quantData);
+              }
+            break;
+          case JPEGMarker.SOS:
+            // SOS non-SOF Marker - Start Of Scan Marker, this is where the
+            // actual data is stored in a interlaced or non-interlaced with
+            // from 1-4 components of color data, if three components most
+            // likely a YCrCb model, this is a fairly complex process.
+
+            // Read in the scan length.
+            jpegStream.readShort();
+            // Number of components in the scan.
+            byte numberOfComponents = jpegStream.readByte();
+            byte[] componentSelector = new byte[numberOfComponents];
+            for (int i = 0; i < numberOfComponents; i++)
+              {
+                // Component ID, packed byte containing the Id for the
+                // AC table and DC table.
+                byte componentID = jpegStream.readByte();
+                byte tableInfo = jpegStream.readByte();
+                frame.setHuffmanTables(componentID,
+                                       acTables[(byte) (tableInfo >> 4)],
+                                       dcTables[(byte) (tableInfo & 0x0f)]);
+                componentSelector[i] = componentID;
+              }
+            byte startSpectralSelection = jpegStream.readByte();
+            byte endSpectralSelection = jpegStream.readByte();
+            byte successiveApproximation = jpegStream.readByte();
+
+            int mcuIndex = 0; 
+            int mcuTotalIndex = 0;
+            // This loops through until a MarkerTagFound exception is
+            // found, if the marker tag is a RST (Restart Marker) it
+            // simply skips it and moves on this system does not handle
+            // corrupt data streams very well, it could be improved by
+            // handling misplaced restart markers.
+            while (true)
+              {
+                try
+                  {
+                    // Loop though capturing MCU, instruct each
+                    // component to read in its necessary count, for
+                    // scaling factors the components automatically
+                    // read in how much they need
+                    for (int compIndex = 0; compIndex < numberOfComponents; compIndex++)
+                      {
+                        JPEGComponent comp = (JPEGComponent) frame.components.getComponentByID(componentSelector[compIndex]);
+                        comp.readComponentMCU(jpegStream);
+                      }
+                    mcuIndex++;
+                    mcuTotalIndex++;
+                  }
+                // We've found a marker, see if the marker is a restart
+                // marker or just the next marker in the stream. If
+                // it's the next marker in the stream break out of the
+                // while loop, if it's just a restart marker skip it
+                catch (JPEGMarkerFoundException bse)
+                  {
+                    // Handle JPEG Restart Markers, this is where the
+                    // count of MCU's per interval is compared with
+                    // the count actually obtained, if it's short then
+                    // pad on some MCU's ONLY for components that are
+                    // greater than one. Also restart the DC prediction
+                    // to zero.
+                    if (marker == JPEGMarker.RST0
+                        || marker == JPEGMarker.RST1
+                        || marker == JPEGMarker.RST2
+                        || marker == JPEGMarker.RST3
+                        || marker == JPEGMarker.RST4
+                        || marker == JPEGMarker.RST5
+                        || marker == JPEGMarker.RST6
+                        || marker == JPEGMarker.RST7)
+                      {
+                        for (int compIndex = 0; compIndex < numberOfComponents; compIndex++)
+                          {
+                            JPEGComponent comp = (JPEGComponent) frame.components.getComponentByID(componentSelector[compIndex]);
+                            if (compIndex > 1)
+                              comp.padMCU(mcuTotalIndex, resetInterval - mcuIndex);
+                            comp.resetInterval();
+                          }
+                        mcuTotalIndex += (resetInterval - mcuIndex);
+                        mcuIndex = 0;
+                      }
+                    else
+                      {
+                        // We're at the end of our scan, exit out.
+                        break;
+                      }
+                  }
+              }
+            break;
+          case JPEGMarker.DRI:
+            // DRI - This defines the restart interval, if we have a
+            // restart interval when we reach our restart modulo calculate
+            // whether the count of MCU's specified in the restart
+            // interval have been reached, if they havent then pad with
+            // whatever MCU was last used, this is supposed to be a form of
+            // error recovery but it turns out that some JPEG encoders
+            // purposely cause missing MCU's on repeating MCU's to compress
+            // data even more (even though it adds an extra layer of
+            // complexity.. But since when is JPEG easy?
+            jpegStream.skipBytes(2);
+            resetInterval = jpegStream.readShort();
+            break;
+          case JPEGMarker.COM:
+            // COM - This is a comment that was inserted into the JPEG, we
+            // simply skip over the comment because it's really of no
+            // importance, usually contains a verbal description of the
+            // application or author who created the JPEG.
+            jpegStream.skipBytes(jpegStream.readShort() - 2);
+            break;
+          case JPEGMarker.DNL:
+            // DNL - This sets the height of the image. This is the Define
+            // Number Lines for the image, I'm not sure exactly why we need
+            // this but, whatever we'll abide.
+            frame.setScanLines(jpegStream.readShort());
+            break;
+          case JPEGMarker.EOI:
+            // EOI - End of Image, this processes the frames and turns the
+            // frames into a buffered image.
+
+            if (jpegFrames.size() == 0)
+              {
+                return;
+              }
+            else if (jpegFrames.size() == 1)
+              {
+                // Only one frame, JPEG Non-Heirarchial Frame.
+
+                DCT myDCT = new DCT();
+                WritableRaster raster =
+                  Raster.createInterleavedRaster(DataBuffer.TYPE_BYTE,
+                                                 frame.width,
+                                                 frame.height,
+                                                 frame.getComponentCount(),
+                                                 new Point(0, 0));
+
+                // Unencode the data.
+                for (int i = 0; i < frame.getComponentCount(); i++)
+                  {
+                    JPEGComponent comp =
+                      (JPEGComponent) frame.components.get(i);
+                    comp.setQuantizationTable(qTables[comp.quant_id].getTable());
+                    comp.quantitizeData();
+                    comp.idctData(myDCT);
+                  }
+                // Scale the image and write the data to the raster.
+                for (int i = 0; i < frame.getComponentCount(); i++)
+                  {
+                    JPEGComponent comp = (JPEGComponent) frame.components.get(i);
+                    comp.scaleByFactors();
+                    comp.writeData(raster, i);
+                    // Ensure garbage collection.
+                    comp = null;
+                  }
+                // Grayscale Color Image (1 Component).
+                if (frame.getComponentCount() == 1)
+                  {
+                    ColorSpace cs = ColorSpace.getInstance(ColorSpace.CS_GRAY);
+                    ComponentColorModel ccm =
+                      new ComponentColorModel(cs, false, false,
+                                              Transparency.OPAQUE,
+                                              DataBuffer.TYPE_BYTE);
+                    image = new BufferedImage(ccm, raster, false,
+                                              new Hashtable());
+                  }
+                // YCbCr Color Image (3 Components).
+                else if (frame.getComponentCount() == 3)
+                  {
+                    ComponentColorModel ccm =
+                      new ComponentColorModel(new YCbCr_ColorSpace(), false,
+                                              false, Transparency.OPAQUE,
+                                              DataBuffer.TYPE_BYTE);
+                    image = new BufferedImage(ccm, raster, false,
+                                              new Hashtable());
+                  }
+                // Possibly CMYK or RGBA ?
+                else
+                  {
+                    throw new JPEGException("Unsupported Color Mode: 4 "
+                                            + "Component Color Mode found.");
+                  }
+                height = frame.height;
+                width = frame.width;
+              }
+            else
+              {
+                //JPEG Heirarchial Frame (progressive or baseline).
+                throw new JPEGException("Unsupported Codec Type:"
+                                        + " Hierarchial JPEG");
+              }
+            break;
+          case JPEGMarker.SOF1:
+            // ERROR - If we encounter any of the following marker codes
+            // error out with a codec exception, progressive, heirarchial,
+            // differential, arithmetic, lossless JPEG's are not supported.
+            // This is where enhancements can be made for future versions.
+            // Thankfully 99% of all JPEG's are baseline DCT.
+            throw new JPEGException("Unsupported Codec Type: Extended "
+                                    + "Sequential DCT JPEG's Not-Supported");
+            //case JPEGMarker.SOF2:
+            //	throw new JPEGException("Unsupported Codec Type: Progressive DCT JPEG's Not-Supported");
+          case JPEGMarker.SOF3:
+            throw new JPEGException("Unsupported Codec Type:"
+                                    + " Lossless (sequential)");
+          case JPEGMarker.SOF5:
+            throw new JPEGException("Unsupported Codec Type:"
+                                    + " Differential sequential DCT");
+          case JPEGMarker.SOF6:
+            throw new JPEGException("Unsupported Codec Type:"
+                                    + " Differential progressive DCT");
+          case JPEGMarker.SOF7:
+            throw new JPEGException("Unsupported Codec Type:"
+                                    + " Differential lossless");
+          case JPEGMarker.SOF9:
+          case JPEGMarker.SOF10:
+          case JPEGMarker.SOF11:
+          case JPEGMarker.SOF13:
+          case JPEGMarker.SOF14:
+          case JPEGMarker.SOF15:
+            throw new JPEGException("Unsupported Codec Type:"
+                                    + " Arithmetic Coding Frame");
+          default:
+            // Unknown marker found, ignore it.
+          }
+        marker = jpegStream.findNextMarker();
+      }
+  }
+
+  // If the current marker is APP0, tries to decode a JFIF extension
+  // and advances the current marker to the next marker in the stream.
+  private void decodeJFIFExtension() throws IOException
+  {
+    if (marker == JPEGMarker.APP0)
+      {
+        int length = jpegStream.readShort();
+
+        if (length >= JFXX_FIXED_LENGTH)
+          {
+            byte[] identifier = new byte[5];
+            jpegStream.read(identifier);
+            if (identifier[0] != JPEGMarker.JFIF_J
+                || identifier[1] != JPEGMarker.JFIF_F
+                || identifier[2] != JPEGMarker.JFIF_X
+                || identifier[3] != JPEGMarker.JFIF_X
+                || identifier[4] != JPEGMarker.X00)
+              // Not a JFXX field.  Ignore it and continue.
+              jpegStream.skipBytes(length - 7);
+            else
+              {
+                byte extension_code = jpegStream.readByte();
+
+                switch (extension_code)
+                  {
+                  case JPEGMarker.JFXX_JPEG:
+                    // FIXME: add support for JFIF Extension:
+                    // Thumbnail coded using JPEG.
+                    jpegStream.skipBytes(length - 8);
+                  case JPEGMarker.JFXX_ONE_BPP:
+                    // FIXME: add support for JFIF Extension:
+                    // Thumbnail stored using 1 byte/pixel.
+                    jpegStream.skipBytes(length - 8);
+                  case JPEGMarker.JFXX_THREE_BPP:
+                    // FIXME: add support for JFIF Extension:
+                    // Thumbnail stored using 3 bytes/pixel.
+                    jpegStream.skipBytes(length - 8);
+                  }
+              }
+          }
+        else
+          {
+            // Unknown APP0 marker.  Ignore it and continue.
+            jpegStream.skipBytes(length - 2);
+          }
+        marker = jpegStream.findNextMarker();
+      }
+  }
+
+  public BufferedImage getImage()
+  {
+    return image;
+  }
+}
diff --git a/libjava/classpath/gnu/javax/imageio/jpeg/JPEGException.java b/libjava/classpath/gnu/javax/imageio/jpeg/JPEGException.java
new file mode 100644
index 00000000000..b684069ccb6
--- /dev/null
+++ b/libjava/classpath/gnu/javax/imageio/jpeg/JPEGException.java
@@ -0,0 +1,55 @@
+/* JPEGException.java --
+   Copyright (C)  2006  Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.imageio.jpeg;
+
+// FIXME: change to IIOException
+import java.io.IOException;
+import javax.imageio.*;
+import javax.imageio.spi.*;
+import javax.imageio.metadata.*;
+import javax.imageio.stream.ImageInputStream;
+import java.util.Iterator;
+import java.awt.image.BufferedImage;
+
+public class JPEGException extends IIOException
+{
+  public JPEGException(String message)
+  {
+     super(message);
+  }
+}
diff --git a/libjava/classpath/gnu/javax/imageio/jpeg/JPEGFrame.java b/libjava/classpath/gnu/javax/imageio/jpeg/JPEGFrame.java
new file mode 100644
index 00000000000..9b958f98f2c
--- /dev/null
+++ b/libjava/classpath/gnu/javax/imageio/jpeg/JPEGFrame.java
@@ -0,0 +1,108 @@
+/* JPEGFrame.java --
+   Copyright (C)  2005  Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.imageio.jpeg;
+
+import javax.imageio.plugins.jpeg.JPEGHuffmanTable;
+
+public class JPEGFrame
+{
+  public final static byte JPEG_COLOR_GRAY = 1;
+  public final static byte JPEG_COLOR_RGB = 2;
+  public final static byte JPEG_COLOR_YCbCr = 3;
+  public final static byte JPEG_COLOR_CMYK = 4;
+
+  public byte precision = 8;
+  public byte colorMode = JPEGFrame.JPEG_COLOR_YCbCr;
+  public byte componentCount = 0;
+
+  public short width=0, height=0;
+
+  public JPEGScan components;
+
+  public JPEGFrame()
+  {
+    components = new JPEGScan();
+  }
+
+  public void addComponent(byte componentID, byte sampleFactors,
+                           byte quantizationTableID)
+  {
+    byte sampleHorizontalFactor = (byte)(sampleFactors >> 4);
+    byte sampleVerticalFactor = (byte)(sampleFactors & 0x0f);
+    components.addComponent(componentID, sampleHorizontalFactor,
+                            sampleVerticalFactor, quantizationTableID);
+  }
+
+  public void setPrecision(byte data)
+  {
+    precision = data;
+  }
+
+  public void setScanLines(short data)
+  {
+    height = data;
+  }
+
+  public void setSamplesPerLine(short data)
+  {
+    width = data;
+  }
+
+  public void setColorMode(byte data)
+  {
+    colorMode = data;
+  }
+
+  public void setComponentCount(byte data)
+  {
+    componentCount = data;
+  }
+
+  public byte getComponentCount()
+  {
+    return componentCount;
+  }
+
+  public void setHuffmanTables(byte componentID, JPEGHuffmanTable ACTable,
+                               JPEGHuffmanTable DCTable)
+  {
+    JPEGComponent comp = (JPEGComponent)components.getComponentByID(componentID);
+    comp.setACTable(ACTable);
+    comp.setDCTable(DCTable);
+  }
+}
diff --git a/libjava/classpath/gnu/javax/imageio/jpeg/JPEGImageInputStream.java b/libjava/classpath/gnu/javax/imageio/jpeg/JPEGImageInputStream.java
new file mode 100644
index 00000000000..4ae909baf15
--- /dev/null
+++ b/libjava/classpath/gnu/javax/imageio/jpeg/JPEGImageInputStream.java
@@ -0,0 +1,195 @@
+/* JPEGImageInputStream.java --
+   Copyright (C)  2006  Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.imageio.jpeg;
+
+import java.io.EOFException;
+import java.io.IOException;
+import javax.imageio.*;
+import javax.imageio.spi.*;
+import javax.imageio.metadata.*;
+import javax.imageio.stream.ImageInputStream;
+import javax.imageio.stream.ImageInputStreamImpl;
+
+import java.util.Iterator;
+import java.awt.image.BufferedImage;
+
+public class JPEGImageInputStream
+  extends ImageInputStreamImpl
+{
+  private ImageInputStream in;
+
+  byte marker;
+  
+  public JPEGImageInputStream(ImageInputStream in)
+  {
+    super();
+
+    this.in = in;
+  }
+
+  public int read()
+    throws IOException
+  {
+    setBitOffset(0);
+    return in.read();
+  }
+
+  public int read(byte[] data, int offset, int len)
+    throws IOException
+  {
+    setBitOffset(0);
+    return in.read(data, offset, len);
+  }
+  
+  /**
+   * Pull a byte from the stream, this checks to see if the byte is 0xff
+   * and if the next byte isn't 0x00 (stuffed byte) it errors out. If it's
+   * 0x00 then it simply ignores the byte.
+   *
+   * @return the next byte in the buffer
+   *
+   * @throws IOException TODO
+   * @throws BitStreamException TODO
+   */
+  private byte pullByte() throws IOException, JPEGMarkerFoundException
+  {
+    byte mybyte = readByte();
+    // FIXME: handle multiple 0xff in a row
+    if(mybyte==(byte)(0xff))
+      {
+        byte secondbyte = readByte();
+        if(secondbyte != (byte)(0x00))
+          {
+            marker = secondbyte;
+            throw new JPEGMarkerFoundException();
+          }
+      }
+    return mybyte;
+  }
+
+  /**
+   * This returns the marker that was last encountered.  This should only be
+   * used if removeBit() throws a MarkerTagFound exception.
+   *
+   * @return marker as byte
+   */
+  public byte getMarker()
+  {
+    return marker;
+  }
+
+  /**
+   * Removes a bit from the buffer. (Removes from the top of a queue). This
+   * also checks for markers and throws MarkerTagFound exception if it does.
+   * If MarkerTagFound is thrown you can use getMarker() method to get the
+   * marker that caused the throw.
+   *
+   * @param l specifies how many bits you want to remove and add to the
+   *        integer
+   * @return the amount of bits specified by l as an integer
+   *
+   * @throws IOException TODO
+   * @throws JPEGMarkerFoundException 
+   * @throws BitStreamException TODO
+   */
+  public int readBit()
+  throws IOException, JPEGMarkerFoundException
+{
+  checkClosed();
+
+  // Calc new bit offset here, readByte resets it.
+  int newOffset = (bitOffset + 1) & 0x7;
+
+  byte data = pullByte();
+  
+  if (bitOffset != 0)
+    {
+        seek(getStreamPosition() - 1);
+        data = (byte) (data >> (8 - newOffset));
+    }
+
+  bitOffset = newOffset;
+  return data & 0x1;
+}
+
+
+  /**
+   * This method skips over the the data and finds the next position
+   * in the bit sequence with a X'FF' X'??' sequence.  Multiple X'FF
+   * bytes in sequence are considered padding and interpreted as one
+   * X'FF byte.
+   *
+   * @return the next marker byte in the stream
+   * @throws IOException if the end of the stream is reached
+   * unexpectedly
+   */
+  public byte findNextMarker()
+    throws IOException
+  {
+    boolean marked0xff = false;
+    byte byteinfo = JPEGMarker.X00;
+
+    setBitOffset(0);
+    while (true)
+      {
+        byteinfo = readByte();
+        if (!marked0xff)
+          {
+            if (byteinfo == JPEGMarker.XFF)
+              marked0xff = true;
+          }
+        else
+          {
+            if (byteinfo == JPEGMarker.XFF)
+              // Ignore the value 0xff when it is immediately
+              // followed by another 0xff byte.
+              continue;
+            else if (byteinfo == JPEGMarker.X00)
+              // The sequence 0xff 0x00 is used to encode the
+              // actual value 0xff.  So restart our search for a
+              // marker.
+              marked0xff = false;
+            else
+              // One or more 0xff values were follwed by a
+              // non-0x00, non-0xff value so return this as the
+              // marker byte.
+              return byteinfo;
+          }
+      }
+  }
+}
diff --git a/libjava/classpath/gnu/javax/imageio/jpeg/JPEGImageReader.java b/libjava/classpath/gnu/javax/imageio/jpeg/JPEGImageReader.java
new file mode 100644
index 00000000000..51bc0ce3760
--- /dev/null
+++ b/libjava/classpath/gnu/javax/imageio/jpeg/JPEGImageReader.java
@@ -0,0 +1,141 @@
+/* JPEGImageReader.java --
+   Copyright (C)  2006  Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.imageio.jpeg;
+
+import java.io.IOException;
+import javax.imageio.*;
+import javax.imageio.spi.*;
+import javax.imageio.metadata.*;
+import javax.imageio.stream.ImageInputStream;
+import java.util.Iterator;
+import java.awt.image.BufferedImage;
+
+public class JPEGImageReader extends ImageReader
+{
+  JPEGDecoder decoder;
+
+  protected JPEGImageReader(ImageReaderSpi originatingProvider)
+  {
+    super(originatingProvider);
+    System.out.println("JPEGIMAGEREADER!!!");
+  }
+
+  // Abstract ImageReader methods.
+  public int getHeight(int imageIndex)
+    throws IOException
+  {
+    checkIndex(imageIndex);
+    decodeStream();
+    return decoder.getHeight();
+  }
+
+  public IIOMetadata getImageMetadata(int imageIndex)
+    throws IOException
+  {
+    // FIXME: handle metadata
+    checkIndex(imageIndex);
+    return null;
+  }
+
+  public Iterator getImageTypes(int imageIndex)
+    throws IOException
+  {
+    return null;
+  }
+
+  public int getNumImages(boolean allowSearch)
+    throws IOException
+  {
+    return 1;
+  }
+
+  public IIOMetadata getStreamMetadata()
+    throws IOException
+  {
+    // FIXME: handle metadata
+    return null;
+  }
+
+  public int getWidth(int imageIndex)
+    throws IOException
+  {
+    checkIndex(imageIndex);
+    decodeStream();
+    return decoder.getWidth();
+  }
+
+  public BufferedImage read(int imageIndex, ImageReadParam param)
+    throws IOException
+  {
+    checkIndex(imageIndex);
+    decodeStream();
+    return decoder.getImage();
+  }
+
+  // private helper methods
+  private void checkIndex(int imageIndex)
+    throws IndexOutOfBoundsException
+  {
+    if (imageIndex != 0)
+      throw new IndexOutOfBoundsException();
+  }
+
+  private void checkStream() throws IOException
+  {
+    if (!(input instanceof ImageInputStream)) 
+      throw new IllegalStateException("Input not an ImageInputStream.");
+    if(input == null)
+      throw new IllegalStateException("No input stream.");
+  }
+
+  private void decodeStream()
+    throws IOException, IIOException
+  {
+    System.out.println("DECONDING 1");
+    if (decoder != null)
+      return;
+
+    System.out.println("DECONDING 2");
+    checkStream();
+
+    System.out.println("DECONDING 3");
+    decoder = new JPEGDecoder((ImageInputStream)input);
+    System.out.println("DECONDING 4");
+    decoder.decode();
+  }
+}
diff --git a/libjava/classpath/gnu/javax/imageio/jpeg/JPEGImageReaderSpi.java b/libjava/classpath/gnu/javax/imageio/jpeg/JPEGImageReaderSpi.java
new file mode 100644
index 00000000000..c1e9adf6027
--- /dev/null
+++ b/libjava/classpath/gnu/javax/imageio/jpeg/JPEGImageReaderSpi.java
@@ -0,0 +1,137 @@
+/* JPEGImageReaderSpi.java --
+   Copyright (C)  2006  Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.imageio.jpeg;
+
+import java.io.IOException;
+import java.util.Locale;
+import javax.imageio.ImageReader;
+import javax.imageio.spi.ImageReaderSpi;
+import javax.imageio.spi.IIORegistry;
+import javax.imageio.stream.ImageInputStream;
+
+public class JPEGImageReaderSpi extends ImageReaderSpi
+{
+  static final String vendorName = "GNU";
+  static final String version = "0.1";
+  static final String readerClassName =
+    "gnu.javax.imageio.jpeg.JPEGImageReader";
+  static final String[] names = { "JPEG" };
+  static final String[] suffixes = { ".jpeg", ".jpg", ".jpe" };
+  static final String[] MIMETypes = { "image/jpeg" };
+  static final String[] writerSpiNames =
+    { "gnu.javax.imageio.jpeg.JPEGImageWriterSpi" };
+
+  static final boolean supportsStandardStreamMetadataFormat = false;
+  static final String nativeStreamMetadataFormatName = null;
+  static final String nativeStreamMetadataFormatClassName = null;
+  static final String[] extraStreamMetadataFormatNames = null;
+  static final String[] extraStreamMetadataFormatClassNames = null;
+  static final boolean supportsStandardImageMetadataFormat = false;
+  static final String nativeImageMetadataFormatName = null;
+  static final String nativeImageMetadataFormatClassName = null;
+  static final String[] extraImageMetadataFormatNames = null;
+  static final String[] extraImageMetadataFormatClassNames = null;
+
+  private static JPEGImageReaderSpi readerSpi;
+
+  public JPEGImageReaderSpi()
+  {
+    super(vendorName, version,
+          names, suffixes, MIMETypes,
+          readerClassName,
+          STANDARD_INPUT_TYPE, // Accept ImageInputStreams
+          writerSpiNames,
+          supportsStandardStreamMetadataFormat,
+          nativeStreamMetadataFormatName,
+          nativeStreamMetadataFormatClassName,
+          extraStreamMetadataFormatNames,
+          extraStreamMetadataFormatClassNames,
+          supportsStandardImageMetadataFormat,
+          nativeImageMetadataFormatName,
+          nativeImageMetadataFormatClassName,
+          extraImageMetadataFormatNames,
+          extraImageMetadataFormatClassNames);
+    System.out.println ("JPEGImageReaderSPI!!!");
+  }
+    
+  public String getDescription(Locale locale)
+  {
+    return "JPEG ISO 10918-1, JFIF V1.02";
+  }
+    
+  public boolean canDecodeInput(Object input)
+    throws IOException
+  {
+    if (!(input instanceof ImageInputStream)) 
+      return false;
+
+    ImageInputStream in = (ImageInputStream) input;
+    boolean retval;
+
+    in.mark();
+    try
+      {
+        new JPEGDecoder(in);
+        retval = true;
+      }
+    catch(JPEGException e)
+      {
+        retval = false;
+      }
+    in.reset();
+
+    return retval;
+  }
+    
+  public ImageReader createReaderInstance(Object extension)
+  {
+    return new JPEGImageReader(this);
+  }
+
+  public static void registerSpis(IIORegistry reg)
+  {
+    reg.registerServiceProvider(getReaderSpi(), ImageReaderSpi.class);
+  }
+
+  public static synchronized JPEGImageReaderSpi getReaderSpi()
+  {
+    if (readerSpi == null)
+      readerSpi = new JPEGImageReaderSpi();
+    return readerSpi;
+  }
+}
diff --git a/libjava/classpath/gnu/javax/imageio/jpeg/JPEGMarker.java b/libjava/classpath/gnu/javax/imageio/jpeg/JPEGMarker.java
new file mode 100644
index 00000000000..c80a0ca78fe
--- /dev/null
+++ b/libjava/classpath/gnu/javax/imageio/jpeg/JPEGMarker.java
@@ -0,0 +1,205 @@
+/* JPEGMarker.java --
+   Copyright (C)  2006  Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.imageio.jpeg;
+
+public class JPEGMarker
+{
+  /**
+   * JFIF identifiers.
+   */
+  public final static byte JFIF_J = (byte) 0x4a;
+  public final static byte JFIF_F = (byte) 0x46;
+  public final static byte JFIF_I = (byte) 0x49;
+  public final static byte JFIF_X = (byte) 0x46;
+
+  /**
+   * JFIF extension codes.
+   */
+  public final static byte JFXX_JPEG = (byte) 0x10;
+  public final static byte JFXX_ONE_BPP = (byte) 0x11;
+  public final static byte JFXX_THREE_BPP = (byte) 0x13;
+
+  /**
+   * Marker prefix byte.
+   */
+  public final static byte XFF = (byte) 0xff;
+
+  /**
+   * Marker byte that represents a literal 0xff.
+   */
+  public final static byte X00 = (byte) 0x00;
+
+  /**
+   *  Application Reserved Keyword.
+   */
+  public final static byte APP0 = (byte) 0xe0;
+
+  public final static byte APP1 = (byte) 0xe1;
+  public final static byte APP2 = (byte) 0xe2;
+  public final static byte APP3 = (byte) 0xe3;
+  public final static byte APP4 = (byte) 0xe4;
+  public final static byte APP5 = (byte) 0xe5;
+  public final static byte APP6 = (byte) 0xe6;
+  public final static byte APP7 = (byte) 0xe7;
+  public final static byte APP8 = (byte) 0xe8;
+  public final static byte APP9 = (byte) 0xe9;
+  public final static byte APP10 = (byte) 0xea;
+  public final static byte APP11 = (byte) 0xeb;
+  public final static byte APP12 = (byte) 0xec;
+  public final static byte APP13 = (byte) 0xed;
+  public final static byte APP14 = (byte) 0xee;
+  public final static byte APP15 = (byte) 0xef;
+
+  /**
+   * Modulo Restart Interval.
+   */
+  public final static byte RST0 = (byte) 0xd0;
+
+  public final static byte RST1 = (byte) 0xd1;
+  public final static byte RST2 = (byte) 0xd2;
+  public final static byte RST3 = (byte) 0xd3;
+  public final static byte RST4 = (byte) 0xd4;
+  public final static byte RST5 = (byte) 0xd5;
+  public final static byte RST6 = (byte) 0xd6;
+  public final static byte RST7 = (byte) 0xd7;
+
+  /**
+   * Nondifferential Huffman-coding frame (baseline dct).
+   */
+  public final static byte SOF0 = (byte) 0xc0;
+
+  /**
+   * Nondifferential Huffman-coding frame (extended dct).
+   */
+  public final static byte SOF1 = (byte) 0xc1;
+
+  /**
+   * Nondifferential Huffman-coding frame (progressive dct).
+   */
+  public final static byte SOF2 = (byte) 0xc2;
+
+  /**
+   * Nondifferential Huffman-coding frame Lossless (Sequential).
+   */
+  public final static byte SOF3 = (byte) 0xc3;
+
+  /**
+   * Differential Huffman-coding frame Sequential DCT.
+   */
+  public final static byte SOF5 = (byte) 0xc5;
+
+  /**
+   * Differential Huffman-coding frame Progressive DCT.
+   */
+  public final static byte SOF6 = (byte) 0xc6;
+
+  /**
+   * Differential Huffman-coding frame lossless.
+   */
+  public final static byte SOF7 = (byte) 0xc7;
+
+  /**
+   * Nondifferential Arithmetic-coding frame (extended dct).
+   */
+  public final static byte SOF9 = (byte) 0xc9;
+
+  /**
+   * Nondifferential Arithmetic-coding frame (progressive dct).
+   */
+  public final static byte SOF10 = (byte) 0xca;
+
+  /**
+   * Nondifferential Arithmetic-coding frame (lossless).
+   */
+  public final static byte SOF11 = (byte) 0xcb;
+
+  /**
+   * Differential Arithmetic-coding frame (sequential dct).
+   */
+  public final static byte SOF13 = (byte) 0xcd;
+
+  /**
+   * Differential Arithmetic-coding frame (progressive dct).
+   */
+  public final static byte SOF14 = (byte) 0xce;
+
+  /**
+   * Differential Arithmetic-coding frame (lossless).
+   */
+  public final static byte SOF15 = (byte) 0xcf;
+
+  /**
+   * Huffman Table.
+   */
+  public final static byte DHT = (byte) 0xc4;
+
+  /**
+   * Quantization Table.
+   */
+  public final static byte DQT = (byte) 0xdb;
+ 
+  /**
+   * Start of Scan.
+   */
+  public final static byte SOS = (byte) 0xda;
+
+  /**
+   * Defined Restart Interval.
+   */
+  public final static byte DRI = (byte) 0xdd;
+
+  /**
+   * Comment in JPEG.
+   */
+  public final static byte COM = (byte) 0xfe;
+
+  /**
+   * Start of Image.
+   */
+  public final static byte SOI = (byte) 0xd8;
+
+  /**
+   * End of Image.
+   */
+  public final static byte EOI = (byte) 0xd9;
+
+  /**
+   * Define Number of Lines.
+   */
+  public final static byte DNL = (byte) 0xdc;
+}
diff --git a/libjava/classpath/gnu/javax/imageio/jpeg/JPEGMarkerFoundException.java b/libjava/classpath/gnu/javax/imageio/jpeg/JPEGMarkerFoundException.java
new file mode 100644
index 00000000000..2e72d495b52
--- /dev/null
+++ b/libjava/classpath/gnu/javax/imageio/jpeg/JPEGMarkerFoundException.java
@@ -0,0 +1,50 @@
+/* JPEGMarkerFoundException.java -- FIXME: briefly describe file purpose
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.javax.imageio.jpeg;
+
+import java.io.IOException;
+
+public class JPEGMarkerFoundException
+    extends IOException
+{
+  public JPEGMarkerFoundException()
+  {
+    super("");
+  }
+}
diff --git a/libjava/classpath/gnu/javax/imageio/jpeg/JPEGScan.java b/libjava/classpath/gnu/javax/imageio/jpeg/JPEGScan.java
new file mode 100644
index 00000000000..e0725102135
--- /dev/null
+++ b/libjava/classpath/gnu/javax/imageio/jpeg/JPEGScan.java
@@ -0,0 +1,151 @@
+/* JPEGScan.java --
+   Copyright (C)  2005  Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.imageio.jpeg;
+
+import java.util.ArrayList;
+
+public class JPEGScan
+{
+  private int maxHeight = 0, maxWidth = 0, maxV = 0, maxH = 0;
+  private int numOfComponents = 0, numOfComponentBlocks = 0;
+  private ArrayList components = new ArrayList();
+
+  public JPEGScan()
+  {
+    // Nothing to do here.
+  }
+
+  public JPEGScan(int h, int w)
+  {
+    maxHeight=h;
+    maxWidth=w;
+  }
+
+  private void recalculateDimensions()
+  {
+    JPEGComponent comp;
+
+    // Compute the maximum H, maximum V factors defined in Annex A of the ISO
+    // DIS 10918-1.
+    for(int i=0; i < components.size() ; i++)
+      {
+        comp = (JPEGComponent)components.get(i);
+        if(comp.factorH > maxH)
+          maxH=comp.factorH;
+        if(comp.factorV > maxV)
+          maxV=comp.factorV;
+      }
+
+    for(int i=0; i < components.size() ; i++)
+      {
+        comp = (JPEGComponent)components.get(i);
+        comp.maxH = maxH;
+        comp.maxV = maxV;
+      }
+
+  }
+
+  public void addComponent(byte id, byte factorHorizontal, byte factorVertical,
+                           byte quantizationID)
+  {
+    JPEGComponent component = new JPEGComponent(id, factorHorizontal, factorVertical, quantizationID);
+    components.add((Object)component);
+    recalculateDimensions();
+    numOfComponents++;
+    numOfComponentBlocks += factorHorizontal*factorVertical;
+  }
+
+  public JPEGComponent getComponentByID(byte id)
+  {
+    JPEGComponent comp = (JPEGComponent)components.get(0);
+    for(int i=0; i < components.size() ; i++)
+      {
+        comp=(JPEGComponent)components.get(i);
+        if(comp.component_id==id)
+          break;
+      }
+    return(comp);
+  }
+
+  public JPEGComponent get(int id)
+  {
+    return((JPEGComponent)components.get(id));
+  }
+
+  public int getX(byte id)
+  {
+    JPEGComponent comp = getComponentByID(id);
+    return(comp.width);
+  }
+
+  public int getY(byte id)
+  {
+    JPEGComponent comp = getComponentByID(id);
+    return(comp.height);
+  }
+
+  public int getMaxV()
+  {
+    return(maxV);
+  }
+
+  public int getMaxH()
+  {
+    return(maxH);
+  }
+
+  public void setWidth(int w)
+  {
+    maxWidth=w;
+  }
+
+  public void setHeight(int h)
+  {
+    maxHeight=h;
+  }
+
+  public int size()
+  {
+    return(numOfComponents);
+  }
+
+  public int sizeComponentBlocks()
+  {
+    return(numOfComponentBlocks);
+  }
+}
diff --git a/libjava/classpath/gnu/javax/imageio/jpeg/YCbCr_ColorSpace.java b/libjava/classpath/gnu/javax/imageio/jpeg/YCbCr_ColorSpace.java
new file mode 100644
index 00000000000..a3970b7fa65
--- /dev/null
+++ b/libjava/classpath/gnu/javax/imageio/jpeg/YCbCr_ColorSpace.java
@@ -0,0 +1,113 @@
+/* YCbCr_ColorSpace.java --
+   Copyright (C)  2005  Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.imageio.jpeg;
+
+import java.awt.color.ColorSpace;
+
+public class YCbCr_ColorSpace extends ColorSpace {
+  public YCbCr_ColorSpace() {
+    super(ColorSpace.TYPE_YCbCr, 3);
+  }
+
+  public float[] fromCIEXYZ(float[] data) {
+    return(new float[data.length]);
+  }
+
+  public float[] toCIEXYZ(float[] data) {
+    return(new float[data.length]);
+  }
+
+  public float[] fromRGB(float[] data) {
+    return(new float[data.length]);
+  }
+
+  /* YCbCr to RGB range 0 to 1 */
+  public float[] toRGB(float[] data) {
+    float[] dest = new float[3];
+
+    data[0] *= 255;
+    data[1] *= 255;
+    data[2] *= 255;
+
+    dest[0] = (float)data[0] + (float)1.402*((float)data[2]-(float)128);
+    dest[1] = (float)data[0] - (float)0.34414*((float)data[1]-(float)128) - (float)0.71414*((float)data[2]-(float)128);
+    dest[2] = (float)data[0] + (float)1.772*((float)data[1]-(float)128);
+
+    dest[0] /= 255;
+    dest[1] /= 255;
+    dest[2] /= 255;
+
+    //dest[0] = ((float)1.164*((float)data[0]*(float)255 - (float)16) + (float)1.596*((float)data[2]*(float)255 - (float)128))/(float)255;
+    //dest[1] = ((float)1.164*((float)data[0]*(float)255 - (float)16) - (float)0.813*((float)data[2]*(float)255 - (float)128) - (float)0.392*(data[1]*255 - 128))/(float)255;
+    //dest[2] = ((float)1.164*((float)data[0]*(float)255 - (float)16) + (float)2.017*((float)data[1]*(float)255 - (float)128))/(float)255;
+
+    //System.err.println("toRGB values received: 0: "+data[0]+" 1: "+data[1]+" 2: "+data[2]+" sent: 0: "+dest[0]+" 1: "+dest[1]+" 2: "+dest[2]);
+    if(dest[0] < (float)0)
+      dest[0] = 0;
+    if(dest[1] < (float)0)
+      dest[1] = 0;
+    if(dest[2] < (float)0)
+      dest[2] = 0;
+
+    if(dest[0] > (float)1)
+      dest[0] = 1;
+    if(dest[1] > (float)1)
+      dest[1] = 1;
+    if(dest[2] > (float)1)
+      dest[2] = 1;
+
+
+    return(dest);
+  }
+
+  /* RGB to YCbCr range 0-255 */
+  public static float[] toYCbCr(float[] data) {
+    float[] dest = new float[3];
+    //dest[0] = (float)0.257*data[0] + (float)0.504*data[1] + (float)0.098*data[2] + 16;
+    //dest[1] = (float)-0.148*data[0] - (float)0.291*data[1] + (float)0.439*data[2] + 128;
+    //dest[2] = (float)0.439*data[0] - (float)0.368*data[1] - (float)0.071*data[2] + 128;
+
+    dest[0] = (float)((0.299 * (float)data[0] + 0.587 * (float)data[1] + 0.114 * (float)data[2]));
+    dest[1] = 128 + (float)((-0.16874 * (float)data[0] - 0.33126 * (float)data[1] + 0.5 * (float)data[2]));
+    dest[2] = 128 + (float)((0.5 * (float)data[0] - 0.41869 * (float)data[1] - 0.08131 * (float)data[2]));
+
+
+    return(dest);
+
+  }
+}
diff --git a/libjava/classpath/gnu/javax/imageio/jpeg/ZigZag.java b/libjava/classpath/gnu/javax/imageio/jpeg/ZigZag.java
new file mode 100644
index 00000000000..0c19d74ff26
--- /dev/null
+++ b/libjava/classpath/gnu/javax/imageio/jpeg/ZigZag.java
@@ -0,0 +1,520 @@
+/* ZigZag.java --
+   Copyright (C)  2005  Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.imageio.jpeg;
+
+/**
+ * This class implements the Zig Zag Algorithm on any array with
+ * the same amount of rows and columns. It takes a matrix and in turn builds an
+ * encoded byte array (or double array) from it. The adverse is also true, this
+ * will take a byte or double array and build a matrix based on the zig zag
+ * algorithm.
+ * <p>This is used exclusively in the JPEG DCT encoding.</p>
+ */
+public class ZigZag
+{
+  public final static boolean ZIGZAG_FORWARD = true;
+  public final static boolean ZIGZAG_BACKWARD = false;
+  public final static int ZIGZAG_8X8_MAP[] =
+  {
+   0,   1,  8, 16,  9,  2,  3, 10,
+   17, 24, 32, 25, 18, 11,  4,  5,
+   12, 19, 26, 33, 40, 48, 41, 34,
+   27, 20, 13,  6,  7, 14, 21, 28,
+   35, 42, 49, 56, 57, 50, 43, 36,
+   29, 22, 15, 23, 30, 37, 44, 51,
+   58, 59, 52, 45, 38, 31, 39, 46,
+   53, 60, 61, 54, 47, 55, 62, 63
+  };
+
+  /**
+   * Encodes a matrix of equal width and height to a byte array.
+   * 
+   * @param matrix
+   *
+   * @return
+   */
+  public static byte[] encode(byte[][] matrix)
+  {
+    byte[] buffer = new byte[matrix.length ^ 2];
+    boolean direction = ZigZag.ZIGZAG_FORWARD;
+    int x = 0, y = 0, index = 0;
+    for (int zigIndex = 0; zigIndex < (matrix.length * 2 - 1);
+         zigIndex++, direction = !direction)
+      {
+        if (direction == ZigZag.ZIGZAG_FORWARD)
+          {
+            while (x >= 0 && y != matrix.length)
+              {
+                if (x == matrix.length)
+                  {
+                    x--;
+                    y++;
+                  }
+                buffer[index] = matrix[x][y];
+                y++;
+                x--;
+                index++;
+              }
+            x++;
+          }
+        else
+          {
+            while (y >= 0 && x != matrix.length)
+              {
+                if (y == matrix.length)
+                  {
+                    y--;
+                    x++;
+                  }
+                buffer[index] = matrix[x][y];
+                y--;
+                x++;
+                index++;
+              }
+            y++;
+          }
+      }
+    return (buffer);
+  }
+
+  /**
+   * Encodes a matrix of equal width and height to a double array
+   * 
+   * @param matrix
+   *
+   * @return
+   */
+  public static double[] encode(double[][] matrix)
+  {
+    double[] buffer = new double[matrix.length * matrix.length];
+    boolean direction = ZigZag.ZIGZAG_FORWARD;
+    int x = 0, y = 0, index = 0;
+    for (int zigIndex = 0; zigIndex < (matrix.length * 2 - 1);
+         zigIndex++, direction = !direction)
+      {
+        if (direction == ZigZag.ZIGZAG_FORWARD)
+          {
+            while (x >= 0 && y != matrix.length)
+              {
+                if (x == matrix.length)
+                  {
+                    x--;
+                    y++;
+                  }
+                buffer[index] = matrix[x][y];
+                y++;
+                x--;
+                index++;
+              }
+            x++;
+          }
+        else
+          {
+            while (y >= 0 && x != matrix.length)
+              {
+                if (y == matrix.length)
+                  {
+                    y--;
+                    x++;
+                  }
+                buffer[index] = matrix[x][y];
+                y--;
+                x++;
+                index++;
+              }
+            y++;
+          }
+      }
+    return (buffer);
+  }
+
+  /**
+   * Encodes a matrix of equal width and height to a float array
+   * 
+   * @param matrix
+   *
+   * @return
+   */
+  public static float[] encode(float[][] matrix)
+  {
+    float[] buffer = new float[matrix.length * matrix.length];
+    boolean direction = ZigZag.ZIGZAG_FORWARD;
+    int x = 0, y = 0, index = 0;
+    for (int zigIndex = 0; zigIndex < (matrix.length * 2 - 1);
+         zigIndex++, direction = !direction)
+      {
+        if (direction == ZigZag.ZIGZAG_FORWARD)
+          {
+            while (x >= 0 && y != matrix.length)
+              {
+                if (x == matrix.length)
+                  {
+                    x--;
+                    y++;
+                  }
+                buffer[index] = matrix[x][y];
+                y++;
+                x--;
+                index++;
+              }
+            x++;
+          }
+        else
+          {
+            while (y >= 0 && x != matrix.length)
+              {
+                if (y == matrix.length)
+                  {
+                    y--;
+                    x++;
+                  }
+                buffer[index] = matrix[x][y];
+                y--;
+                x++;
+                index++;
+              }
+            y++;
+          }
+      }
+    return (buffer);
+  }
+
+  /**
+   * Encodes a matrix of equal width and height to a float array
+   * 
+   * @param matrix
+   *
+   * @return
+   */
+  public static short[] encode(short[][] matrix)
+  {
+    short[] buffer = new short[matrix.length * matrix.length];
+    boolean direction = ZigZag.ZIGZAG_FORWARD;
+    int x = 0, y = 0, index = 0;
+    for (int zigIndex = 0; zigIndex < (matrix.length * 2 - 1);
+         zigIndex++, direction = !direction)
+      {
+        if (direction == ZigZag.ZIGZAG_FORWARD)
+          {
+            while (x >= 0 && y != matrix.length)
+              {
+                if (x == matrix.length)
+                  {
+                    x--;
+                    y++;
+                  }
+                buffer[index] = matrix[x][y];
+                y++;
+                x--;
+                index++;
+              }
+            x++;
+          }
+        else
+          {
+            while (y >= 0 && x != matrix.length)
+              {
+                if (y == matrix.length)
+                  {
+                    y--;
+                    x++;
+                  }
+                buffer[index] = matrix[x][y];
+                y--;
+                x++;
+                index++;
+              }
+            y++;
+          }
+      }
+    return (buffer);
+  }
+
+  /**
+   * Convert a double array into a matrix with the same amount of columns and
+   * rows with length sqrt(double array length)
+   * 
+   * @param data
+   *
+   * @return
+   */
+  public static double[][] decode(double[] data)
+  {
+    return decode(data, (int) Math.sqrt(data.length),
+                  (int) Math.sqrt(data.length));
+  }
+
+  /**
+   * Convert a byte array into a matrix with the same amount of columns and
+   * rows with length sqrt(double array length)
+   * 
+   * @param data
+   *
+   * @return
+   */
+  public static byte[][] decode(byte[] data)
+  {
+    return decode(data, (int) Math.sqrt(data.length),
+                  (int) Math.sqrt(data.length));
+  }
+
+  public static int[][] decode(int[] data)
+  {
+    return decode(data, (int) Math.sqrt(data.length),
+                  (int) Math.sqrt(data.length));
+  }
+
+  public static byte[][] decode(byte[] data, int width, int height)
+  {
+    byte[][] buffer = new byte[height][width];
+
+    for (int v = 0; v < height; v++)
+      for (int z = 0; z < width; z++)
+        buffer[v][z] = 11;
+
+    boolean dir = ZigZag.ZIGZAG_FORWARD;
+    int xindex = 0, yindex = 0, dataindex = 0;
+
+    while (xindex < width && yindex < height && dataindex < data.length)
+      {
+        buffer[yindex][xindex] = data[dataindex];
+        dataindex++;
+        
+        if (dir == ZigZag.ZIGZAG_FORWARD)
+          {
+            if (yindex == 0 || xindex == (width - 1))
+              {
+                dir = ZigZag.ZIGZAG_BACKWARD;
+                if (xindex == (width - 1))
+                  yindex++;
+                else
+                  xindex++;
+              }
+            else
+              {
+                yindex--;
+                xindex++;
+              }
+          }
+        else
+          { /* Backwards */
+            if (xindex == 0 || yindex == (height - 1))
+              {
+                dir = ZigZag.ZIGZAG_FORWARD;
+                if (yindex == (height - 1))
+                  xindex++;
+                else
+                  yindex++;
+              }
+            else
+              {
+                yindex++;
+                xindex--;
+              }
+          }
+      }
+    return (buffer);
+  }
+
+  public static double[][] decode(double[] data, int width, int height)
+  {
+    double[][] buffer = new double[height][width];
+
+    for (int v = 0; v < height; v++)
+      for (int z = 0; z < width; z++)
+        buffer[v][z] = 11;
+
+    boolean dir = ZigZag.ZIGZAG_FORWARD;
+    int xindex = 0, yindex = 0, dataindex = 0;
+
+    while (xindex < width && yindex < height && dataindex < data.length)
+      {
+        buffer[yindex][xindex] = data[dataindex];
+        dataindex++;
+        System.err.println("Setting " + dataindex + " to row: " + yindex
+                           + " column: " + xindex + " yourval:"
+                           + (yindex*8+xindex));
+        if (dir == ZigZag.ZIGZAG_FORWARD)
+          {
+            if (yindex == 0 || xindex == (width - 1))
+              {
+                dir = ZigZag.ZIGZAG_BACKWARD;
+                if (xindex == (width - 1))
+                  yindex++;
+                else
+                  xindex++;
+              }
+            else
+              {
+                yindex--;
+                xindex++;
+              }
+          }
+        else
+          { /* Backwards */
+            if (xindex == 0 || yindex == (height - 1))
+              {
+                dir = ZigZag.ZIGZAG_FORWARD;
+                if (yindex == (height - 1))
+                  xindex++;
+                else
+                  yindex++;
+              }
+            else
+              {
+                yindex++;
+                xindex--;
+              }
+          }
+      }
+    return (buffer);
+  }
+
+  public static float[][] decode(float[] data, int width, int height)
+  {
+    float[][] buffer = new float[height][width];
+    
+    for (int v = 0; v < height; v++)
+      for (int z = 0; z < width; z++)
+        buffer[v][z] = 11;
+    
+    boolean dir = ZigZag.ZIGZAG_FORWARD;
+    int xindex = 0, yindex = 0, dataindex = 0;
+    
+    while (xindex < width && yindex < height && dataindex < data.length)
+      {
+        buffer[yindex][xindex] = data[dataindex];
+        dataindex++;
+        
+        if (dir == ZigZag.ZIGZAG_FORWARD)
+          {
+            if (yindex == 0 || xindex == (width - 1))
+              {
+                dir = ZigZag.ZIGZAG_BACKWARD;
+                if (xindex == (width - 1))
+                  yindex++;
+                else
+                  xindex++;
+              }
+            else
+              {
+                yindex--;
+                xindex++;
+              }
+          }
+        else
+          { /* Backwards */
+            if (xindex == 0 || yindex == (height - 1))
+              {
+                dir = ZigZag.ZIGZAG_FORWARD;
+                if (yindex == (height - 1))
+                  xindex++;
+                else
+                  yindex++;
+              }
+            else
+              {
+                yindex++;
+                xindex--;
+              }
+          }
+      }
+    return (buffer);
+  }
+
+  public static int[][] decode(int[] data, int width, int height)
+  {
+    int[][] buffer = new int[height][width];
+
+    for (int v = 0; v < height; v++)
+      for (int z = 0; z < width; z++)
+        buffer[v][z] = 11;
+
+    boolean dir = ZigZag.ZIGZAG_FORWARD;
+    int xindex = 0, yindex = 0, dataindex = 0;
+
+    while (xindex < width && yindex < height && dataindex < data.length)
+      {
+        buffer[yindex][xindex] = data[dataindex];
+        dataindex++;
+
+        if (dir == ZigZag.ZIGZAG_FORWARD)
+          {
+            if (yindex == 0 || xindex == (width - 1))
+              {
+                dir = ZigZag.ZIGZAG_BACKWARD;
+                if (xindex == (width - 1))
+                  yindex++;
+                else
+                  xindex++;
+              }
+            else
+              {
+                yindex--;
+                xindex++;
+              }
+          }
+        else
+          { /* Backwards */
+            if (xindex == 0 || yindex == (height - 1))
+              {
+                dir = ZigZag.ZIGZAG_FORWARD;
+                if (yindex == (height - 1))
+                  xindex++;
+                else
+                  yindex++;
+              }
+            else
+              {
+                yindex++;
+                xindex--;
+              }
+          }
+      }
+    return (buffer);
+  }
+
+  public static double[][] decode8x8_map(double input[])
+  {
+    double[][] output = new double[8][8];
+    for(int i=0; i < 64 ; i++)
+      output[ZIGZAG_8X8_MAP[i]/8][ZIGZAG_8X8_MAP[i]%8] = input[i];
+    return (output);
+  }
+
+}
diff --git a/libjava/classpath/gnu/javax/imageio/png/PNGChunk.java b/libjava/classpath/gnu/javax/imageio/png/PNGChunk.java
new file mode 100644
index 00000000000..6b53810c89d
--- /dev/null
+++ b/libjava/classpath/gnu/javax/imageio/png/PNGChunk.java
@@ -0,0 +1,284 @@
+/* PNGChunk.java -- Generic PNG chunk
+   Copyright (C) 2006 Free Software Foundation
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.imageio.png;
+
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+
+/**
+ * Class to load and validate a generic PNG chunk.
+ */
+public class PNGChunk
+{
+
+  /**
+   * CRC table and initialization code.
+   */
+  private static long[] crcTable;
+
+  static 
+   {
+     long c;
+     crcTable = new long[256];
+   
+     for(int i = 0; i < 256; i++)
+       {
+	 c = i;
+	 for(int j = 0; j < 8; j++) 
+	   if( (c & 1) == 1 )
+	     c = 0xEDB88320L ^ (c >> 1);
+	   else
+	     c = c >> 1;
+	 crcTable[i] = c;
+       }
+   }
+
+  /**
+   * (recognized) PNG chunk types.
+   */
+  public static final int TYPE_HEADER = 0x49484452; // 'IHDR'
+  public static final int TYPE_PALETTE = 0x504c5445;// 'PLTE'
+  public static final int TYPE_DATA = 0x49444154;   // 'IDAT'
+  public static final int TYPE_TIME = 0x74494d45;   // 'tIME'
+  public static final int TYPE_END = 0x49454e44;    // 'IEND'
+  public static final int TYPE_PHYS = 0x70485973;   // 'pHYS'
+  public static final int TYPE_GAMMA = 0x67414d41;  // 'gAMA'
+  public static final int TYPE_PROFILE = 0x69434350;  // 'iCCP'
+
+  /**
+   * The chunk type - Represented in the file as 4 ASCII bytes,
+   */
+  private int type;
+
+  /**
+   * The chunk data
+   */
+  protected byte[] data;
+  
+  /**
+   * The chunk's crc
+   */
+  private int crc;
+
+  /**
+   * Constructor for reading a generic chunk.
+   */
+  protected PNGChunk( int type, byte[] data, int crc )
+  {
+    this.type = type;
+    this.data = data;
+    this.crc = crc;
+  }
+
+  /**
+   * Constructor for creating new chunks. 
+   * (only used by subclasses - creating a generic chunk is rather useless)
+   */
+  protected PNGChunk( int type )
+  {
+    this.type = type;
+  }
+
+  /**
+   * Loads a chunk from an InputStream. Does not perform validation,
+   * but will throw an IOException if the read fails.
+   * @param in - th einputstream to read from
+   * @param strict - if true, a PNGException is thrown on all invalid chunks,
+   * if false, only critical chunks will throw PNGExceptions.
+   */
+  public static PNGChunk readChunk(InputStream in, boolean strict) 
+    throws IOException, PNGException
+  {
+    byte data[] = new byte[4];
+    if( in.read( data ) != 4 )
+      throw new IOException("Could not read chunk length.");
+    int length = ((data[0] & 0xFF) << 24) | ((data[1] & 0xFF) << 16 ) | 
+      ((data[2] & 0xFF) << 8) | (data[3] & 0xFF);
+
+    if( in.read( data ) != 4 )
+      throw new IOException("Could not read chunk type.");
+    int type = ((data[0] & 0xFF) << 24) | ((data[1] & 0xFF) << 16 ) | 
+      ((data[2] & 0xFF) << 8) | (data[3] & 0xFF);
+
+    byte[] chkdata = new byte[ length ];
+    if( in.read( chkdata ) != length )
+      throw new IOException("Could not read chunk data.");
+    
+    if( in.read( data ) != 4 )
+      throw new IOException("Could not read chunk CRC.");
+    
+    int crc = ((data[0] & 0xFF) << 24) | ( (data[1] & 0xFF) << 16 ) | 
+      ((data[2] & 0xFF) << 8) | (data[3] & 0xFF);
+
+    if( strict )
+      return getChunk( type, chkdata, crc );
+    else
+      {
+	try
+	  {
+	    return getChunk( type, chkdata, crc );
+	  }
+	catch(PNGException pnge)
+	  {
+	    if( isEssentialChunk( type ) )
+	      throw pnge;
+	    return null;
+	  }
+      }
+  }
+
+  /**
+   * Returns a specialied object for a chunk, if we have one.
+   */
+  private static PNGChunk getChunk( int type, byte[] data, int crc )
+    throws PNGException
+  {
+    switch( type )
+      {
+      case TYPE_HEADER:
+	return new PNGHeader( type, data, crc );
+      case TYPE_DATA:
+	return new PNGData( type, data, crc );
+      case TYPE_PALETTE:
+	return new PNGPalette( type, data, crc );
+      case TYPE_TIME:
+	return new PNGTime( type, data, crc );
+      case TYPE_PHYS:
+	return new PNGPhys( type, data, crc );
+      case TYPE_GAMMA:
+	return new PNGGamma( type, data, crc );
+      case TYPE_PROFILE:
+	return new PNGICCProfile( type, data, crc );
+      default:
+	return new PNGChunk( type, data, crc );
+      }
+  }
+
+  /**
+   * Returns whether the chunk is essential or not
+   */
+  private static boolean isEssentialChunk( int type )
+  {
+    switch( type )
+      {
+      case TYPE_HEADER:
+      case TYPE_DATA:
+      case TYPE_PALETTE:
+      case TYPE_END:
+	return true;
+      default:
+	return false;
+      }
+  }
+
+  /**
+   * Validates the chunk
+   */
+  public boolean isValidChunk()
+  {
+    return (crc == calcCRC());
+  }
+
+  /**
+   * Returns the chunk type.
+   */
+  public int getType()
+  {
+    return type;
+  }
+
+  /**
+   * Writes a PNG chunk to an output stream, 
+   * performing the CRC calculation as well.
+   */
+  public void writeChunk(OutputStream out) throws IOException
+  {
+    out.write( getInt(data.length) );
+    out.write( getInt(type) );
+    out.write( data );
+    out.write( getInt(calcCRC()) );
+  }
+
+  /**
+   * Return whether the chunk contains any data.
+   */
+  public boolean isEmpty()
+  {
+    return ( data.length == 0 );
+  }
+
+  /**
+   * Convenience method. Cast an int to four bytes (big endian).
+   * (Now why doesn't java have a simple way of doing this?)
+   */
+  public static byte[] getInt(int intValue)
+  {
+    long i = (intValue & 0xFFFFFFFFL);
+    byte[] b = new byte[4];
+    b[0] = (byte)((i & 0xFF000000L) >> 24);
+    b[1] = (byte)((i & 0x00FF0000L) >> 16);
+    b[2] = (byte)((i & 0x0000FF00L) >> 8);
+    b[3] = (byte)(i & 0x000000FFL);
+    return b;
+  }
+
+  /**
+   * Calculates this chunk's CRC value.
+   */
+  private int calcCRC()
+  {
+    long c = 0xFFFFFFFFL;
+    byte[] t = getInt( type );
+    for(int i = 0; i < 4; i++)
+      c = crcTable[ (int)((c ^ t[i]) & 0xFF) ] ^ (c >> 8);
+      
+    for(int i = 0; i < data.length; i++)
+      c = crcTable[ (int)((c ^ data[i]) & 0xFF) ] ^ (c >> 8);
+
+    return (int)(c ^ 0xFFFFFFFFL);
+  }
+
+  public String toString()
+  {
+    return "PNG Chunk. Type: " + new String( getInt(type) ) + " , CRC: " + 
+      crc + " , calculated CRC: "+calcCRC();
+  }
+   
+}
diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkCheckboxGroupPeer.java b/libjava/classpath/gnu/javax/imageio/png/PNGData.java
index 46b0733d363..2a8f8aa2d55 100644
--- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkCheckboxGroupPeer.java
+++ b/libjava/classpath/gnu/javax/imageio/png/PNGData.java
@@ -1,5 +1,5 @@
-/* GtkCheckboxGroupPeer.java - Wrap a CheckboxGroup
-   Copyright (C) 2002 Free Software Foundation, Inc.
+/* PNGData.java -- PNG IDAT chunk.
+   Copyright (C) 2006 Free Software Foundation
 
 This file is part of GNU Classpath.
 
@@ -35,52 +35,70 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
+package gnu.javax.imageio.png;
 
-package gnu.java.awt.peer.gtk;
+import java.util.zip.Inflater;
+import java.util.zip.Deflater;
 
-import java.awt.CheckboxGroup;
-import java.util.WeakHashMap;
+/**
+ * A PNG IDAT (data) chunk.
+ */
+public class PNGData extends PNGChunk 
+{ 
+  private int offset;
 
-// Note that there is no peer interface for a CheckboxGroup.  We
-// introduce our own in order to make it easier to keep a piece of
-// native state for each one.
-public class GtkCheckboxGroupPeer extends GtkGenericPeer
-{
-  // This maps from a CheckboxGroup to the native peer.
-  private static WeakHashMap map = new WeakHashMap ();
+  protected PNGData( int type, byte[] data, int crc )
+  {
+    super( type, data, crc );
+  }
 
-  // Find the native peer corresponding to a CheckboxGroup.
-  public static synchronized GtkCheckboxGroupPeer
-      getCheckboxGroupPeer (CheckboxGroup group)
+  protected PNGData( int chunkSize )
   {
-    if (group == null)
-      return null;
-    GtkCheckboxGroupPeer nat = (GtkCheckboxGroupPeer) map.get (group);
-    if (nat == null)
-      {
-	nat = new GtkCheckboxGroupPeer ();
-	map.put (group, nat);
-      }
-    return nat;
+    super( PNGChunk.TYPE_DATA );
+    data = new byte[ chunkSize ];
+    offset = 0;
   }
 
-  private GtkCheckboxGroupPeer ()
+  /**
+   * Deflates the available data in def to the chunk.
+   *
+   * @return true if the chunk is filled and no more data can be written,
+   * false otherwise.
+   */
+  public void deflateToChunk( Deflater def ) 
   {
-    // We don't need any special state here.  Note that we can't store
-    // a reference to the java-side CheckboxGroup.  That would mean
-    // they could never be collected.
-    super (null);
+    offset += def.deflate( data, offset, data.length - offset );
   }
 
-  // Dispose of our native resources.
-  public native void dispose ();
+  /**
+   * Returns true if the chunk is filled.
+   */
+  public boolean chunkFull()
+  {
+    return (offset >= data.length);
+  }
 
-  // Remove a given checkbox from this group.
-  public native void remove (GtkCheckboxPeer box);
+  /**
+   * Shrink the chunk to offset size, used for the last chunk in a stream
+   * (no trailing data!) 
+   */
+  public void shrink()
+  {
+    byte[] newData = new byte[ offset ];
+    System.arraycopy( data, 0, newData, 0, offset );
+    data = newData;
+  }
+
+  /**
+   * Feeds the data in the chunk to a ZIP inflater object.
+   */
+  public void feedToInflater( Inflater inf ) 
+  {
+    inf.setInput( data );
+  }
 
-  // When collected, clean up the native state.
-  protected void finalize ()
+  public String toString()
   {
-    dispose ();
+    return "PNG Data chunk. Length = "+data.length;
   }
 }
diff --git a/libjava/classpath/gnu/javax/imageio/png/PNGDecoder.java b/libjava/classpath/gnu/javax/imageio/png/PNGDecoder.java
new file mode 100644
index 00000000000..20fc32ce371
--- /dev/null
+++ b/libjava/classpath/gnu/javax/imageio/png/PNGDecoder.java
@@ -0,0 +1,331 @@
+/* PNGDecoder.java
+   Copyright (C) 2006 Free Software Foundation
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.imageio.png;
+
+import java.util.zip.Inflater;
+import java.util.zip.DataFormatException;
+import java.awt.image.ColorModel;
+import java.awt.image.ComponentColorModel;
+import java.awt.image.ComponentSampleModel;
+import java.awt.image.DataBuffer;
+import java.awt.image.DataBufferByte;
+import java.awt.image.DataBufferUShort;
+import java.awt.image.IndexColorModel;
+import java.awt.image.MultiPixelPackedSampleModel;
+import java.awt.image.Raster;
+import java.awt.image.SampleModel;
+import java.awt.image.SinglePixelPackedSampleModel;
+import java.awt.image.WritableRaster;
+import java.awt.color.ColorSpace;
+
+public class PNGDecoder
+{
+  private PNGHeader header;
+  private byte[] raster;
+  private byte[] scanline, lastScanline;
+  private byte[] filterType;
+  private int offset, length;
+  private int currentScanline;
+  private final int stride;
+  private Inflater inflater;
+  private boolean readFilter;
+  private int bpp; // bytes per pixel
+
+  /**
+   * Constructs a filter object for
+   */
+  public PNGDecoder(PNGHeader header)
+  {
+    this.header = header;
+    offset = 0;
+    inflater = new Inflater();
+    stride = header.getScanlineStride();
+    length = stride * header.getHeight();
+
+    // Allocate the output raster
+    raster = new byte[ length ];
+    scanline = new byte[ stride ];
+    lastScanline = new byte[ stride ];
+    currentScanline = 0;
+    readFilter = true;
+    bpp = header.bytesPerPixel();
+    filterType = new byte[1];
+    inflater = new Inflater();
+  }
+
+  private int getBytes( byte[] buf, int offset ) throws PNGException
+  {
+    try
+      {
+	return inflater.inflate( buf, offset, buf.length - offset);
+      }
+    catch(DataFormatException dfe)
+      {
+	throw new PNGException("Error inflating data.");
+      }
+  }
+
+  /**
+   * Decodes a data chunk.
+   */
+  public void addData( PNGData chunk ) throws PNGException
+  {
+    int n = 0;
+    if( isFinished() )
+      return;
+    chunk.feedToInflater( inflater );
+    do
+      {
+	if( readFilter )
+	  if( getBytes( filterType, 0 ) < 1 )
+	    return;
+
+	n = getBytes( scanline, offset );
+
+	if( offset + n < stride )
+	  {
+	    offset += n;
+	    readFilter = false;
+	  }
+	else
+	  {
+	    scanline = PNGFilter.unFilterScanline( filterType[0], scanline,
+						   lastScanline, bpp );
+	    System.arraycopy( scanline, 0,
+			      raster, currentScanline * stride, stride );
+	    lastScanline = scanline;
+	    scanline = new byte[scanline.length];
+	    currentScanline++;
+	    readFilter = true;
+	    offset = 0;
+	  }
+      }
+    while( n > 0 && currentScanline < header.getHeight() );
+  }
+
+  /**
+   * Parse the appropriate color type and create an AWT raster for it.
+   * @param raster - the file header.
+   */
+  public WritableRaster getRaster( PNGHeader header )
+  {
+    SampleModel sm = null;
+    DataBuffer db = null;
+    int t;
+    int width = header.getWidth();
+    int height = header.getHeight();
+    int depth = header.getDepth();
+
+    switch( header.getColorType() )
+      {
+      case PNGHeader.GRAYSCALE_WITH_ALPHA:
+	if( depth == 8 )
+	  {
+	    t = DataBuffer.TYPE_BYTE;
+	    db = getByteBuffer();
+	  }
+	else
+	  { 
+	    t = DataBuffer.TYPE_USHORT;
+	    db = getShortBuffer();
+	  }
+	sm = new ComponentSampleModel(t, width, height, 2, width * 2,
+				      new int[]{0, 1});
+	break;
+
+      case PNGHeader.GRAYSCALE:
+	switch( depth )
+	  {
+	  case 16:
+	    sm = new ComponentSampleModel(DataBuffer.TYPE_USHORT, 
+					  width, height, 1, width,
+					  new int[]{ 0 });
+	    db = getShortBuffer();
+	    break;
+	    
+	  case 8:
+	    sm = new ComponentSampleModel(DataBuffer.TYPE_BYTE, 
+					  width, height, 1, width,
+					  new int[]{ 0 });
+	    db = getByteBuffer();
+	    break;
+	    
+	  default:
+	    sm = new MultiPixelPackedSampleModel(DataBuffer.TYPE_BYTE, 
+						 width, height, depth);
+	    db = getByteBuffer();
+	    break;
+	  }
+	break;
+
+      case PNGHeader.RGB:
+	if( depth == 8 )
+	  {
+	    t = DataBuffer.TYPE_BYTE;
+	    db = getByteBuffer();
+	  }
+	else
+	  { 
+	    t = DataBuffer.TYPE_USHORT;
+	    db = getShortBuffer();
+	  }
+	sm = new ComponentSampleModel(t, width, height, 3, 3 * width,
+				      new int[]{0, 1, 2});
+	break;
+
+      case PNGHeader.RGB_WITH_ALPHA:
+	if( depth == 8 )
+	  {
+	    t = DataBuffer.TYPE_BYTE;
+	    db = getByteBuffer();
+	  }
+	else
+	  { 
+	    t = DataBuffer.TYPE_USHORT;
+	    db = getShortBuffer();
+	  }
+	
+	sm = new ComponentSampleModel(t, width, height, 4, width * 4,
+				      new int[]{0, 1, 2, 3});
+	break;
+	
+      case PNGHeader.INDEXED:
+	if( depth == 8 )
+	  sm = new SinglePixelPackedSampleModel(DataBuffer.TYPE_BYTE, 
+						width, height, 
+						new int[] {0xFF});
+	else
+	  sm = new MultiPixelPackedSampleModel(DataBuffer.TYPE_BYTE, 
+					       width, height, depth);
+	db = getByteBuffer();
+	break;
+      }
+
+    return Raster.createWritableRaster(sm, db, null);
+  }
+
+  /**
+   * Wrap the raster with a DataBufferUShort,
+   * conversion is big-endian (PNG native).
+   */
+  private DataBuffer getShortBuffer()
+  {
+    short[] data = new short[(raster.length >> 1)];
+    for( int i = 0; i < data.length; i++ )
+      data[i] = (short)(((raster[i * 2] & 0xFF) << 8) | 
+			(raster[i * 2 + 1] & 0xFF));
+    return new DataBufferUShort( data, data.length );
+  }
+
+  /**
+   * Wrap the raster with a DataBufferByte
+   */
+  private DataBuffer getByteBuffer()
+  {
+    return new DataBufferByte( raster, raster.length );
+  }
+
+  public ColorModel getColorModel( ColorSpace cs, 
+				   int colorType, int depth )
+  {
+    int[] bits;
+    boolean hasAlpha = false;
+    int transferType;
+
+    switch( colorType )
+      {
+      case PNGHeader.GRAYSCALE_WITH_ALPHA:
+	if( cs == null )
+	  cs = ColorSpace.getInstance( ColorSpace.CS_GRAY );
+	hasAlpha = true;
+	bits = new int[]{ depth, depth };
+	break;
+	
+      case PNGHeader.RGB:
+	bits = new int[]{ depth, depth, depth };
+	break;
+
+      case PNGHeader.RGB_WITH_ALPHA:
+	hasAlpha = true;
+	bits = new int[]{ depth, depth, depth, depth };
+	break;
+
+      case PNGHeader.GRAYSCALE:
+	if( depth < 8 )
+	  return grayPalette( depth );
+
+	if( cs == null )
+	  cs = ColorSpace.getInstance( ColorSpace.CS_GRAY );
+	bits = new int[]{ depth };
+	break;
+
+      default:
+      case PNGHeader.INDEXED:
+	return null; // Handled by the palette chunk.
+      }
+
+    if( cs == null )
+      cs = ColorSpace.getInstance( ColorSpace.CS_sRGB );
+
+
+    return new ComponentColorModel(cs, bits, hasAlpha, false, 
+				   (hasAlpha ? 
+				    ComponentColorModel.TRANSLUCENT : 
+				    ComponentColorModel.OPAQUE), 
+				   ((depth == 16) ? DataBuffer.TYPE_USHORT : 
+				    DataBuffer.TYPE_BYTE));
+  }
+
+  private IndexColorModel grayPalette(int depth)
+  { 
+    byte[] c = new byte[ (1 << depth) ];
+    for(int i = 0; i < c.length; i++)
+      c[i] = (byte)(255.0 * (((double)i) / ((double)c.length - 1.0)));
+    return new IndexColorModel(8, c.length, c, c, c);
+  }
+
+  public byte[] getRaster()
+  {
+    return raster;
+  }
+
+  public boolean isFinished()
+  {
+    return currentScanline >= header.getHeight();
+  }
+}
diff --git a/libjava/classpath/gnu/javax/imageio/png/PNGEncoder.java b/libjava/classpath/gnu/javax/imageio/png/PNGEncoder.java
new file mode 100644
index 00000000000..c0a30a7baef
--- /dev/null
+++ b/libjava/classpath/gnu/javax/imageio/png/PNGEncoder.java
@@ -0,0 +1,235 @@
+/* PNGEncoder.java --
+   Copyright (C) 2006 Free Software Foundation
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.imageio.png;
+
+import java.util.Vector;
+import java.util.zip.Deflater;
+import java.awt.color.ColorSpace;
+import java.awt.color.ICC_Profile;
+import java.awt.color.ICC_ColorSpace;
+import java.awt.image.BufferedImage;
+import java.awt.image.ColorModel;
+import java.awt.image.DataBuffer;
+import java.awt.image.DataBufferByte;
+import java.awt.image.DataBufferUShort;
+import java.awt.image.IndexColorModel;
+import java.awt.image.Raster;
+import java.awt.image.WritableRaster;
+
+public class PNGEncoder 
+{
+  /**
+   * The default data chunk size. 8 kb.
+   */
+  private static final int defaultChunkSize = 8192;
+
+  private PNGHeader header;
+  private PNGPalette palette;
+  private int stride, bpp;
+  private byte[] rawData;
+  private PNGICCProfile profile;
+
+  public PNGEncoder( BufferedImage bi ) throws PNGException
+  {
+    ColorModel c = bi.getColorModel();
+    int width = bi.getWidth(); 
+    int height = bi.getHeight();
+    int depth = 0;
+    int colorType;
+    boolean interlace = false;
+
+    if( c instanceof IndexColorModel )
+      {
+	colorType = PNGHeader.INDEXED;
+	int n = ((IndexColorModel)c).getMapSize();
+	if( n <= 2 )
+	  depth = 1;
+	else if( n <= 4 )
+	  depth = 2;
+	else if( n <= 16 )
+	  depth = 4;
+	else if( n <= 256 )
+	  depth = 8;
+	else
+	  throw new PNGException("Depth must be <= 8 bits for indexed color.");
+	palette = new PNGPalette( ((IndexColorModel)c) );
+      }
+    else
+      { 
+	ColorSpace cs = c.getColorSpace();
+	ColorSpace grayCS = ColorSpace.getInstance( ColorSpace.CS_GRAY );
+	if( cs == grayCS || bi.getType() == BufferedImage.TYPE_BYTE_GRAY 
+	    || bi.getType() == BufferedImage.TYPE_USHORT_GRAY )
+	  colorType = c.hasAlpha() ? PNGHeader.GRAYSCALE_WITH_ALPHA : 
+	    PNGHeader.GRAYSCALE;
+	else
+	  colorType = c.hasAlpha() ? PNGHeader.RGB_WITH_ALPHA : PNGHeader.RGB;
+	// Figure out the depth
+	int[] bits = c.getComponentSize();
+	depth = bits[0];
+	for(int i = 1; i < bits.length; i++ )
+	  if( bits[i] > depth ) depth = bits[i];
+	if( (cs != grayCS && !cs.isCS_sRGB()) && cs instanceof ICC_ColorSpace )
+	  profile = new PNGICCProfile( ((ICC_ColorSpace)cs).getProfile() );
+      }
+
+    header = new PNGHeader(width, height, depth, colorType, interlace);
+
+    stride = header.getScanlineStride(); // scanline stride 
+    bpp = header.bytesPerPixel(); // bytes per pixel
+    getRawData( bi );
+  }
+
+  /**
+   * Returns the generated header.
+   */ 
+  public PNGHeader getHeader()
+  {
+    return header;
+  }
+
+  /**
+   * Returns the generated palette.
+   */ 
+  public PNGPalette getPalette()
+  {
+    return palette;
+  }
+
+  /**
+   * Returns the associated ICC profile, if any.
+   */ 
+  public PNGICCProfile getProfile()
+  {
+    return profile;
+  }
+
+  /**
+   * Encodes the raster and returns a Vector of PNGData chunks.
+   */
+  public Vector encodeImage()
+  {
+    Deflater deflater = new Deflater(); // The deflater
+    boolean useFilter = PNGFilter.useFilter( header );
+    byte[] lastScanline = new byte[ stride ];
+
+    byte[] data = new byte[ rawData.length + header.getHeight() ];
+
+    byte filterByte = PNGFilter.FILTER_NONE;
+    for( int i = 0; i < header.getHeight(); i++)
+      {
+	byte[] scanline = new byte[ stride ]; 
+	System.arraycopy(rawData, (i * stride), scanline, 0, stride);
+	if( useFilter && i > 0)
+	  filterByte = PNGFilter.chooseFilter( scanline, lastScanline, bpp);
+	
+	byte[] filtered = PNGFilter.filterScanline( filterByte, scanline, 
+						    lastScanline, bpp );
+	data[i * (stride + 1)] = filterByte;
+	System.arraycopy(filtered, 0, data, 1 + (i * (stride + 1)), stride);
+
+	lastScanline = scanline;
+      }
+
+    deflater.setInput( data ); 
+    deflater.finish();
+
+    PNGData chunk;
+    Vector chunks = new Vector();
+    do
+      {
+	chunk = new PNGData( defaultChunkSize );
+	chunk.deflateToChunk( deflater );
+	chunks.add( chunk );
+      }
+    while( chunk.chunkFull() );
+    chunk.shrink(); // Shrink the last chunk.
+    return chunks;
+  }
+
+  /**
+   * Get the image's raw data.
+   * FIXME: This may need improving on.
+   */
+  private void getRawData( BufferedImage bi ) throws PNGException
+  {
+    WritableRaster raster = bi.getRaster();
+    rawData = new byte[ stride * header.getHeight() ];
+    if( header.isIndexed() )
+      {
+	DataBuffer db = raster.getDataBuffer();
+	if( !( db instanceof DataBufferByte ) )
+	  throw new PNGException("Unexpected DataBuffer for an IndexColorModel.");
+	byte[] data = ((DataBufferByte)db).getData();
+	for(int i = 0; i < header.getHeight(); i++ )
+	  System.arraycopy( data, i * stride, rawData, i * stride, stride );
+	return;
+      }
+
+    if( header.getDepth() == 16 )
+      {
+	DataBuffer db = raster.getDataBuffer();
+	if( !( db instanceof DataBufferUShort ) )
+	  throw new PNGException("Unexpected DataBuffer for 16-bit.");
+	short[] data = ((DataBufferUShort)db).getData();
+	for(int i = 0; i < header.getHeight(); i++ )
+	  for(int j = 0; j < ( stride >> 1); j++)
+	    {
+	      rawData[ j * 2 + i * stride ] = (byte)((data[j + i * (stride >> 1 )] & 0xFF00) >> 8);
+	      rawData[ j * 2 + i * stride + 1 ] = (byte)(data[j + i * (stride >> 1 )] & 0xFF);
+	    }
+	return;
+      }
+
+    int size = ( header.getColorType() == PNGHeader.RGB_WITH_ALPHA ) ? 4 : 3;
+    int width = header.getWidth();
+    int height = header.getHeight();
+    int[] pixels = bi.getRGB( 0, 0, width, height, null, 0, width );
+
+    for( int i = 0; i < width * height; i++ )
+      {
+	rawData[ i * size ] = (byte)((pixels[i] & 0xFF0000) >> 16);
+	rawData[ i * size + 1 ] = (byte)((pixels[i] & 0xFF00) >> 8);
+	rawData[ i * size + 2 ] = (byte)(pixels[i] & 0xFF);
+      }
+
+    if( size == 4 )
+      for( int i = 0; i < width * height; i++ )
+	rawData[ i * size + 3 ] = (byte)((pixels[i] & 0xFF000000) >> 24);
+  }
+}
diff --git a/libjava/classpath/gnu/javax/imageio/png/PNGException.java b/libjava/classpath/gnu/javax/imageio/png/PNGException.java
new file mode 100644
index 00000000000..67486e57971
--- /dev/null
+++ b/libjava/classpath/gnu/javax/imageio/png/PNGException.java
@@ -0,0 +1,48 @@
+/* PNGException.java -- 
+   Copyright (C) 2006 Free Software Foundation
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.imageio.png;
+
+import java.io.IOException;
+
+public class PNGException extends IOException 
+{
+  public PNGException(String msg)
+  {
+    super( msg );
+  }
+}
diff --git a/libjava/classpath/gnu/javax/imageio/png/PNGFile.java b/libjava/classpath/gnu/javax/imageio/png/PNGFile.java
new file mode 100644
index 00000000000..cc0ca297fcb
--- /dev/null
+++ b/libjava/classpath/gnu/javax/imageio/png/PNGFile.java
@@ -0,0 +1,258 @@
+/* PNGFile.java -- High-level representation of a PNG file.
+   Copyright (C) 2006 Free Software Foundation
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.imageio.png;
+
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.io.IOException;
+import java.util.Vector;
+import java.awt.image.BufferedImage;
+import java.awt.image.WritableRaster;
+import java.awt.image.ColorModel;
+import java.awt.image.IndexColorModel;
+import java.awt.color.ColorSpace;
+
+public class PNGFile 
+{
+  /**
+   * The PNG file signature.
+   */
+  private static final byte[] signature = new byte[]
+  { (byte)137, 80, 78, 71, 13, 10, 26, 10 };
+
+  /**
+   * The end chunk in raw form, no need for anything fancy here, it's just
+   * 0 bytes of length, the "IEND" tag and its CRC.
+   */
+  private static final byte[] endChunk = new byte[]
+  { 0, 0, 0, 0, (byte)0x49, (byte)0x45, (byte)0x4E, (byte)0x44, 
+    (byte)0xAE, (byte)0x42, (byte)0x60, (byte)0x82 };
+
+  /**
+   * The loaded data.
+   */
+  private Vector chunks;
+
+  /**
+   * The Header chunk
+   */
+  private PNGHeader header;
+
+  /**
+   * Whether this file has a palette chunk or not.
+   */
+  private boolean hasPalette;
+
+  /**
+   * Image width and height.
+   */
+  private int width, height;
+
+  /**
+   * The decoder, if any.
+   */
+  private PNGDecoder decoder;
+
+  /**
+   * The encoder, if any. (Either this or the above must exist).
+   */
+  private PNGEncoder encoder;
+  
+  /**
+   * The source of this PNG (if encoding)
+   */
+  private BufferedImage sourceImage;
+
+  /**
+   * Creates a PNGFile object from an InputStream.
+   */
+  public PNGFile(InputStream in) throws IOException, PNGException
+  {
+    PNGChunk chunk;
+    byte[] fileHdr = new byte[8];
+    chunks = new Vector(); 
+    hasPalette = false;
+
+    if( in.read( fileHdr ) != 8 )
+      throw new IOException("Could not read file header.");
+    if( !validateHeader( fileHdr ) )
+      throw new PNGException("Invalid file header. Not a PNG file.");
+
+    chunk = PNGChunk.readChunk( in, false );
+    if( !(chunk instanceof PNGHeader) )
+      throw new PNGException("First chunk not a header chunk.");
+    header = (PNGHeader)chunk;
+    if( !header.isValidChunk() )
+      throw new PNGException("First chunk not a valid header.");
+    System.out.println(header);
+
+    decoder = new PNGDecoder( header );
+    // Read chunks.
+    do
+      {
+	chunk = PNGChunk.readChunk( in, false );
+	/*
+	 * We could exit here or output some kind of warning.
+	 * But in the meantime, we'll just silently drop invalid chunks.
+	 */
+	if( chunk.isValidChunk() )
+	  {
+	    if( chunk instanceof PNGData )
+	      decoder.addData( (PNGData)chunk );
+	    else // Silently ignore multiple headers, and use only the first.
+	      if( chunk.getType() != PNGChunk.TYPE_END )
+		{
+		  chunks.add( chunk ); 
+		  hasPalette |= ( chunk instanceof PNGPalette );
+		}
+	  }
+	else
+	  System.out.println("WARNING: Invalid chunk!");
+      }
+    while( chunk.getType() != PNGChunk.TYPE_END );
+
+    if( header.isIndexed() && !hasPalette )
+      throw new PNGException("File is indexed color and has no palette.");
+
+    width = header.getWidth();
+    height = header.getHeight();
+  }
+
+  /**
+   * Creates a PNG file from an existing BufferedImage.
+   */
+  public PNGFile(BufferedImage bi) throws PNGException
+  {
+    sourceImage = bi;
+    width = bi.getWidth();
+    height = bi.getHeight();
+    chunks = new Vector();
+    encoder = new PNGEncoder( bi );
+    header = encoder.getHeader();
+    if( header.isIndexed() ) 
+      chunks.add( encoder.getPalette() );
+
+    // Do the compression and put the data chunks in the list.
+    chunks.addAll( encoder.encodeImage() );
+  }
+
+  /**
+   * Writes a PNG file to an OutputStream
+   */
+  public void writePNG(OutputStream out) throws IOException
+  {
+    out.write( signature ); // write the signature.
+    header.writeChunk( out );
+    for( int i = 0; i < chunks.size(); i++ )
+      {
+	PNGChunk chunk = ((PNGChunk)chunks.elementAt(i));
+	chunk.writeChunk( out );
+      }
+    out.write( endChunk );
+  }
+
+  /**
+   * Check 8 bytes to see if it's a valid PNG header.
+   */
+  private boolean validateHeader( byte[] hdr )
+  {
+    if( hdr.length != 8 )
+      return false;
+    for( int i = 0; i < 8; i++ )
+      if( signature[i] != hdr[i] )
+	return false;
+    return true;
+  }
+
+  /**
+   * Return a loaded image as a bufferedimage.
+   */
+  public BufferedImage getBufferedImage()
+  {
+    if( decoder == null )
+      return sourceImage;
+
+    WritableRaster r = decoder.getRaster( header );
+    ColorModel cm;
+    if( header.isIndexed() )
+      {
+	PNGPalette pngp = getPalette();
+	cm = pngp.getPalette( getColorSpace() );
+      }
+    else
+      cm = decoder.getColorModel( getColorSpace(), 
+				  header.getColorType(), 
+				  header.getDepth() );
+    
+    return new BufferedImage(cm, r, false, null);
+  } 
+
+  /**
+   * Find the palette chunk and return it
+   */
+  private PNGPalette getPalette()
+  {
+    for(int i = 0; i < chunks.size(); i++ )
+      if( chunks.elementAt(i) instanceof PNGPalette )
+	return ((PNGPalette)chunks.elementAt(i));
+    return null;
+  }
+
+  /**
+   * Return the Color space to use, first preference is ICC profile, then
+   * a gamma chunk, or returns null for the default sRGB.
+   */
+  private ColorSpace getColorSpace()
+  {
+    PNGICCProfile icc = null;
+    PNGGamma gamma = null;
+    for(int i = 0; i < chunks.size(); i++ )
+      {
+	if( chunks.elementAt(i) instanceof PNGICCProfile )
+	  icc = ((PNGICCProfile)chunks.elementAt(i));
+	else if(chunks.elementAt(i) instanceof PNGGamma )
+	  gamma = ((PNGGamma)chunks.elementAt(i));
+      }
+
+    if( icc != null )
+      return icc.getColorSpace();
+//     if( gamma != null && !header.isGrayscale())
+//       return gamma.getColorSpace( header.isGrayscale() );
+    return null;
+  }
+}
diff --git a/libjava/classpath/gnu/javax/imageio/png/PNGFilter.java b/libjava/classpath/gnu/javax/imageio/png/PNGFilter.java
new file mode 100644
index 00000000000..63af1992932
--- /dev/null
+++ b/libjava/classpath/gnu/javax/imageio/png/PNGFilter.java
@@ -0,0 +1,237 @@
+/* PNGFilter.java -- PNG image filters.
+   Copyright (C) 2006 Free Software Foundation
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.imageio.png;
+
+/**
+ * A utility class of static methods implementing the PNG filtering algorithms.
+ */
+public class PNGFilter
+{
+
+  public static final byte FILTER_NONE = 0;
+  public static final byte FILTER_SUB = 1;
+  public static final byte FILTER_UP = 2;
+  public static final byte FILTER_AVERAGE = 3;
+  public static final byte FILTER_PAETH = 4;
+
+  /**
+   * Return whether a filter should be used or FILTER_NONE,
+   * following the recommendations in the PNG spec.
+   */
+  public static boolean useFilter( PNGHeader header )
+  {
+    switch( header.getColorType() )
+      {
+      case PNGHeader.INDEXED:
+	return false;
+	
+      case PNGHeader.GRAYSCALE:
+      case PNGHeader.RGB:
+	if( header.bytesPerPixel() <= 1 )
+	  return false;
+      case PNGHeader.GRAYSCALE_WITH_ALPHA:
+      case PNGHeader.RGB_WITH_ALPHA:
+      default:
+	return true;
+      }
+  }
+
+  /**
+   * Heuristic for adaptively choosing a filter, following the scheme
+   * suggested in the PNG spec.
+   * @return a fiter type.
+   */
+  public static byte chooseFilter( byte[] scanline, byte[] lastScanline, 
+				  int bpp)
+    
+  {
+    long[] values = new long[5];
+    int idx = 0;
+    for( int i = 0; i < 5; i++ )
+      {
+	byte[] filtered = filterScanline((byte)i, scanline, lastScanline, bpp);
+	values[i] = 0;
+	for(int j = 0; j < filtered.length; j++ )
+	  values[i] += (int)(filtered[j] & 0xFF);
+	if( values[ idx ] > values[i] )
+	  idx = i;
+      }
+    return (byte)idx;
+  }
+
+  /**
+   * Filter a scanline.
+   */
+  public static byte[] filterScanline( byte filtertype, byte[] scanline, 
+				       byte[] lastScanline, int bpp)
+  {
+    int stride = scanline.length;
+    byte[] out = new byte[ stride ];
+    switch( filtertype )
+      {
+      case FILTER_SUB:
+	for( int i = 0; i < bpp; i++)
+	  out[ i ] = scanline[ i ];
+	
+	for( int i = bpp; i < stride; i++ )
+	  out[i] = (byte)(scanline[ i ] - 
+			  scanline[ i - bpp ]);
+	break;
+
+      case FILTER_UP:
+	for( int i = 0; i < stride; i++ )
+	  out[ i ] = (byte)(scanline[ i ] - lastScanline[ i ]);
+	break;
+
+      case FILTER_AVERAGE:
+	for( int i = 0; i < bpp; i++)
+	  out[ i ] = (byte)((scanline[ i ] & 0xFF) - ((lastScanline[ i ] & 0xFF) >> 1));
+	for( int i = bpp; i < stride; i++ )
+	  out[ i ] = (byte)((scanline[ i ] & 0xFF) - 
+			    (((scanline[ i - bpp ] & 0xFF) + 
+			      (lastScanline[ i ] & 0xFF)) >> 1));
+	break;
+
+      case FILTER_PAETH:
+	for( int i = 0; i < stride; i++ )
+	  {
+	    int x;
+	    {
+	      int a, b, c;
+	      if( i >= bpp )
+		{
+		  a = (scanline[ i - bpp ] & 0xFF); // left
+		  c = (lastScanline[ i - bpp ] & 0xFF); // upper-left
+		}
+	      else
+		a = c = 0;
+	      b = (lastScanline[ i ] & 0xFF); // up
+	      
+	      int p = (a + b - c);        // initial estimate
+	      // distances to a, b, c
+	      int pa = (p > a) ? p - a : a - p; 
+	      int pb = (p > b) ? p - b : b - p; 
+	      int pc = (p > c) ? p - c : c - p; 
+	      // return nearest of a,b,c,
+	      // breaking ties in order a,b,c.
+	      if( pa <= pb && pa <= pc ) x = a;
+	      else { if( pb <= pc ) x = b;
+		else x = c;
+	      }
+	    }
+	    out[ i ] = (byte)(scanline[ i ] - x);
+	  }
+	break;
+      default:
+      case FILTER_NONE:
+	return scanline;
+      }
+    return out;
+  }
+
+  /**
+   * Unfilter a scanline.
+   */
+  public static byte[] unFilterScanline( int filtertype, byte[] scanline, 
+					 byte[] lastScanline, int bpp)
+  {
+    int stride = scanline.length;
+    byte[] out = new byte[ stride ];
+    switch( filtertype )
+      {
+
+      case FILTER_NONE:
+	System.arraycopy( scanline, 0, out, 0, stride );
+	break;
+	
+      case FILTER_SUB:
+	for( int i = 0; i < bpp; i++)
+	  out[ i ] = scanline[ i ];
+	
+	for( int i = bpp; i < stride; i++ )
+	  out[ i ] = (byte)(scanline[ i ] + 
+			    out[ i - bpp ]);
+	break;
+
+      case FILTER_UP:
+	for( int i = 0; i < stride; i++ )
+	  out[ i ] = (byte)(scanline[ i ] + lastScanline[ i ]);
+	break;
+
+      case FILTER_AVERAGE:
+	for( int i = 0; i < bpp; i++)
+	  out[ i ] = (byte)((scanline[ i ] & 0xFF) + ((lastScanline[ i ] & 0xFF) >> 1));
+	for( int i = bpp; i < stride; i++ )
+	  out[ i ] = (byte)((scanline[ i ] & 0xFF) + 
+			    (((out[ i - bpp ] & 0xFF) + (lastScanline[ i ] & 0xFF)) >> 1));
+	break;
+
+      case FILTER_PAETH:
+	for( int i = 0; i < stride; i++ )
+	  {
+	    int x;
+	    {
+	      int a, b, c;
+	      if( i >= bpp )
+		{
+		  a = (out[ i - bpp ] & 0xFF); // left
+		  c = (lastScanline[ i - bpp ] & 0xFF); // upper-left
+		}
+	      else
+		a = c = 0;
+	      b = (lastScanline[ i ] & 0xFF); // up
+	      
+	      int p = (a + b - c);        // initial estimate
+	      // distances to a, b, c
+	      int pa = (p > a) ? p - a : a - p; 
+	      int pb = (p > b) ? p - b : b - p; 
+	      int pc = (p > c) ? p - c : c - p; 
+	      // return nearest of a,b,c,
+	      // breaking ties in order a,b,c.
+	      if( pa <= pb && pa <= pc ) x = a;
+	      else { if( pb <= pc ) x = b;
+		else x = c;
+	      }
+	    }
+	    out[ i ] = (byte)(scanline[ i ] + x);
+	  }
+	break;
+      }
+    return out;
+  }
+}
\ No newline at end of file
diff --git a/libjava/classpath/gnu/javax/imageio/png/PNGGamma.java b/libjava/classpath/gnu/javax/imageio/png/PNGGamma.java
new file mode 100644
index 00000000000..af777d9b4f6
--- /dev/null
+++ b/libjava/classpath/gnu/javax/imageio/png/PNGGamma.java
@@ -0,0 +1,89 @@
+/* PNGGamma.java -- GAMA chunk.
+   Copyright (C) 2006 Free Software Foundation
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.imageio.png;
+
+import java.awt.color.ICC_ProfileGray;
+import java.awt.color.ICC_ProfileRGB;
+import java.awt.color.ICC_Profile;
+import java.awt.color.ICC_ColorSpace;
+import java.awt.color.ColorSpace;
+
+/**
+ * A PNG gAMA (gamma) chunk.
+ */
+public class PNGGamma extends PNGChunk 
+{ 
+  private double gamma;
+
+  protected PNGGamma( int type, byte[] data, int crc ) throws PNGException
+  {
+    super( type, data, crc );
+    if( data.length < 4 )
+      throw new PNGException("Unexpectedly short time chunk. ("+data.length+" bytes)");
+    long g = ((data[0] & 0xFF) << 24) | ( (data[1] & 0xFF) << 16 ) | 
+      ((data[2] & 0xFF) << 8) | (data[3] & 0xFF);
+    gamma = (double)g;
+    gamma = 100000.0/gamma; 
+  }
+
+  public PNGGamma( double g )
+  {
+    super( TYPE_GAMMA );
+    data = new byte[ 4 ];
+    gamma = g;
+    long tmp = (long)(100000.0/gamma);
+    data[0] = (byte)((tmp & 0xFF000000) >> 24);
+    data[1] = (byte)((tmp & 0xFF0000) >> 16);
+    data[2] = (byte)((tmp & 0xFF00) >> 8);
+    data[3] = (byte)(tmp & 0xFF);
+  }
+
+  /**
+   * Returns a ColorSpace object corresponding to this gamma value.
+   */
+  public ColorSpace getColorSpace(boolean grayscale)
+  {
+    // FIXME.
+    return null;
+  }
+
+  public String toString()
+  {
+    return "PNG Gamma chunk, value: "+gamma;
+  }
+}
diff --git a/libjava/classpath/gnu/javax/imageio/png/PNGHeader.java b/libjava/classpath/gnu/javax/imageio/png/PNGHeader.java
new file mode 100644
index 00000000000..c9ef2dc37fe
--- /dev/null
+++ b/libjava/classpath/gnu/javax/imageio/png/PNGHeader.java
@@ -0,0 +1,257 @@
+/* PNGHeader.java -- PNG Header
+   Copyright (C) 2006 Free Software Foundation
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.imageio.png;
+
+/**
+ * A PNG Header chunk.
+ */
+public class PNGHeader extends PNGChunk 
+{ 
+  private int width, height, depth;
+  private int colorType, compression, filter, interlace;
+
+  /**
+   * The valid interlace types.
+   */
+  public static final int INTERLACE_NONE = 0;
+  public static final int INTERLACE_ADAM7 = 1;
+
+  /**
+   * The valid color types.
+   */
+  public static final int GRAYSCALE = 0;
+  public static final int RGB = 2;
+  public static final int INDEXED = 3;
+  public static final int GRAYSCALE_WITH_ALPHA = 4;
+  public static final int RGB_WITH_ALPHA = 6;
+
+  /**
+   * Parses a PNG Header chunk.
+   */
+  protected PNGHeader( int type, byte[] data, int crc ) throws PNGException
+  {
+    super( type, data, crc );
+    if( data.length < 13 )
+      throw new PNGException("Unexpectedly short header chunk. (" + data.length
+			     + " bytes)");
+
+    width = ((data[0] & 0xFF) << 24) | ( (data[1] & 0xFF) << 16 ) | 
+      ((data[2] & 0xFF) << 8) | (data[3] & 0xFF);
+    height = ((data[4] & 0xFF) << 24) | ( (data[5] & 0xFF) << 16 ) | 
+      ((data[6] & 0xFF) << 8) | (data[7] & 0xFF);
+    depth = (data[8] & 0xFF);
+    colorType = (data[9] & 0xFF);
+    compression = (data[10] & 0xFF);
+    filter = (data[11] & 0xFF);
+    interlace = (data[12] & 0xFF);
+  }
+
+  /**
+   * Create a PNG header chunk.
+   * Warning: This trusts that the parameters are valid.
+   */
+  public PNGHeader(int width, int height, int depth, 
+		   int colorType, boolean interlace)
+  {
+    super( TYPE_HEADER );
+    data = new byte[ 13 ];
+
+    this.width = width;
+    this.height = height;
+    this.depth = depth;
+    compression = filter = 0;
+    this.colorType = colorType;
+    this.interlace = interlace ? 1 : 0;
+
+    // Build the data chunk.
+    byte[] a = getInt( width );
+    byte[] b = getInt( height );
+    data[0] = a[0]; data[1] = a[1]; data[2] = a[2]; data[3] = a[3]; 
+    data[4] = b[0]; data[5] = b[1]; data[6] = b[2]; data[7] = b[3]; 
+    data[8] = (byte)depth;
+    data[9] = (byte)colorType;
+    data[10] = (byte)compression;
+    data[11] = (byte)filter;
+    data[12] = (byte)this.interlace;
+  }
+
+  /**
+   * Validates the header fields
+   */
+  public boolean isValidChunk()
+  {
+    if( !super.isValidChunk() )
+      return false;
+
+    // width and height must be nonzero
+    if( width == 0 || height == 0 )
+      return false;
+    // colorType can be 0,2,3,4,6
+    if( (colorType & 0xFFFFFFF8) != 0 || colorType == 5 || colorType == 1)
+      return false;
+    // Possible valid depths are 1,2,4,8,16
+    if( !((depth == 1) || (depth == 2) || (depth == 4) || 
+	(depth == 8) || (depth == 16)) )
+      return false;
+    if( colorType == INDEXED && depth == 16 )
+      return false;
+    if( ( colorType == RGB || colorType == GRAYSCALE_WITH_ALPHA || 
+	  colorType == RGB_WITH_ALPHA ) &&
+	depth < 8 )
+      return false;
+    // Only compression and filter methods zero are defined
+    if( compression != 0 || filter != 0 )
+      return false;
+    // Interlace methods, 0 and 1 are valid values.
+    if( (interlace & 0xFFFFFFFE) != 0 )
+      return false;
+
+    return true;
+  }
+
+  /**
+   * Returns <code>true</code> if this PNG is indexed-color
+   */
+  public boolean isIndexed()
+  {
+    return (colorType == INDEXED);
+  }
+
+  /**
+   * Returns <code>true</code> if this PNG is grayscale 
+   */
+  public boolean isGrayscale()
+  {
+    return ((colorType ==  GRAYSCALE) || (colorType == GRAYSCALE_WITH_ALPHA));
+  }
+
+  /**
+   * Returns the color type of the image.
+   */
+  public int getColorType()
+  {
+    return colorType;
+  }
+
+  /**
+   * Returns whether the image is interlaced or not.
+   */
+  public boolean isInterlaced()
+  {
+    return (interlace != 0);
+  }
+
+  /** 
+   * Returns the number of bytes per pixel.
+   */
+  public int bytesPerPixel()
+  {
+    switch( colorType )
+      {
+      case GRAYSCALE_WITH_ALPHA:
+	return ((depth * 2) >> 3);
+      case RGB:
+	return ((depth * 3) >> 3);
+      case RGB_WITH_ALPHA:
+	return ((depth * 4) >> 3);
+
+      default:
+      case GRAYSCALE:
+      case INDEXED:
+	int i = (depth >> 3);
+	if( i > 0 ) return i;
+	return 1; // if bytes per pixel < 1, return 1 anyway.
+      }
+  }
+
+  /**
+   * Returns the stride of one scanline, in bytes.
+   */
+  public int getScanlineStride()
+  {
+    long nBits = 0; // bits per scanline - scanlines are on byte offsets.
+    switch( colorType )
+      {
+      case GRAYSCALE:
+	nBits = width * depth;
+	break;
+      case RGB:
+	nBits = width * depth * 3;
+	break;
+      case INDEXED:
+	nBits = depth * width;
+	break;
+      case GRAYSCALE_WITH_ALPHA:
+	nBits = depth * width * 2;
+	break;
+      case RGB_WITH_ALPHA:
+	nBits = depth * width * 4;
+	break;
+      }
+    // Round up number of bits to the nearest byte
+    if( (nBits & 0x07) != 0 )
+      nBits += (8 - (nBits & 0x07));
+
+    return (int)(nBits >> 3); // return # of bytes.
+  }
+
+  public int getWidth()
+  {
+    return width; 
+  }
+  
+  public int getHeight()
+  { 
+    return height; 
+  }
+
+  public int getDepth()
+  { 
+    return depth; 
+  }
+
+  /**
+   * Debugging string.
+   */
+  public String toString()
+  {
+    return "Header Chunk. Image width:"+width+" height:"+height+
+      " depth:"+depth+" color type:"+colorType+" compression type:"+
+      compression+" filter type:"+ filter+" interlace:"+interlace;
+  }
+}
diff --git a/libjava/classpath/gnu/javax/imageio/png/PNGICCProfile.java b/libjava/classpath/gnu/javax/imageio/png/PNGICCProfile.java
new file mode 100644
index 00000000000..d2696e1c6b8
--- /dev/null
+++ b/libjava/classpath/gnu/javax/imageio/png/PNGICCProfile.java
@@ -0,0 +1,114 @@
+/* PNGICCProfile.java --
+   Copyright (C) 2006 Free Software Foundation
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.imageio.png;
+
+import java.awt.color.ICC_Profile;
+import java.awt.color.ICC_ColorSpace;
+import java.awt.color.ColorSpace;
+import java.io.UnsupportedEncodingException;
+import java.io.IOException;
+import java.io.ByteArrayInputStream;
+import java.util.zip.InflaterInputStream;
+import java.util.zip.Deflater;
+
+/**
+ * A PNG iCCP (ICC Profile) chunk.
+ */
+public class PNGICCProfile extends PNGChunk 
+{ 
+  private String name;
+  private ICC_Profile profile;
+  // A generic profile name to use "ICC Profile"
+  private static final byte[] genericName = new byte[]
+  { 0x49, 0x43, 0x43, 0x20, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65 };
+  
+  protected PNGICCProfile( int type, byte[] data, int crc ) throws PNGException
+  {
+    super( type, data, crc );
+    int i = 0;
+    while( data[i++] != 0 );
+    try
+      {
+	name = new String(data, 0, i, "8859_1");
+      }
+    catch(UnsupportedEncodingException e)
+      {
+	name = ""; // shouldn't really happen.
+      }
+    if( data[i++] != 0 )
+      throw new PNGException("Can't handle nonzero compression types with iCCP chunks.");
+    try
+      {
+	ByteArrayInputStream bos = new ByteArrayInputStream( data, i, 
+							     data.length - i );
+	profile = ICC_Profile.getInstance( new InflaterInputStream( bos ) );
+      }
+    catch(IOException ioe)
+      {
+	throw new PNGException("Couldn't read iCCP profile chunk.");
+      }
+    System.out.println("Got profile:"+profile);
+  }
+
+  public PNGICCProfile( ICC_Profile profile )
+  {
+    super( TYPE_PROFILE );
+    this.profile = profile;
+    byte[] profData = profile.getData();
+    byte[] outData = new byte[ profData.length * 2 ];
+    Deflater deflater = new Deflater();
+    deflater.setInput( profData );
+    deflater.finish();
+    int n = deflater.deflate( outData );
+    data = new byte[ n + 11 + 2 ];
+    System.arraycopy(genericName, 0, data, 0, 11 );
+    data[11] = data[12] = 0; // null separator and compression type.
+    // Copy compressed data
+    System.arraycopy(outData, 0, data, 13, n );
+  }
+
+  public ColorSpace getColorSpace()
+  {
+    return new ICC_ColorSpace( profile );
+  }
+
+  public String toString()
+  {
+    return "PNG ICC Profile, name: "+name;
+  }
+}
diff --git a/libjava/classpath/gnu/javax/imageio/png/PNGImageReader.java b/libjava/classpath/gnu/javax/imageio/png/PNGImageReader.java
new file mode 100644
index 00000000000..64aa3fea5af
--- /dev/null
+++ b/libjava/classpath/gnu/javax/imageio/png/PNGImageReader.java
@@ -0,0 +1,224 @@
+/* PNGImageReader.java -- The ImageIO ImageReader for PNG
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.javax.imageio.png;
+
+import gnu.javax.imageio.IIOInputStream;
+
+import java.awt.image.BufferedImage;
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.ArrayList;
+import java.util.Iterator;
+
+import javax.imageio.ImageReadParam;
+import javax.imageio.ImageReader;
+import javax.imageio.ImageTypeSpecifier;
+import javax.imageio.metadata.IIOMetadata;
+import javax.imageio.stream.ImageInputStream;
+
+/**
+ * The ImageIO ImageReader for PNG images.
+ *
+ * @author Roman Kennke (kennke@aicas.com)
+ */
+public class PNGImageReader
+  extends ImageReader
+{
+
+  /**
+   * The PNG file.
+   */
+  private PNGFile pngFile;
+
+  /**
+   * The decoded image.
+   */
+  private BufferedImage image;
+
+  /**
+   * The supported image types for PNG.
+   */
+  private ArrayList imageTypes;
+
+  /**
+   * Creates a new instance.
+   *
+   * @param spi the corresponding ImageReaderSpi
+   */
+  public PNGImageReader(PNGImageReaderSpi spi)
+  {
+    super(spi);
+  }
+
+  /**
+   * Returns the height of the image.
+   */
+  public int getHeight(int imageIndex)
+    throws IOException
+  {
+    checkIndex(imageIndex);
+    readImage();
+    return image.getHeight();
+  }
+
+  /**
+   * Returns the width of the image.
+   *
+   * @param imageIndex the index of the image
+   *
+   * @return the width of the image
+   */
+  public int getWidth(int imageIndex) throws IOException
+  {
+    checkIndex(imageIndex);
+    readImage();
+    return image.getWidth();
+  }
+
+  /**
+   * Returns the image types for the image.
+   *
+   * @see ImageReader#getImageTypes(int)
+   */
+  public Iterator getImageTypes(int imageIndex)
+    throws IOException
+  {
+    checkIndex(imageIndex);
+    readImage();
+    if (imageTypes == null)
+      {
+        imageTypes = new ArrayList();
+        imageTypes.add(new ImageTypeSpecifier(image.getColorModel(),
+                                              image.getSampleModel()));
+      }
+    return imageTypes.iterator();
+  }
+
+  /**
+   * Returns the number of images in the stream.
+   *
+   * @return the number of images in the stream
+   *
+   * @see ImageReader#getNumImages(boolean)
+   */
+  public int getNumImages(boolean allowSearch)
+    throws IOException
+  {
+    return 1;
+  }
+
+  /**
+   * Reads the image.
+   *
+   * @param imageIndex the index of the image to read
+   * @param param additional parameters
+   */
+  public BufferedImage read(int imageIndex, ImageReadParam param)
+    throws IOException
+  {
+    checkIndex(imageIndex);
+    readImage();
+    return image;
+  }
+
+  /**
+   * Sets the input and checks the input parameter.
+   *
+   * @see ImageReader#setInput(Object, boolean, boolean)
+   */
+  public void setInput(Object input, 
+                       boolean seekForwardOnly, 
+                       boolean ignoreMetadata) 
+  {
+    super.setInput(input, seekForwardOnly, ignoreMetadata);
+    if (! (input instanceof InputStream || input instanceof ImageInputStream))
+      throw new IllegalArgumentException("Input not an ImageInputStream");
+  }
+
+  public IIOMetadata getImageMetadata(int imageIndex)
+    throws IOException
+  {
+    // TODO: Not (yet) supported.
+    checkIndex(imageIndex);
+    return null;
+  }
+
+  public IIOMetadata getStreamMetadata()
+    throws IOException
+  {
+    // TODO: Not (yet) supported.
+    return null;
+  }
+
+  /**
+   * Checks the image indexa and throws and IndexOutOfBoundsException if
+   * appropriate.
+   *
+   * @param index the index to check
+   */
+  private void checkIndex(int index)
+  {
+    if (index > 0)
+      throw new IndexOutOfBoundsException("Image index out of bounds");
+  }
+
+  /**
+   * Makes sure that the image is read.
+   *
+   * @throws IOException if something goes wrong
+   */
+  private void readImage()
+    throws IOException
+  {
+    if (pngFile == null)
+      {
+        if (input instanceof InputStream)
+          pngFile = new PNGFile((InputStream) input);
+        else if (input instanceof ImageInputStream)
+          pngFile = new PNGFile(new IIOInputStream((ImageInputStream) input));
+        else
+          assert false : "Must not happen";
+      }
+
+    if (pngFile != null && image == null)
+      {
+        image = pngFile.getBufferedImage();
+      }
+  }
+}
diff --git a/libjava/classpath/gnu/javax/imageio/png/PNGImageReaderSpi.java b/libjava/classpath/gnu/javax/imageio/png/PNGImageReaderSpi.java
new file mode 100644
index 00000000000..0092ab55846
--- /dev/null
+++ b/libjava/classpath/gnu/javax/imageio/png/PNGImageReaderSpi.java
@@ -0,0 +1,128 @@
+/* PNGImageReaderSpi.java -- The ImageReader service provider for PNG
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.javax.imageio.png;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.Locale;
+
+import javax.imageio.ImageReader;
+import javax.imageio.spi.ImageReaderSpi;
+import javax.imageio.stream.ImageInputStream;
+
+/**
+ * The ImageIO ImageReader service provider for PNG images.
+ *
+ * @author Roman Kennke (kennke@aicas.com)
+ */
+public class PNGImageReaderSpi
+  extends ImageReaderSpi
+{
+
+  /**
+   * The PNG file signature.
+   */
+  private static final byte[] SIGNATURE = new byte[]
+                              { (byte) 137, 80, 78, 71, 13, 10, 26, 10 };
+
+  private static final String VENDOR_NAME = "GNU";
+  static final String VERSION = "1.0";
+  static final String READER_CLASSNAME =
+                                       "gnu.javax.imageio.png.PNGImageReader";
+  static final String[] NAMES = { "Portable Network Graphics" };
+  static final String[] SUFFIXES = { ".png" , ".PNG" };
+  static final String[] MIME_TYPES = { "image/png" };
+  static final String[] WRITER_SPI_NAMES =
+    new String[] { "gnu.javax.imageio.png.PNGWriterSpi" };
+  static final Class[] INPUT_TYPES = new Class[]{ InputStream.class,
+                                                  ImageInputStream.class};
+  public PNGImageReaderSpi()
+  {
+    super(VENDOR_NAME, VERSION, NAMES, SUFFIXES, MIME_TYPES, READER_CLASSNAME,
+          INPUT_TYPES, WRITER_SPI_NAMES, false, null, null, null, null, false,
+          null, null, null, null);
+  }
+
+  /**
+   * Determines if the PNG ImageReader can decode the specified input.
+   *
+   * @param source the source to decode
+   */
+  public boolean canDecodeInput(Object source) throws IOException
+  {
+    boolean canDecode = false;
+    if (source instanceof ImageInputStream)
+      {
+        ImageInputStream in = (ImageInputStream) source;
+        in.mark();
+        canDecode = true;
+        for (int i = 0; i < SIGNATURE.length && canDecode; i++)
+          {
+            byte sig = (byte) in.read();
+            if (sig != SIGNATURE[i]) {
+              canDecode = false;
+            }
+          }
+        in.reset();
+      }
+    return canDecode;
+  }
+
+  /**
+   * Returns a new PNGImageReader instance.
+   *
+   * @param extension the extension, ignored
+   */
+  public ImageReader createReaderInstance(Object extension)
+    throws IOException
+  {
+    return new PNGImageReader(this);
+  }
+
+  /**
+   * Returns a description.
+   *
+   * @param locale the locale
+   */
+  public String getDescription(Locale locale)
+  {
+    return "Portable Network Graphics";
+  }
+
+}
diff --git a/libjava/classpath/gnu/javax/imageio/png/PNGPalette.java b/libjava/classpath/gnu/javax/imageio/png/PNGPalette.java
new file mode 100644
index 00000000000..478129df54e
--- /dev/null
+++ b/libjava/classpath/gnu/javax/imageio/png/PNGPalette.java
@@ -0,0 +1,127 @@
+/* PNGPalette.java --
+   Copyright (C) 2006 Free Software Foundation
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.imageio.png;
+
+import java.awt.color.ColorSpace;
+import java.awt.image.IndexColorModel;
+
+/**
+ * A PNG Palette chunk.
+ */
+public class PNGPalette extends PNGChunk 
+{ 
+  private int[] red,green,blue;
+
+  protected PNGPalette( int type, byte[] data, int crc ) throws PNGException
+  {
+    super( type, data, crc );
+    double l = data.length;
+    l /= 3.0;
+    // Check if it's divisible by 3. (Yuck.)
+    if( l - Math.floor(l) != 0.0 )
+      throw new PNGException("Invalid size of palette chunk.");
+    int nEntries = (int)l;
+
+    red = new int[ nEntries ];
+    green = new int[ nEntries ];
+    blue = new int[ nEntries ];
+    for( int i = 0; i < nEntries; i++ )
+      {
+	red[i] = (data[ i * 3 ] & 0xFF);
+	green[i] = (data[ i * 3 + 1 ] & 0xFF);
+	blue[i] = (data[ i * 3 + 2] & 0xFF);
+      }
+  }
+
+  public PNGPalette( IndexColorModel cm )
+  {
+    super( TYPE_PALETTE );
+    int n = cm.getMapSize();
+    data = new byte[ n * 3 ];
+    red = new int[ n ];
+    green = new int[ n ];
+    blue = new int[ n ];
+    for(int i = 0; i < n; i++ )
+      {
+	red[i] = data[i * 3] = (byte)cm.getRed(i);
+	green[i] = data[i * 3 + 1] = (byte)cm.getGreen(i);
+	blue[i] = data[i * 3 + 2] = (byte)cm.getBlue(i);
+      }
+  }
+
+  public IndexColorModel getPalette( ColorSpace cs )
+  {
+    int nc = red.length;
+    byte[] r = new byte[nc];
+    byte[] g = new byte[nc];
+    byte[] b = new byte[nc];
+
+    if( cs == null )
+      {
+	for(int i = 0; i < nc; i ++ )
+	  {
+	    r[i] = (byte)red[i];
+	    g[i] = (byte)green[i];
+	    b[i] = (byte)blue[i];
+	  }
+      }
+    else
+      {
+	for(int i = 0; i < nc; i ++ )
+	  {
+	    float[] in = new float[3];
+	    in[0] = (((float)red[i]) / 255f);
+	    in[1] = (((float)green[i]) / 255f);
+	    in[2] = (((float)blue[i]) / 255f);
+	    float[] out = cs.toRGB( in );
+	    r[i] = (byte)( Math.round(out[0] * 255.0) );
+	    g[i] = (byte)( Math.round(out[1] * 255.0) );
+	    b[i] = (byte)( Math.round(out[2] * 255.0) );
+	  }
+      }	
+    return new IndexColorModel(8, nc, r, g, b);
+  }
+
+  public String toString()
+  {
+    String s = "PNG Palette:\n";
+    for( int i = 0; i < red.length; i++)
+      s = s + "Index " + i + ": ["+ red[i] +", "+green[i]+", "+blue[i]+"]\n";
+    return s;
+  }
+}
diff --git a/libjava/classpath/gnu/javax/imageio/png/PNGPhys.java b/libjava/classpath/gnu/javax/imageio/png/PNGPhys.java
new file mode 100644
index 00000000000..0a82d6acbff
--- /dev/null
+++ b/libjava/classpath/gnu/javax/imageio/png/PNGPhys.java
@@ -0,0 +1,112 @@
+/* PNGPhys.java --
+   Copyright (C) 2006 Free Software Foundation
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.imageio.png;
+
+/**
+ * A PNG "pHYS" chunk - pixel physical dimensions
+ */
+public class PNGPhys extends PNGChunk 
+{ 
+  long x, y;
+  double ratio;
+  boolean usesRatio;
+
+  protected PNGPhys( int type, byte[] data, int crc ) throws PNGException
+  {
+    super( type, data, crc );
+    if( data.length < 9 )
+      throw new PNGException("Unexpected size of pHYS chunk.");
+    x = ((data[0] & 0xFF) << 24) | ( (data[1] & 0xFF) << 16 ) | 
+      ((data[2] & 0xFF) << 8) | (data[3] & 0xFF);
+    y = ((data[4] & 0xFF) << 24) | ( (data[5] & 0xFF) << 16 ) | 
+      ((data[6] & 0xFF) << 8) | (data[7] & 0xFF);
+    if(data[8] == 0)
+      {
+	ratio = ((double)x)/((double)y);
+	usesRatio = true;
+      }
+  }
+
+  public PNGPhys( double ratio )
+  {
+    super( TYPE_PHYS );
+
+    this.ratio = ratio;
+    usesRatio = true;
+
+    if( ratio < 1.0 )
+      {
+	y = 0xFFFFFFFF;
+	x = (long)(0xFFFFFFFFL * ratio);
+      }
+    else
+      {
+	x = 0xFFFFFFFF;
+	y = (long)(0xFFFFFFFFL * ratio);
+      }
+    makeData();
+  }
+
+  public PNGPhys( int x, int y )
+  {
+    super( TYPE_PHYS );
+    usesRatio = false;
+    this.x = x;
+    this.y = y;
+    makeData();
+  }
+
+  private void makeData()
+  {
+    data = new byte[ 9 ];
+    byte[] a = getInt( (int)x );
+    byte[] b = getInt( (int)y );
+    data[0] = a[0]; data[1] = a[1]; data[2] = a[2]; data[3] = a[3]; 
+    data[4] = b[0]; data[5] = b[1]; data[6] = b[2]; data[7] = b[3]; 
+    data[7] = (usesRatio) ? 0 : (byte)0xFF;
+  }
+
+  public String toString()
+  {
+    String s = "PNG Physical pixel size chunk.";
+    if( usesRatio )
+      return s + " Aspect ratio (x/y): " + ratio;
+    else
+      return s + " " + x + " by " + y + " pixels per meter. (x, y).";
+  }
+}
diff --git a/libjava/classpath/gnu/javax/imageio/png/PNGTime.java b/libjava/classpath/gnu/javax/imageio/png/PNGTime.java
new file mode 100644
index 00000000000..9b5c0332a27
--- /dev/null
+++ b/libjava/classpath/gnu/javax/imageio/png/PNGTime.java
@@ -0,0 +1,83 @@
+/* PNGTime.java --
+   Copyright (C) 2006 Free Software Foundation
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.imageio.png;
+
+import java.util.Date;
+
+/**
+ * A PNG tIME chunk.
+ */
+public class PNGTime extends PNGChunk 
+{ 
+  private Date date;
+
+  protected PNGTime( int type, byte[] data, int crc ) throws PNGException
+  {
+    super( type, data, crc );
+    if( data.length < 7 )
+      throw new PNGException("Unexpectedly short time chunk. ("+data.length+" bytes)");
+
+    // PNG value is absolute (2006, not 106 or 06), java is from 1900.
+    int year = ( (data[0] & 0xFF) << 8 ) | (data[1] & 0xFF);
+    int month = (data[2] & 0xFF); // java counts from 0. PNG from 1.
+    int day = (data[3] & 0xFF); 
+    int hour = (data[4] & 0xFF);
+    int minute = (data[5] & 0xFF);
+    int second = (data[6] & 0xFF);
+    date = new Date( year - 1900, month - 1, day, hour, minute, second );
+  }
+
+  public PNGTime( Date d )
+  {
+    super( TYPE_TIME );
+    data = new byte[ 7 ];
+    int tmp = d.getYear() + 1900;
+    data[0] = (byte)((tmp & 0xFF00) >> 8);
+    data[1] = (byte)(tmp & 0x00FF);
+    data[2] = (byte)(d.getMonth() + 1);
+    data[3] = (byte)(d.getDay());
+    data[4] = (byte)(d.getHours());
+    data[5] = (byte)(d.getMinutes());
+    data[6] = (byte)(d.getSeconds());
+  }
+
+  public String toString()
+  {
+    return "PNG Time chunk: "+date;
+  }
+}
diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/KeyPool.java b/libjava/classpath/gnu/javax/net/ssl/provider/KeyPool.java
index e342700c269..18d9dc281ab 100644
--- a/libjava/classpath/gnu/javax/net/ssl/provider/KeyPool.java
+++ b/libjava/classpath/gnu/javax/net/ssl/provider/KeyPool.java
@@ -41,15 +41,6 @@ package gnu.javax.net.ssl.provider;
 import java.math.BigInteger;
 import java.security.KeyPair;
 import java.security.SecureRandom;
-import java.security.Security;
-import java.util.LinkedList;
-import javax.crypto.spec.DHParameterSpec;
-
-import gnu.java.security.hash.HashFactory;
-import gnu.java.security.hash.IMessageDigest;
-import gnu.java.security.prng.IRandom;
-import gnu.java.security.prng.LimitReachedException;
-import gnu.java.security.util.Prime2;
 
 final class KeyPool
 {
@@ -92,7 +83,7 @@ final class KeyPool
         nextBytes(kb);
         p = new BigInteger(1, kb).setBit(0);
         if (p.compareTo(lower) >= 0 && p.compareTo(upper) <= 0 &&
-            Prime2.isProbablePrime(p) && p.gcd(E).equals(ONE))
+            p.isProbablePrime(80) && p.gcd(E).equals(ONE))
           break;
       }
 
@@ -101,7 +92,7 @@ final class KeyPool
         nextBytes(kb);
         q = new BigInteger(1, kb).setBit(0);
         n = q.multiply(p);
-        if (n.bitLength() == 512 && Prime2.isProbablePrime(q) &&
+        if (n.bitLength() == 512 && q.isProbablePrime(80) &&
             q.gcd(E).equals(ONE))
           break;
       }
diff --git a/libjava/classpath/gnu/javax/print/CupsServer.java b/libjava/classpath/gnu/javax/print/CupsServer.java
index 6d9601fb933..0486e69deb0 100644
--- a/libjava/classpath/gnu/javax/print/CupsServer.java
+++ b/libjava/classpath/gnu/javax/print/CupsServer.java
@@ -84,24 +84,43 @@ public class CupsServer
 
   /**
    * Creates a <code>CupsServer</code> object which
-   * tries to connect to the cups server on localhost.
+   * tries to connect to a cups server. 
+   *
+   * If <code>gnu.javax.print.server</code> is explicitly set, then
+   * that hostname will be used. Otherwise it will default to localhost.
    * 
    * @param username the username
    * @param password the password for the username.
    */
   public CupsServer(String username, String password)
   {
+    this.username = username;
+    this.password = password;
+
+    this.uri = null;
+    try
+      {
+	String serv = System.getProperty("gnu.javax.print.server");
+	if( serv != null )
+	  this.uri = new URI("http://"+serv+":631");
+      }
+    catch(URISyntaxException use)
+      {
+	throw new RuntimeException("gnu.javax.print.CupsServer value is not a valid hostname.");
+      }
+    catch(SecurityException se)
+      {
+      }
+
     try
       {
-        this.uri = new URI("http://localhost:631");
+	if( this.uri == null )
+	  this.uri = new URI("http://localhost:631");
       }
     catch (URISyntaxException e)
       {
         // does not happen
       }
-    
-    this.username = username;
-    this.password = password;
   }
  
   /**
@@ -193,7 +212,7 @@ public class CupsServer
         Map printerAttributes = (Map) prAttr.get(i);
         Set uris = (Set) printerAttributes.get(PrinterUriSupported.class);
         PrinterUriSupported uri = (PrinterUriSupported) uris.toArray()[0];
-        
+
         try
           {
             CupsPrintService cups = new CupsPrintService(uri.getURI(),
diff --git a/libjava/classpath/gnu/javax/print/ipp/IppRequest.java b/libjava/classpath/gnu/javax/print/ipp/IppRequest.java
index 8abab519282..05a6faae72e 100644
--- a/libjava/classpath/gnu/javax/print/ipp/IppRequest.java
+++ b/libjava/classpath/gnu/javax/print/ipp/IppRequest.java
@@ -119,6 +119,11 @@ public class IppRequest
 {
 
   /**
+   * The printer-poll timeout. 
+   */
+  private static final int timeout = 1000;
+
+  /**
    * Helper class used to write the attributes of a request
    * into the supplied data output stream in the correct way.
    * 
@@ -789,7 +794,7 @@ public class IppRequest
     
     alreadySent = true;
       
-    OutputStream stream = stream = connection.getOutputStream();   
+    OutputStream stream = connection.getOutputStream();   
     DataOutputStream out = new DataOutputStream(stream);
         
     //  the header 8 bytes long
@@ -838,8 +843,13 @@ public class IppRequest
              
     out.flush();
     stream.flush();  
-    
-    int responseCode = responseCode = connection.getResponseCode();
+  
+    // Set the connection timeout, for if the printer is offline.
+    // FIXME: The print services polling should probably be done in its
+    // own thread.
+    connection.setConnectTimeout( timeout );
+
+    int responseCode = connection.getResponseCode();
     
     if (responseCode == HttpURLConnection.HTTP_OK)
       { 
diff --git a/libjava/classpath/gnu/javax/security/auth/callback/ConsoleCallbackHandler.java b/libjava/classpath/gnu/javax/security/auth/callback/ConsoleCallbackHandler.java
index 052b6c43d73..d4bd9ed267a 100644
--- a/libjava/classpath/gnu/javax/security/auth/callback/ConsoleCallbackHandler.java
+++ b/libjava/classpath/gnu/javax/security/auth/callback/ConsoleCallbackHandler.java
@@ -137,7 +137,7 @@ public class ConsoleCallbackHandler extends AbstractCallbackHandler
             {
               if (choices[i].equals(replies[j]))
                 {
-                  indices.add(new Integer(i));
+                  indices.add(Integer.valueOf(i));
                 }
             }
         if (indices.size() == 0)
diff --git a/libjava/classpath/gnu/javax/security/auth/login/ConfigFileParser.java b/libjava/classpath/gnu/javax/security/auth/login/ConfigFileParser.java
index f6c39bb3d7b..b5b5069233c 100644
--- a/libjava/classpath/gnu/javax/security/auth/login/ConfigFileParser.java
+++ b/libjava/classpath/gnu/javax/security/auth/login/ConfigFileParser.java
@@ -38,12 +38,15 @@ exception statement from your version. */
 
 package gnu.javax.security.auth.login;
 
+import gnu.java.security.Configuration;
+
 import java.io.IOException;
 import java.io.Reader;
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
+import java.util.logging.Logger;
 
 import javax.security.auth.login.AppConfigurationEntry;
 
@@ -88,26 +91,12 @@ import javax.security.auth.login.AppConfigurationEntry;
  */
 public final class ConfigFileParser
 {
-  // Constants and fields
-  // --------------------------------------------------------------------------
-
-  private static final boolean DEBUG = false;
-  private static final void debug(String m) {if (DEBUG) System.err.println(m);};
-
+  private static final Logger log = Logger.getLogger(ConfigFileParser.class.getName());
   private ConfigFileTokenizer cft;
   private Map map = new HashMap();
 
-  // Constructor(s)
-  // --------------------------------------------------------------------------
-
   // default 0-arguments constructor
 
-  // Class methods
-  // --------------------------------------------------------------------------
-
-  // Instance methods
-  // --------------------------------------------------------------------------
-
   /**
    * Returns the parse result as a {@link Map} where the keys are application
    * names, and the entries are {@link List}s of {@link AppConfigurationEntry}
@@ -161,7 +150,8 @@ public final class ConfigFileParser
       }
 
     String appName = cft.sval;
-    debug("DEBUG: APP_NAME_OR_OTHER = " + appName);
+    if (Configuration.DEBUG)
+      log.fine("APP_NAME_OR_OTHER = " + appName);
     if (cft.nextToken() != '{')
       abort("Missing '{' after APP_NAME_OR_OTHER");
 
@@ -202,13 +192,15 @@ public final class ConfigFileParser
       }
 
     String clazz = validateClassName(cft.sval);
-    debug("DEBUG: MODULE_CLASS = " + clazz);
+    if (Configuration.DEBUG)
+      log.fine("MODULE_CLASS = " + clazz);
 
     if (cft.nextToken() != ConfigFileTokenizer.TT_WORD)
       abort("Was expecting FLAG but found none");
 
     String flag = cft.sval;
-    debug("DEBUG: FLAG = " + flag);
+    if (Configuration.DEBUG)
+      log.fine("DEBUG: FLAG = " + flag);
     AppConfigurationEntry.LoginModuleControlFlag f = null;
     if (flag.equalsIgnoreCase("required"))
       f = AppConfigurationEntry.LoginModuleControlFlag.REQUIRED;
@@ -230,32 +222,39 @@ public final class ConfigFileParser
           abort("Was expecting PARAM_NAME but got '" + ((char) c) + "'");
 
         paramName = cft.sval;
-        debug("DEBUG: PARAM_NAME = " + paramName);
+        if (Configuration.DEBUG)
+          log.fine("PARAM_NAME = " + paramName);
         if (cft.nextToken() != '=')
           abort("Missing '=' after PARAM_NAME");
 
         c = cft.nextToken();
         if (c != '"' && c != '\'')
-          debug(" WARN: Was expecting a quoted string but got no quote " +
-                "character. Assume unquoted string");
-
+          {
+          if (Configuration.DEBUG)
+            log.fine("Was expecting a quoted string but got no quote character."
+                     + " Assume unquoted string");
+          }
         paramValue = expandParamValue(cft.sval);
-        debug("DEBUG: PARAM_VALUE = " + paramValue);
+        if (Configuration.DEBUG)
+          log.fine("PARAM_VALUE = " + paramValue);
         options.put(paramName, paramValue);
 
         c = cft.nextToken();
       }
-
     AppConfigurationEntry ace = new AppConfigurationEntry(clazz, f, options);
-    debug("DEBUG: LOGIN_MODULE_ENTRY = " + ace);
+    if (Configuration.DEBUG)
+      log.fine("LOGIN_MODULE_ENTRY = " + ace);
     listOfACEs.add(ace);
     return true;
   }
 
   private void abort(String m) throws IOException
   {
-    debug("ERROR: " + m);
-    debug("DEBUG: Map (so far) = " + String.valueOf(map));
+    if (Configuration.DEBUG)
+      {
+        log.fine(m);
+        log.fine("Map (so far) = " + String.valueOf(map));
+      }
     throw new IOException(m);
   }
 
@@ -264,12 +263,13 @@ public final class ConfigFileParser
     if (cn.startsWith(".") || cn.endsWith("."))
       abort("MODULE_CLASS MUST NOT start or end with a '.'");
 
-    String[] tokens = cn.split(".");
+    String[] tokens = cn.split("\\.");
     for (int i = 0; i < tokens.length; i++)
       {
         String t = tokens[i];
-        if (Character.isJavaIdentifierStart(cn.toCharArray()[0]))
-          abort("");
+        if (! Character.isJavaIdentifierStart(t.charAt(0)))
+          abort("Class name [" + cn
+                + "] contains an invalid sub-package identifier: " + t);
 
         // we dont check the rest of the characters for isJavaIdentifierPart()
         // because that's what the tokenizer does.
@@ -311,14 +311,17 @@ public final class ConfigFileParser
             int j = s.indexOf("}", i + 2);
             if (j == -1)
               {
-                debug(" WARN: Found a ${ prefix with no } suffix. Ignore");
+                if (Configuration.DEBUG)
+                  log.fine("Found a ${ prefix with no } suffix. Ignore");
                 break;
               }
 
             String sysPropName = s.substring(i + 2, j);
-            debug("DEBUG: Found a reference to System property " + sysPropName);
+            if (Configuration.DEBUG)
+              log.fine("Found a reference to System property " + sysPropName);
             String sysPropValue = System.getProperty(sysPropName);
-            debug("DEBUG: Resolved " + sysPropName + " to '" + sysPropValue + "'");
+            if (Configuration.DEBUG)
+              log.fine("Resolved " + sysPropName + " to '" + sysPropValue + "'");
             if (sysPropValue != null)
               {
                 result = s.substring(0, i) + sysPropValue + s.substring(j + 1);
@@ -330,7 +333,8 @@ public final class ConfigFileParser
       }
     catch (Exception x)
       {
-        debug(" WARN: Exception while expanding " + s + ". Ignore: " + x);
+        if (Configuration.DEBUG)
+          log.fine("Exception (ignored) while expanding " + s + ": " + x);
       }
 
     return result;
diff --git a/libjava/classpath/gnu/javax/security/auth/login/ConfigFileTokenizer.java b/libjava/classpath/gnu/javax/security/auth/login/ConfigFileTokenizer.java
index 2cfe916e400..06a1d2c7ce9 100644
--- a/libjava/classpath/gnu/javax/security/auth/login/ConfigFileTokenizer.java
+++ b/libjava/classpath/gnu/javax/security/auth/login/ConfigFileTokenizer.java
@@ -38,14 +38,17 @@ exception statement from your version. */
 
 package gnu.javax.security.auth.login;
 
+import gnu.java.security.Configuration;
+
 import java.io.BufferedReader;
 import java.io.IOException;
 import java.io.Reader;
+import java.util.logging.Logger;
 
 /**
  * A UTF-8 friendly, JAAS Login Module Configuration file tokenizer written in
  * the deault syntax. This class emulates, to a certain extent, the behavior of
- * a {@link java.io.SrteamTokenizer} instance <code>st</code>, when set as
+ * a {@link java.io.StreamTokenizer} instance <code>st</code>, when set as
  * follows:
  * 
  *  <pre>
@@ -76,12 +79,7 @@ import java.io.Reader;
  */
 public class ConfigFileTokenizer
 {
-  // Constants and fields
-  // --------------------------------------------------------------------------
-
-  private static final boolean DEBUG = false;
-  private static final void debug(String m) {if (DEBUG) System.err.println(m);};
-
+  private static final Logger log = Logger.getLogger(ConfigFileParser.class.getName());
   /** A constant indicating that the end of the stream has been read. */
   public static final int TT_EOF = -1;
   /** A constant indicating that a word token has been read. */
@@ -235,9 +233,12 @@ public class ConfigFileTokenizer
 
   private void abort(String m) throws IOException
   {
-    debug("DEBUG: " + m);
-    debug("DEBUG: sb = " + sb);
-    debug("DEBUG: sbNdx = " + sbNdx);
+    if (Configuration.DEBUG)
+      {
+        log.fine(m);
+        log.fine("sb = " + sb);
+        log.fine("sbNdx = " + sbNdx);
+      }
     throw new IOException(m);
   }
 }
diff --git a/libjava/classpath/gnu/javax/security/auth/login/GnuConfiguration.java b/libjava/classpath/gnu/javax/security/auth/login/GnuConfiguration.java
index f0b8594a0df..8cd61c9544c 100644
--- a/libjava/classpath/gnu/javax/security/auth/login/GnuConfiguration.java
+++ b/libjava/classpath/gnu/javax/security/auth/login/GnuConfiguration.java
@@ -50,6 +50,7 @@ import java.util.HashMap;
 import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
+import java.util.logging.Logger;
 
 import javax.security.auth.AuthPermission;
 import javax.security.auth.login.AppConfigurationEntry;
@@ -127,12 +128,7 @@ import javax.security.auth.login.Configuration;
  */
 public final class GnuConfiguration extends Configuration
 {
-  // Constants and fields
-  // --------------------------------------------------------------------------
-
-  private static final boolean DEBUG = true;
-  private static final void debug(String m) {if (DEBUG) System.err.println(m);};
-
+  private static final Logger log = Logger.getLogger(GnuConfiguration.class.getName());
   /**
    * The internal map of login modules keyed by application name. Each entry in
    * this map is a {@link List} of {@link AppConfigurationEntry}s for that
@@ -179,7 +175,8 @@ public final class GnuConfiguration extends Configuration
     if (loginModules == null || loginModules.size() == 0)
       return null;
 
-    debug("DEBUG: " + appName + " -> " + loginModules.size() + " entry(ies)");
+    if (gnu.java.security.Configuration.DEBUG)
+      log.fine(appName + " -> " + loginModules.size() + " entry(ies)");
     return (AppConfigurationEntry[]) loginModules.toArray(new AppConfigurationEntry[0]);
   }
 
@@ -193,7 +190,7 @@ public final class GnuConfiguration extends Configuration
    * @throws SecurityException if the caller does not have an
    * {@link AuthPermission} for the action named
    * <code>refreshLoginConfiguration</code>.
-   * @see {@link AuthPermission}
+   * @see AuthPermission
    */
   public void refresh()
   {
@@ -215,13 +212,25 @@ public final class GnuConfiguration extends Configuration
   private void init()
   {
     if (processSecurityProperties())
-      debug(" INFO: Using login configuration defined by Security property(ies)");
+      {
+        if (gnu.java.security.Configuration.DEBUG)
+          log.fine("Using login configuration defined by Security property(ies)");
+      }
     else if (processSystemProperty())
-      debug(" INFO: Using login configuration defined by System property");
+      {
+        if (gnu.java.security.Configuration.DEBUG)
+          log.fine("Using login configuration defined by System property");
+      }
     else if (processUserHome())
-      debug(" INFO: Using login configuration defined in ${user.home}");
+      {
+        if (gnu.java.security.Configuration.DEBUG)
+          log.fine("Using login configuration defined in ${user.home}");
+      }
     else
-      debug(" WARN: No login configuration file found");
+      {
+        if (gnu.java.security.Configuration.DEBUG)
+          log.fine("No login configuration file found");
+      }
   }
 
   /**
@@ -249,16 +258,18 @@ public final class GnuConfiguration extends Configuration
           s = s.trim();
           if (s.length() != 0)
             {
-              debug("DEBUG: java.security.auth.login.config.url." + counter
-                    + " = " + s);
+              if (gnu.java.security.Configuration.DEBUG)
+                log.fine("java.security.auth.login.config.url." + counter
+                         + " = " + s);
               parseConfig(getInputStreamFromURL(s));
               result = true;
             }
         }
       catch (Throwable t)
         {
-          debug(" WARN: Exception while handling Security property at #"
-                + counter + ". Continue: " + t);
+          if (gnu.java.security.Configuration.DEBUG)
+            log.fine("Exception while handling Security property at #"
+                     + counter + ". Continue: " + t);
         }
     return result;
   }
@@ -287,7 +298,8 @@ public final class GnuConfiguration extends Configuration
       }
     catch (MalformedURLException x)
       {
-        debug(" WARN: Failed opening as URL: " + s + ". Will try as File");
+        if (gnu.java.security.Configuration.DEBUG)
+          log.fine("Failed opening as URL: " + s + ". Will try as File");
         result = new FileInputStream(s);
       }
     return result;
@@ -311,7 +323,8 @@ public final class GnuConfiguration extends Configuration
             s = s.trim();
             if (s.length() != 0)
               {
-                debug("DEBUG: java.security.auth.login.config = " + s);
+                if (gnu.java.security.Configuration.DEBUG)
+                  log.fine("java.security.auth.login.config = " + s);
                 parseConfig(getInputStreamFromURL(s));
                 result = true;
               }
@@ -319,7 +332,8 @@ public final class GnuConfiguration extends Configuration
       }
     catch (Throwable t)
       {
-        debug(" WARN: Exception while handling System property. Continue: " + t);
+        if (gnu.java.security.Configuration.DEBUG)
+          log.fine("Exception while handling System property. Continue: " + t);
       }
     return result;
   }
@@ -349,8 +363,9 @@ public final class GnuConfiguration extends Configuration
 
         if (jaasFile == null)
           {
-            debug(" WARN: Login Configuration file, in " + userHome
-                    + ", does not exist or is inaccessible");
+            if (gnu.java.security.Configuration.DEBUG)
+              log.fine("Login Configuration file, in " + userHome
+                       + ", does not exist or is inaccessible");
             return result;
           }
 
@@ -360,7 +375,8 @@ public final class GnuConfiguration extends Configuration
       }
     catch (Throwable t)
       {
-        debug(" WARN: Exception while handling ${user.home}: " + t);
+        if (gnu.java.security.Configuration.DEBUG)
+          log.fine("Exception (ignored) while handling ${user.home}: " + t);
       }
     return result;
   }
@@ -397,54 +413,54 @@ public final class GnuConfiguration extends Configuration
     String uh = System.getProperty("user.home");
     if (uh == null || uh.trim().length() == 0)
       {
-        debug(" WARN: User home path is not set or is empty");
+        if (gnu.java.security.Configuration.DEBUG)
+          log.fine("User home path is not set or is empty");
         return null;
       }
-
     uh = uh.trim();
     File result = new File(uh);
-    if (!result.exists())
+    if (! result.exists())
       {
-        debug(" WARN: User home '" + uh + "' does not exist");
+        if (gnu.java.security.Configuration.DEBUG)
+          log.fine("User home '" + uh + "' does not exist");
         return null;
       }
-
-    if (!result.isDirectory())
+    if (! result.isDirectory())
       {
-        debug(" WARN: User home '" + uh + "' is not a directory");
+        if (gnu.java.security.Configuration.DEBUG)
+          log.fine("User home '" + uh + "' is not a directory");
         return null;
       }
-
-    if (!result.canRead())
+    if (! result.canRead())
       {
-        debug(" WARN: User home '" + uh + "' is not readable");
+        if (gnu.java.security.Configuration.DEBUG)
+          log.fine("User home '" + uh + "' is not readable");
         return null;
       }
-
     return result;
   }
 
   private File getConfigFromUserHome(File userHome, String fileName)
   {
     File result = new File(userHome, fileName);
-    if (!result.exists())
+    if (! result.exists())
       {
-        debug(" WARN: File '" + fileName + "' does not exist in user's home");
+        if (gnu.java.security.Configuration.DEBUG)
+          log.fine("File '" + fileName + "' does not exist in user's home");
         return null;
       }
-
-    if (!result.isFile())
+    if (! result.isFile())
       {
-        debug(" WARN: File '" + fileName + "' in user's home is not a file");
+        if (gnu.java.security.Configuration.DEBUG)
+          log.fine("File '" + fileName + "' in user's home is not a file");
         return null;
       }
-
-    if (!result.canRead())
+    if (! result.canRead())
       {
-        debug(" WARN: File '" + fileName + "' in user's home is not readable");
+        if (gnu.java.security.Configuration.DEBUG)
+          log.fine("File '" + fileName + "' in user's home is not readable");
         return null;
       }
-
     return result;
   }
 }
diff --git a/libjava/classpath/gnu/javax/sound/midi/file/ExtendedMidiFileFormat.java b/libjava/classpath/gnu/javax/sound/midi/file/ExtendedMidiFileFormat.java
new file mode 100644
index 00000000000..cb5a8e82dfa
--- /dev/null
+++ b/libjava/classpath/gnu/javax/sound/midi/file/ExtendedMidiFileFormat.java
@@ -0,0 +1,77 @@
+/* ExtendedMidiFileFormat.java -- extended with track count info.
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.sound.midi.file;
+
+/**
+ * ExtendedMidiFileFormat is a package private class that simply 
+ * adds the number of MIDI tracks for the MidiFileFormat class.
+ *
+ * @author Anthony Green (green@redhat.com)
+ */
+class ExtendedMidiFileFormat
+    extends javax.sound.midi.MidiFileFormat
+{
+  private int ntracks;
+  
+  /**
+   * Get the number of tracks for this MIDI file.
+   * 
+   * @return the number of tracks for this MIDI file
+   */
+  public int getNumberTracks()
+  {
+    return ntracks;
+  }
+  
+  /**
+   * Create an ExtendedMidiFileFormat object from the given parameters.
+   *
+   * @param type the MIDI file type (0, 1, or 2)
+   * @param divisionType the MIDI file division type
+   * @param resolution the MIDI file timing resolution
+   * @param bytes the MIDI file size in bytes
+   * @param microseconds the MIDI file length in microseconds
+   * @param ntracks the number of tracks
+   */
+  public ExtendedMidiFileFormat(int type, float divisionType, int resolution, 
+                                int bytes, long microseconds, int ntracks)
+  {
+    super(type, divisionType, resolution, bytes, microseconds);
+    this.ntracks = ntracks;
+  }
+}
diff --git a/libjava/classpath/gnu/javax/sound/midi/file/MidiDataInputStream.java b/libjava/classpath/gnu/javax/sound/midi/file/MidiDataInputStream.java
new file mode 100644
index 00000000000..010d17093c1
--- /dev/null
+++ b/libjava/classpath/gnu/javax/sound/midi/file/MidiDataInputStream.java
@@ -0,0 +1,83 @@
+/* MidiDataInputStream.java -- adds variable length MIDI ints
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.sound.midi.file;
+
+import java.io.DataInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+
+/**
+ * MidiDataInputStream is simply a DataInputStream with the addition
+ * of special variable length int reading as defined by the MIDI spec.
+ *
+ * @author Anthony Green (green@redhat.com)
+ */
+public class MidiDataInputStream
+    extends DataInputStream
+{
+  /**
+   * Create a MidiDataInputStream.
+   */
+  public MidiDataInputStream(InputStream is)
+  {
+    super(is);
+  }
+  
+  /**
+   * Read an int encoded in the MIDI-style variable length
+   * encoding format.
+   *
+   * @return an int
+   */
+  public int readVariableLengthInt()
+    throws IOException
+  {
+    int c, value = readByte();
+    
+    if ((value & 0x80) != 0)
+      {
+         value &= 0x7F;
+         do
+         {
+           value = (value << 7) + ((c = readByte()) & 0x7F);
+         } while ((c & 0x80) != 0);
+      }
+    
+    return value;   
+  }
+}
diff --git a/libjava/classpath/gnu/javax/sound/midi/file/MidiDataOutputStream.java b/libjava/classpath/gnu/javax/sound/midi/file/MidiDataOutputStream.java
new file mode 100644
index 00000000000..f9a3dac8e87
--- /dev/null
+++ b/libjava/classpath/gnu/javax/sound/midi/file/MidiDataOutputStream.java
@@ -0,0 +1,114 @@
+/* MidiDataOutputStream.java -- adds variable length MIDI ints
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.sound.midi.file;
+
+import java.io.DataOutputStream;
+import java.io.IOException;
+import java.io.OutputStream;
+
+/**
+ * MidiDataOutputStream is simply a DataOutputStream with the addition
+ * of special variable length int writing as defined by the MIDI spec.
+ *
+ * @author Anthony Green (green@redhat.com)
+ */
+public class MidiDataOutputStream
+    extends DataOutputStream
+{
+  /**
+   * Create a MidiDataOutputStream.
+   */
+  public MidiDataOutputStream(OutputStream os)
+  {
+    super(os);
+  }
+
+  /**
+   * Return the length of a variable length encoded int without
+   * writing it out.
+   *
+   * @return the length of the encoding
+   */
+  public int variableLengthIntLength (int value)
+  {
+    int length = 0;
+    int buffer = value & 0x7F;
+
+    while ((value >>= 7) != 0)
+      {
+	buffer <<= 8;
+	buffer |= ((value & 0x7F) | 0x80);
+      }
+      
+    while (true)
+      {
+	length++;
+	if ((buffer & 0x80) != 0)
+	  buffer >>>= 8;
+	else
+	  break;
+      }
+
+    return length;
+  }
+  
+  /**
+   * Write an int encoded in the MIDI-style variable length
+   * encoding format.
+   */
+  public synchronized void writeVariableLengthInt (int value) 
+    throws IOException
+  {
+    int buffer = value & 0x7F;
+
+    while ((value >>= 7) != 0)
+      {
+	buffer <<= 8;
+	buffer |= ((value & 0x7F) | 0x80);
+      }
+      
+    while (true)
+      {
+	writeByte(buffer & 0xff);
+	if ((buffer & 0x80) != 0)
+	  buffer >>>= 8;
+	else
+	  break;
+      }
+  }
+}
diff --git a/libjava/classpath/gnu/javax/sound/midi/file/MidiFileReader.java b/libjava/classpath/gnu/javax/sound/midi/file/MidiFileReader.java
new file mode 100644
index 00000000000..cb640e14a6a
--- /dev/null
+++ b/libjava/classpath/gnu/javax/sound/midi/file/MidiFileReader.java
@@ -0,0 +1,378 @@
+/* MidiFileReader.java -- Read MIDI files.
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.sound.midi.file;
+
+import java.io.DataInputStream;
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URL;
+
+import javax.sound.midi.InvalidMidiDataException;
+import javax.sound.midi.MetaMessage;
+import javax.sound.midi.MidiEvent;
+import javax.sound.midi.MidiFileFormat;
+import javax.sound.midi.MidiMessage;
+import javax.sound.midi.Sequence;
+import javax.sound.midi.ShortMessage;
+import javax.sound.midi.SysexMessage;
+import javax.sound.midi.Track;
+
+/**
+ * A MIDI file reader.
+ * 
+ * This code reads MIDI file types 0 and 1.  
+ *
+ * There are many decent documents on the web describing the MIDI file
+ * format.  I didn't bother looking for the official document.  If it
+ * exists, I'm not even sure if it is freely available.  We should
+ * update this comment if we find out anything helpful here.
+ *
+ * @author Anthony Green (green@redhat.com)
+ *
+ */
+public class MidiFileReader extends javax.sound.midi.spi.MidiFileReader 
+{
+  /* Get the MidiFileFormat for the given input stream.
+   * @see javax.sound.midi.spi.MidiFileReader#getMidiFileFormat(java.io.InputStream)
+   */
+  public MidiFileFormat getMidiFileFormat(InputStream in)
+    throws InvalidMidiDataException, IOException
+  {
+    DataInputStream din;
+    if (in instanceof DataInputStream)
+      din = (DataInputStream) in;
+    else
+      din = new DataInputStream(in);
+    
+    int type, ntracks, division, resolution, bytes;
+    float divisionType;
+    
+    if (din.readInt() != 0x4d546864) // "MThd"
+      throw new InvalidMidiDataException("Invalid MIDI chunk header.");
+
+    bytes = din.readInt();
+    if (bytes < 6)
+      throw new 
+	InvalidMidiDataException("Invalid MIDI chunk header length: " + bytes);
+
+    type = din.readShort();
+    if (type < 0 || type > 2)
+      throw new 
+	InvalidMidiDataException("Invalid MIDI file type value: " + type);
+    
+    ntracks = din.readShort();
+    if (ntracks <= 0)
+      throw new 
+	InvalidMidiDataException("Invalid number of MIDI tracks: " + ntracks);
+    
+    division = din.readShort();
+    if ((division & 0x8000) != 0)
+      {
+        division = -((division >>> 8) & 0xFF);
+        switch (division)
+          {
+          case 24:
+            divisionType = Sequence.SMPTE_24;
+            break;
+
+          case 25:
+            divisionType = Sequence.SMPTE_25;
+            break;
+
+          case 29:
+            divisionType = Sequence.SMPTE_30DROP;
+            break;
+
+          case 30:
+            divisionType = Sequence.SMPTE_30;
+            break;
+
+          default:
+            throw new 
+	      InvalidMidiDataException("Invalid MIDI frame division type: "
+				       + division);
+          }
+        resolution = division & 0xff;
+      }
+    else
+      {
+        divisionType = Sequence.PPQ;
+        resolution = division & 0x7fff;
+      }
+    
+    // If we haven't read every byte in the header now, just skip the rest.
+    din.skip(bytes - 6);
+    
+    return new ExtendedMidiFileFormat(type, divisionType, resolution,
+                                      MidiFileFormat.UNKNOWN_LENGTH,
+                                      MidiFileFormat.UNKNOWN_LENGTH, ntracks);
+  }
+
+  /* Get the MidiFileFormat from the given URL.
+   * @see javax.sound.midi.spi.MidiFileReader#getMidiFileFormat(java.net.URL)
+   */
+  public MidiFileFormat getMidiFileFormat(URL url)
+    throws InvalidMidiDataException, IOException
+  {		  
+    InputStream is = url.openStream();
+    try
+      {
+        return getMidiFileFormat(is);
+      }
+    finally
+      {
+        is.close();
+      }
+  }
+
+  /* Get the MidiFileFormat from the given file.
+   * @see javax.sound.midi.spi.MidiFileReader#getMidiFileFormat(java.io.File)
+   */
+  public MidiFileFormat getMidiFileFormat(File file)
+    throws InvalidMidiDataException, IOException
+  {
+    InputStream is = new FileInputStream(file);
+    try
+      {
+        return getMidiFileFormat(is);
+      }
+    finally
+      {
+        is.close();
+      }
+  }
+  
+  /* Get the MIDI Sequence found in this input stream.
+   * @see javax.sound.midi.spi.MidiFileReader#getSequence(java.io.InputStream)
+   */
+  public Sequence getSequence(InputStream is) throws InvalidMidiDataException,
+    IOException
+  {
+    MidiDataInputStream din = new MidiDataInputStream(is);
+    ExtendedMidiFileFormat mff = (ExtendedMidiFileFormat) getMidiFileFormat(din);
+
+    Sequence seq = new Sequence(mff.getDivisionType(), mff.getResolution());
+
+    int ntracks = mff.getNumberTracks();
+
+    while (ntracks-- > 0)
+      {
+        Track track = seq.createTrack();
+        int Mtrk = din.readInt();
+        if (Mtrk != 0x4d54726b)
+          throw new InvalidMidiDataException("Invalid MIDI track header.");
+        int length = din.readInt();
+
+        int runningStatus = -1;
+        int click = 0;
+
+        // Set this to true when we've hit an End of Track meta event.
+        boolean done = false;
+
+        // Read all events.
+        while (! done)
+          {
+            MidiMessage mm;
+            int dtime = din.readVariableLengthInt();
+            click += dtime;
+
+            int sbyte = din.readUnsignedByte();
+
+            if (sbyte < 0xf0)
+              {
+                ShortMessage sm;
+                switch (sbyte & 0xf0)
+                  {
+                  case ShortMessage.NOTE_OFF:
+                  case ShortMessage.NOTE_ON:
+                  case ShortMessage.POLY_PRESSURE:
+                  case ShortMessage.CONTROL_CHANGE:
+                  case ShortMessage.PITCH_BEND:
+                  case ShortMessage.SONG_POSITION_POINTER:
+                    sm = new ShortMessage();
+                    sm.setMessage(sbyte, din.readByte(), din.readByte());
+                    runningStatus = sbyte;
+                    break;
+
+                  case ShortMessage.PROGRAM_CHANGE:
+                  case ShortMessage.CHANNEL_PRESSURE:
+                  case ShortMessage.SONG_SELECT:
+                  case 0xF5: // FIXME: unofficial bus select. Not in spec??
+                    sm = new ShortMessage();
+                    sm.setMessage(sbyte, din.readByte(), 0);
+                    runningStatus = sbyte;
+                    break;
+
+                  case ShortMessage.TUNE_REQUEST:
+                  case ShortMessage.END_OF_EXCLUSIVE:
+                  case ShortMessage.TIMING_CLOCK:
+                  case ShortMessage.START:
+                  case ShortMessage.CONTINUE:
+                  case ShortMessage.STOP:
+                  case ShortMessage.ACTIVE_SENSING:
+                  case ShortMessage.SYSTEM_RESET:
+                    sm = new ShortMessage();
+                    sm.setMessage(sbyte, 0, 0);
+                    runningStatus = sbyte;
+                    break;
+
+                  default:
+                    if (runningStatus != - 1)
+                      {
+                        switch (runningStatus & 0xf0)
+                          {
+                          case ShortMessage.NOTE_OFF:
+                          case ShortMessage.NOTE_ON:
+                          case ShortMessage.POLY_PRESSURE:
+                          case ShortMessage.CONTROL_CHANGE:
+                          case ShortMessage.PITCH_BEND:
+                          case ShortMessage.SONG_POSITION_POINTER:
+                            sm = new ShortMessage();
+                            sm.setMessage(runningStatus, sbyte, din.readByte());
+                            break;
+
+                          case ShortMessage.PROGRAM_CHANGE:
+                          case ShortMessage.CHANNEL_PRESSURE:
+                          case ShortMessage.SONG_SELECT:
+                          case 0xF5: // FIXME: unofficial bus select. Not in
+			             // spec??
+                            sm = new ShortMessage();
+                            sm.setMessage(runningStatus, sbyte, 0);
+                            continue;
+
+                          case ShortMessage.TUNE_REQUEST:
+                          case ShortMessage.END_OF_EXCLUSIVE:
+                          case ShortMessage.TIMING_CLOCK:
+                          case ShortMessage.START:
+                          case ShortMessage.CONTINUE:
+                          case ShortMessage.STOP:
+                          case ShortMessage.ACTIVE_SENSING:
+                          case ShortMessage.SYSTEM_RESET:
+                            sm = new ShortMessage();
+                            sm.setMessage(runningStatus, 0, 0);
+                            continue;
+
+                          default:
+                            throw new 
+			      InvalidMidiDataException("Invalid Short MIDI Event: "
+						       + sbyte);
+                          }
+                      }
+                    else
+                      throw new 
+			InvalidMidiDataException("Invalid Short MIDI Event: "
+						 + sbyte);
+                  }
+                mm = sm;
+              }
+            else if (sbyte == 0xf0 || sbyte == 0xf7)
+              {
+                // System Exclusive event
+                int slen = din.readVariableLengthInt();
+                byte sysex[] = new byte[slen];
+                din.readFully(sysex);
+                SysexMessage sm = new SysexMessage();
+                sm.setMessage(sbyte, sysex, slen);
+                mm = sm;
+                runningStatus = - 1;
+              }
+            else if (sbyte == 0xff)
+              {
+                // Meta Message
+                byte mtype = din.readByte();
+                int mlen = din.readVariableLengthInt();
+                byte meta[] = new byte[mlen];
+                din.readFully(meta);
+                MetaMessage metam = new MetaMessage();
+                metam.setMessage(mtype, meta, mlen);
+                mm = metam;
+
+                if (mtype == 0x2f) // End of Track
+                  done = true;
+
+                runningStatus = - 1;
+              }
+            else
+              {
+                throw new InvalidMidiDataException("Invalid status byte: "
+                                                   + sbyte);
+              }
+
+            track.add(new MidiEvent(mm, click));
+          }
+      }
+
+    return seq;
+  }
+
+  /* Get the MIDI Sequence found at the given URL.
+   * @see javax.sound.midi.spi.MidiFileReader#getSequence(java.net.URL)
+   */
+  public Sequence getSequence(URL url) throws InvalidMidiDataException,
+    IOException 
+  {
+    InputStream is = url.openStream();
+    try
+      {
+	return getSequence(is);
+      }
+    finally
+      {
+	is.close();
+      }
+  }
+
+  /* Get the MIDI Sequence found in the given file.
+   * @see javax.sound.midi.spi.MidiFileReader#getSequence(java.io.File)
+   */
+  public Sequence getSequence(File file) throws InvalidMidiDataException,
+    IOException 
+  {
+    InputStream is = new FileInputStream(file);
+    try
+      {
+	return getSequence(is);
+      }
+    finally
+      {
+	is.close();
+      }
+  }
+}
diff --git a/libjava/classpath/gnu/javax/sound/midi/file/MidiFileWriter.java b/libjava/classpath/gnu/javax/sound/midi/file/MidiFileWriter.java
new file mode 100644
index 00000000000..71970d5ba6e
--- /dev/null
+++ b/libjava/classpath/gnu/javax/sound/midi/file/MidiFileWriter.java
@@ -0,0 +1,199 @@
+/* MidiFileWriter.java -- Write MIDI files.
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.sound.midi.file;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+
+import javax.sound.midi.MetaMessage;
+import javax.sound.midi.MidiEvent;
+import javax.sound.midi.Sequence;
+import javax.sound.midi.Track;
+
+/**
+ * A MIDI file writer.
+ * 
+ * This code writes MIDI file types 0 and 1.  
+ *
+ * There are many decent documents on the web describing the MIDI file
+ * format.  I didn't bother looking for the official document.  If it
+ * exists, I'm not even sure if it is freely available.  We should
+ * update this comment if we find out anything helpful here.
+ *
+ * @author Anthony Green (green@redhat.com)
+ *
+ */
+public class MidiFileWriter
+    extends javax.sound.midi.spi.MidiFileWriter
+{
+  /* Return an array indicating which midi file types are supported.
+   * @see javax.sound.midi.spi.MidiFileWriter#getMidiFileTypes()
+   */
+  public int[] getMidiFileTypes()
+  {
+    return new int[]{0, 1};
+  }
+
+  /* Return an array indicating which midi file types are supported
+   * for a given Sequence.
+   * @see javax.sound.midi.spi.MidiFileWriter#getMidiFileTypes(javax.sound.midi.Sequence)
+   */
+  public int[] getMidiFileTypes(Sequence sequence)
+  {
+    if (sequence.getTracks().length == 1)
+      return new int[]{0};
+    else
+      return new int[]{1};
+  }
+
+  /* Write a sequence to an output stream in standard midi format.
+   * @see javax.sound.midi.spi.MidiFileWriter#write(javax.sound.midi.Sequence, int, java.io.OutputStream)
+   */
+  public int write(Sequence in, int fileType, OutputStream out)
+      throws IOException
+  {
+    MidiDataOutputStream dos = new MidiDataOutputStream (out);
+    Track[] tracks = in.getTracks();
+    dos.writeInt(0x4d546864); // MThd
+    dos.writeInt(6);  
+    dos.writeShort(fileType);
+    dos.writeShort(tracks.length);
+    float divisionType = in.getDivisionType();
+    int resolution = in.getResolution();
+    // FIXME: division computation is incomplete.
+    int division = 0;
+    if (divisionType == Sequence.PPQ)
+      division = resolution & 0x7fff;
+    dos.writeShort(division); 
+    int length = 14;
+    for (int i = 0; i < tracks.length; i++)
+      length += writeTrack(tracks[i], dos);
+    return length;
+  }
+
+  /**
+   * Compute the length of a track as it will be written to the
+   * output stream.
+   *
+   * @param track the track to measure
+   * @param dos a MidiDataOutputStream used for helper method
+   * @return the length of the track
+   */
+  private int computeTrackLength(Track track, MidiDataOutputStream dos)
+  {
+    int count = 0, length = 0, i = 0, eventCount = track.size();
+    long ptick = 0;
+    while (i < eventCount)
+      {
+	MidiEvent me = track.get(i);
+	long tick = me.getTick();
+	length += dos.variableLengthIntLength((int) (tick - ptick));
+	ptick = tick;
+	length += me.getMessage().getLength();
+	i++;
+      } 
+    return length;
+  }
+
+  /**
+   * Write a track to an output stream.
+   *
+   * @param track the track to write
+   * @param dos a MidiDataOutputStream to write to
+   * @return the number of bytes written
+   */
+  private int writeTrack(Track track, MidiDataOutputStream dos)
+    throws IOException
+  {
+    int i = 0, elength = track.size(), trackLength;
+    MidiEvent pme = null;
+    dos.writeInt(0x4d54726b); // "MTrk"
+    trackLength = computeTrackLength(track, dos);
+    dos.writeInt(trackLength);
+    while (i < elength)
+      {
+	MidiEvent me = track.get(i);
+	int dtime = 0;
+	if (pme != null)
+	  dtime = (int) (me.getTick() - pme.getTick());
+	dos.writeVariableLengthInt(dtime); 
+	// FIXME: use running status byte
+	byte msg[] = me.getMessage().getMessage();
+	dos.write(msg);
+	pme = me;
+	i++;
+      } 
+
+    // We're done if the last event was an End of Track meta message.
+    if (pme != null && (pme.getMessage() instanceof MetaMessage))
+      {
+	MetaMessage mm = (MetaMessage) pme.getMessage();
+	if (mm.getType() == 0x2f) // End of Track message
+	  return trackLength + 8;
+      }
+
+    // Write End of Track meta message
+    dos.writeVariableLengthInt(0); // Delta time of 0
+    dos.writeByte(0xff); // Meta Message
+    dos.writeByte(0x2f); // End of Track message
+    dos.writeVariableLengthInt(0); // Length of 0
+
+    return trackLength + 8 + 4;
+  }
+
+  /* Write a Sequence to a file.
+   * @see javax.sound.midi.spi.MidiFileWriter#write(javax.sound.midi.Sequence, int, java.io.File)
+   */
+  public int write(Sequence in, int fileType, File out) throws IOException
+  {
+    OutputStream os = new FileOutputStream(out);
+    try
+      {
+	return write(in, fileType, os);
+      }
+    finally
+      {
+	os.close();
+      } 
+  }
+
+}
diff --git a/libjava/classpath/gnu/javax/sound/sampled/AU/AUReader.java b/libjava/classpath/gnu/javax/sound/sampled/AU/AUReader.java
new file mode 100644
index 00000000000..c9035df7338
--- /dev/null
+++ b/libjava/classpath/gnu/javax/sound/sampled/AU/AUReader.java
@@ -0,0 +1,212 @@
+/* AUReader.java -- Read AU files.
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.sound.sampled.AU;
+
+import javax.sound.sampled.AudioFormat;
+import javax.sound.sampled.AudioSystem;
+import javax.sound.sampled.AudioFileFormat;
+import javax.sound.sampled.AudioInputStream;
+import javax.sound.sampled.UnsupportedAudioFileException;
+import javax.sound.sampled.spi.AudioFileReader;
+import java.io.File;
+import java.io.IOException;
+import java.io.BufferedInputStream;
+import java.io.InputStream;
+import java.io.DataInputStream;
+import java.io.FileInputStream;
+import java.net.URL;
+import java.nio.ByteBuffer;
+
+public class AUReader extends AudioFileReader
+{
+  private static class AUHeader
+  {
+    // Magic number identifying the file. '.snd' 
+    private static final int MAGIC = 0x2e736e64;
+    
+    public static final int SIZE = 24; // size of the header
+    
+    // Encoding types
+    public static final int ULAW = 1; // 8-bit u-law
+    public static final int PCM8 = 2; // 8-bit PCM
+    public static final int PCM16 = 3; // 16-bit PCM
+    public static final int PCM24 = 4; // 24-bit PCM
+    public static final int PCM32 = 5; // 32-bit PCM
+    public static final int IEEE32 = 6; // 32-bit IEEE f.p.
+    public static final int IEEE64 = 7; // 64-bit IEEE f.p.
+    public static final int G721 = 23; 
+    public static final int G722 = 24; 
+    public static final int G723 = 25; 
+    public static final int G723_5BIT = 26; 
+    public static final int ALAW = 27; // 8-bit a-law
+
+    // Header data.
+    public int headerSize;
+    public int fileSize; // this value may not be set.
+    public int encoding;
+    public int sampleRate;
+    public int channels;
+    public int sampleSizeInBits;
+
+    public AUHeader(InputStream stream)
+      throws IOException, UnsupportedAudioFileException
+    {
+      byte[] hdr = new byte[24];
+      stream.read( hdr );
+      ByteBuffer buf = ByteBuffer.wrap(hdr);
+
+      if( buf.getInt() != MAGIC )
+	throw new UnsupportedAudioFileException("Not an AU format audio file.");
+      headerSize = buf.getInt(); 
+      fileSize = buf.getInt(); 
+      encoding = buf.getInt(); 
+      sampleRate = buf.getInt();
+      channels = buf.getInt(); 
+
+      switch(encoding)
+	{
+	case ULAW: 
+	case PCM8: 
+	case ALAW: 
+	  sampleSizeInBits = 8;
+	  break;
+	case PCM16:
+	  sampleSizeInBits = 16;
+	  break;
+	case PCM24:
+	  sampleSizeInBits = 24;
+	  break;
+	case PCM32:
+	  sampleSizeInBits = 32;
+	  break;
+	default:   // other types exist but are not supported. Yet.
+	  throw new UnsupportedAudioFileException("Unsupported encoding.");
+	}
+    }
+
+  public AudioFormat getAudioFormat()
+    {
+      AudioFormat.Encoding encType = AudioFormat.Encoding.PCM_SIGNED;
+      if(encoding == 1)
+	encType = AudioFormat.Encoding.ULAW;
+      if(encoding == 27)
+	encType = AudioFormat.Encoding.ALAW;
+      
+      return new AudioFormat(encType, 
+			     (float)sampleRate, 
+			     sampleSizeInBits, 
+			     channels, 
+			     (sampleSizeInBits >> 3) * channels, 
+			     (float)sampleRate, 
+			     true);
+    }
+
+  public AudioFileFormat getAudioFileFormat()
+    {
+      return new AudioFileFormat(new AUFormatType(), 
+				 getAudioFormat(), 
+				 AudioSystem.NOT_SPECIFIED);
+    }
+  }
+
+  public static class AUFormatType extends AudioFileFormat.Type
+  {
+    public AUFormatType()
+    {
+      super("AU", ".au");
+    }
+  }
+
+  public AudioFileFormat getAudioFileFormat(File file)
+    throws IOException, UnsupportedAudioFileException
+  {
+    return getAudioFileFormat(new FileInputStream(file));
+  }
+
+  public AudioFileFormat getAudioFileFormat(InputStream stream)
+    throws IOException, UnsupportedAudioFileException
+  {
+    if(!stream.markSupported()) 
+      throw new IOException("Stream must support marking.");    
+
+    stream.mark(25);
+    AUHeader header = new AUHeader(stream);
+    stream.reset();
+
+    return header.getAudioFileFormat();
+  }
+  
+  public AudioFileFormat getAudioFileFormat(URL url)
+    throws IOException, UnsupportedAudioFileException
+  {        
+    return getAudioFileFormat(new BufferedInputStream(url.openStream()));
+  }
+
+  public AudioInputStream getAudioInputStream(File file)
+    throws IOException, UnsupportedAudioFileException
+  {
+    InputStream stream = new FileInputStream(file);
+    long length = file.length();
+
+    AUHeader header = new AUHeader( stream );
+    if( header.headerSize > AUHeader.SIZE )
+      stream.skip(header.headerSize - AUHeader.SIZE);
+
+    length -= header.headerSize;
+
+    return new AudioInputStream(stream, header.getAudioFormat(), length);
+  }
+
+  public AudioInputStream getAudioInputStream(InputStream stream)
+    throws IOException, UnsupportedAudioFileException
+  {
+    AUHeader header = new AUHeader( stream );
+    if( header.headerSize > AUHeader.SIZE )
+      stream.skip(header.headerSize - AUHeader.SIZE);
+
+    return new AudioInputStream(stream, header.getAudioFormat(), 
+				AudioSystem.NOT_SPECIFIED);
+  }
+
+  public AudioInputStream getAudioInputStream(URL url)
+    throws IOException, UnsupportedAudioFileException
+  {
+    return getAudioInputStream(new BufferedInputStream(url.openStream()));
+  }
+}
+
diff --git a/libjava/classpath/gnu/javax/sound/sampled/WAV/WAVReader.java b/libjava/classpath/gnu/javax/sound/sampled/WAV/WAVReader.java
new file mode 100644
index 00000000000..0cf3c137797
--- /dev/null
+++ b/libjava/classpath/gnu/javax/sound/sampled/WAV/WAVReader.java
@@ -0,0 +1,236 @@
+/* WAVReader.java -- Read WAV files.
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.javax.sound.sampled.WAV;
+
+import java.io.File;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.DataInputStream;
+import java.io.FileInputStream;
+import java.net.URL;
+
+import javax.sound.sampled.AudioFormat;
+import javax.sound.sampled.AudioFileFormat;
+import javax.sound.sampled.AudioInputStream;
+import javax.sound.sampled.UnsupportedAudioFileException;
+import javax.sound.sampled.spi.AudioFileReader;
+
+/**
+ * A WAV file reader.
+ * 
+ * This code reads WAV files.
+ *
+ * There are many decent documents on the web describing the WAV file
+ * format.  I didn't bother looking for the official document.  If it
+ * exists, I'm not even sure if it is freely available.  We should
+ * update this comment if we find out anything helpful here.  I used
+ * http://www.sonicspot.com/guide/wavefiles.html
+ *
+ * @author Anthony Green (green@redhat.com)
+ *
+ */
+public class WAVReader extends AudioFileReader
+{
+  private static long readUnsignedIntLE (DataInputStream is) 
+    throws IOException
+  {
+    byte[] buf = new byte[4];
+    is.readFully(buf);
+    return (buf[0] & 0xFF 
+	    | ((buf[1] & 0xFF) << 8)
+	    | ((buf[2] & 0xFF) << 16)
+	    | ((buf[3] & 0xFF) << 24));
+  }
+
+  private static short readUnsignedShortLE (DataInputStream is) 
+    throws IOException
+  {
+    byte[] buf = new byte[2];
+    is.readFully(buf);
+    return (short) (buf[0] & 0xFF 
+		    | ((buf[1] & 0xFF) << 8));
+  }
+
+  /* Get an AudioFileFormat from the given File.
+   * @see javax.sound.sampled.spi.AudioFileReader#getAudioFileFormat(java.io.File)
+   */
+  public AudioFileFormat getAudioFileFormat(File file)
+      throws UnsupportedAudioFileException, IOException
+  {
+    InputStream is = new FileInputStream(file);
+    try
+      {
+        return getAudioFileFormat(is);
+      }
+    finally
+      {
+        is.close();
+      }
+  }
+
+  /* Get an AudioFileFormat from the given InputStream.
+   * @see javax.sound.sampled.spi.AudioFileReader#getAudioFileFormat(java.io.InputStream)
+   */
+  public AudioFileFormat getAudioFileFormat(InputStream in)
+      throws UnsupportedAudioFileException, IOException
+  {
+    DataInputStream din;
+
+    if (in instanceof DataInputStream)
+      din = (DataInputStream) in;
+    else
+      din = new DataInputStream(in);
+    
+    if (din.readInt() != 0x52494646) // "RIFF"
+      throw new UnsupportedAudioFileException("Invalid WAV chunk header.");
+
+    // Read the length of this RIFF thing.
+    readUnsignedIntLE(din);
+
+    if (din.readInt() != 0x57415645) // "WAVE"
+      throw new UnsupportedAudioFileException("Invalid WAV chunk header.");
+
+    boolean foundFmt = false;
+    boolean foundData = false;
+
+    short compressionCode = 0, numberChannels = 0, blockAlign = 0, bitsPerSample = 0;
+    long sampleRate = 0, bytesPerSecond = 0;
+    long chunkLength = 0;
+
+    while (! foundData)
+      {
+	int chunkId = din.readInt();
+	chunkLength = readUnsignedIntLE(din);
+	switch (chunkId)
+	  {
+	  case 0x666D7420: // "fmt "
+	    foundFmt = true;
+	    compressionCode = readUnsignedShortLE(din);
+	    numberChannels = readUnsignedShortLE(din);
+	    sampleRate = readUnsignedIntLE(din);
+	    bytesPerSecond = readUnsignedIntLE(din);
+	    blockAlign = readUnsignedShortLE(din);
+	    bitsPerSample = readUnsignedShortLE(din);
+	    din.skip(chunkLength - 16);
+	    break;
+	  case 0x66616374: // "fact"
+	    // FIXME: hold compression format dependent data.
+	    din.skip(chunkLength);
+	    break;
+	  case 0x64617461: // "data"
+	    if (! foundFmt)
+	      throw new UnsupportedAudioFileException("This implementation requires WAV fmt chunks precede data chunks.");
+	    foundData = true;
+	    break;
+	  default:
+	    // Unrecognized chunk.  Skip it.
+	    din.skip(chunkLength);
+	  }
+      }
+
+    AudioFormat.Encoding encoding;
+
+    switch (compressionCode)
+      {
+      case 1: // PCM/uncompressed
+	if (bitsPerSample <= 8)
+	  encoding = AudioFormat.Encoding.PCM_UNSIGNED;
+	else
+	  encoding = AudioFormat.Encoding.PCM_SIGNED;
+	break;
+
+      default:
+	throw new UnsupportedAudioFileException("Unrecognized WAV compression code: 0x" 
+						+ Integer.toHexString(compressionCode));
+      }
+
+    return new AudioFileFormat (AudioFileFormat.Type.WAVE,
+				new AudioFormat(encoding,
+						(float) sampleRate, 
+						bitsPerSample,
+						numberChannels, 
+						((bitsPerSample + 7) / 8) * numberChannels,
+						(float) bytesPerSecond, false),
+				(int) chunkLength);
+  }
+
+  /* Get an AudioFileFormat from the given URL.
+   * @see javax.sound.sampled.spi.AudioFileReader#getAudioFileFormat(java.net.URL)
+   */
+  public AudioFileFormat getAudioFileFormat(URL url)
+      throws UnsupportedAudioFileException, IOException
+  {
+    InputStream is = url.openStream();
+    try
+      {
+        return getAudioFileFormat(is);
+      }
+    finally
+      {
+        is.close();
+      }
+  }
+
+  /* Get an AudioInputStream from the given File.
+   * @see javax.sound.sampled.spi.AudioFileReader#getAudioInputStream(java.io.File)
+   */
+  public AudioInputStream getAudioInputStream(File file)
+      throws UnsupportedAudioFileException, IOException
+  {
+    return getAudioInputStream(new FileInputStream(file));
+  }
+
+  /* Get an AudioInputStream from the given InputStream.
+   * @see javax.sound.sampled.spi.AudioFileReader#getAudioInputStream(java.io.InputStream)
+   */
+  public AudioInputStream getAudioInputStream(InputStream stream)
+      throws UnsupportedAudioFileException, IOException
+  {
+    AudioFileFormat aff = getAudioFileFormat(stream);
+    return new AudioInputStream(stream, aff.getFormat(), (long) aff.getFrameLength());
+  }
+
+  /* Get an AudioInputStream from the given URL.
+   * @see javax.sound.sampled.spi.AudioFileReader#getAudioInputStream(java.net.URL)
+   */
+  public AudioInputStream getAudioInputStream(URL url)
+      throws UnsupportedAudioFileException, IOException
+  {
+    return getAudioInputStream(url.openStream());
+  }
+}
diff --git a/libjava/classpath/gnu/javax/swing/plaf/gnu/GNULookAndFeel.java b/libjava/classpath/gnu/javax/swing/plaf/gnu/GNULookAndFeel.java
index 67d6332df58..a9b504a387e 100644
--- a/libjava/classpath/gnu/javax/swing/plaf/gnu/GNULookAndFeel.java
+++ b/libjava/classpath/gnu/javax/swing/plaf/gnu/GNULookAndFeel.java
@@ -71,6 +71,7 @@ public class GNULookAndFeel extends BasicLookAndFeel
           "ScrollBar.background", new ColorUIResource(blueGray),
           "CheckBox.icon", new CheckBoxIcon(),
           "RadioButton.icon", new RadioButtonIcon(),
+          "Tree.hash", new ColorUIResource(Color.black),
 	  
 	"Tree.closedIcon",
 	  new IconUIResource(new ImageIcon
diff --git a/libjava/classpath/gnu/javax/swing/text/html/CharacterAttributeTranslator.java b/libjava/classpath/gnu/javax/swing/text/html/CharacterAttributeTranslator.java
index 5f7309583ea..06732e401fe 100644
--- a/libjava/classpath/gnu/javax/swing/text/html/CharacterAttributeTranslator.java
+++ b/libjava/classpath/gnu/javax/swing/text/html/CharacterAttributeTranslator.java
@@ -83,7 +83,7 @@ public class CharacterAttributeTranslator
    * @param colorName the color to convert.
    * @return the matching java.awt.color
    */
-  private static Color getColor(String colorName)
+  public static Color getColor(String colorName)
   {
     colorName = colorName.toLowerCase();
     try
diff --git a/libjava/classpath/gnu/javax/swing/text/html/parser/GnuParserDelegator.java b/libjava/classpath/gnu/javax/swing/text/html/parser/GnuParserDelegator.java
new file mode 100644
index 00000000000..841db667e84
--- /dev/null
+++ b/libjava/classpath/gnu/javax/swing/text/html/parser/GnuParserDelegator.java
@@ -0,0 +1,178 @@
+/* GnuParserDelegator.java -- The parser delegator which uses Swing DTD
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.javax.swing.text.html.parser;
+
+import java.io.IOException;
+import java.io.Reader;
+import java.io.Serializable;
+
+import javax.swing.text.BadLocationException;
+import javax.swing.text.html.HTMLEditorKit;
+import javax.swing.text.html.HTMLEditorKit.ParserCallback;
+import javax.swing.text.html.parser.DTD;
+import javax.swing.text.html.parser.ParserDelegator;
+import javax.swing.text.html.parser.TagElement;
+
+/**
+ * This parser delegator uses the different DTD ({@link HTML_401Swing}).
+ * It is derived from the ParserDelegator for the compatibility reasons.
+ * 
+ * @author Audrius Meskauskas (AudriusA@Bioinformatics.org) 
+ */
+public class GnuParserDelegator extends ParserDelegator implements Serializable
+{
+  class gnuParser
+    extends gnu.javax.swing.text.html.parser.support.Parser
+  {
+    private static final long serialVersionUID = 1;
+
+    gnuParser(DTD d)
+    {
+      super(d);
+    }
+
+    protected final void handleComment(char[] comment)
+    {
+      callBack.handleComment(comment, hTag.where.startPosition);
+    }
+
+    protected final void handleEmptyTag(TagElement tag)
+      throws javax.swing.text.ChangedCharSetException
+    {
+      callBack.handleSimpleTag(tag.getHTMLTag(), getAttributes(),
+                               hTag.where.startPosition
+                              );
+    }
+
+    protected final void handleEndTag(TagElement tag)
+    {
+      callBack.handleEndTag(tag.getHTMLTag(), hTag.where.startPosition);
+    }
+
+    protected final void handleError(int line, String message)
+    {
+      callBack.handleError(message, hTag.where.startPosition);
+    }
+
+    protected final void handleStartTag(TagElement tag)
+    {
+      htmlAttributeSet attributes = gnu.getAttributes();
+
+      if (tag.fictional())
+        attributes.addAttribute(ParserCallback.IMPLIED, Boolean.TRUE);
+
+      callBack.handleStartTag(tag.getHTMLTag(), attributes,
+                              hTag.where.startPosition
+                             );
+    }
+
+    protected final void handleText(char[] text)
+    {
+      callBack.handleText(text, hTag.where.startPosition);
+    }
+
+    DTD getDTD()
+    {
+      // Accessing the inherited gnu.javax.swing.text.html.parser.support.Parser
+      // field. super. is a workaround, required to support JDK1.3's javac.
+      return super.dtd;
+    }
+  }
+
+  /**
+   * Use serialVersionUID for interoperability.
+   */
+  private static final long serialVersionUID = -1276686502624777206L;
+
+  private DTD theDtd; 
+
+  /**
+   * The callback.
+   * This is package-private to avoid an accessor method.
+   */
+  HTMLEditorKit.ParserCallback callBack;
+
+  /**
+   * The reference to the working class of HTML parser that is
+   * actually used to parse the document.
+   * This is package-private to avoid an accessor method.
+   */
+  gnuParser gnu;
+  
+  /**
+   * Create the parser that uses the given DTD to parse the document.
+   * 
+   * @param theDtd the DTD
+   */
+  public GnuParserDelegator(DTD theDtd)
+  {
+    this.theDtd = theDtd;
+    gnu = new gnuParser(theDtd);
+  }
+
+  /**
+   * Parses the HTML document, calling methods of the provided callback. This
+   * method must be multithread - safe.
+   * 
+   * @param reader The reader to read the HTML document from
+   * @param a_callback The callback that is notifyed about the presence of HTML
+   *          elements in the document.
+   * @param ignoreCharSet If thrue, any charset changes during parsing are
+   *          ignored.
+   * @throws java.io.IOException
+   */
+  public void parse(Reader reader,
+                                 HTMLEditorKit.ParserCallback a_callback,
+                                 boolean ignoreCharSet) throws IOException
+  {
+    callBack = a_callback;
+    gnu.parse(reader);
+
+    callBack.handleEndOfLineString(gnu.getEndOfLineSequence());
+    try
+      {
+        callBack.flush();
+      }
+    catch (BadLocationException ex)
+      {
+        // Convert this into the supported type of exception.
+        throw new IOException(ex.getMessage());
+      }
+  }
+}
diff --git a/libjava/classpath/gnu/javax/swing/text/html/parser/HTML_401F.java b/libjava/classpath/gnu/javax/swing/text/html/parser/HTML_401F.java
index 1ed42a2ab98..c3c347e36e3 100644
--- a/libjava/classpath/gnu/javax/swing/text/html/parser/HTML_401F.java
+++ b/libjava/classpath/gnu/javax/swing/text/html/parser/HTML_401F.java
@@ -759,23 +759,8 @@ public class HTML_401F
       defElement(BODY, 0, true, true, null,
       NONE
       ,
-      new String[] {
-        PCDATA, A, ABBR, ACRONYM,
-        APPLET, B, BASEFONT, BDO, BIG,
-        BR, BUTTON, CITE, CODE, DFN,
-        EM, FONT, I, IFRAME, IMG,
-        INPUT, KBD, LABEL, MAP, OBJECT,
-        Q, S, SAMP, SCRIPT, SELECT,
-        SMALL, SPAN, STRIKE, STRONG, SUB,
-        SUP, TEXTAREA, TT, U, VAR,
-        ADDRESS, BLOCKQUOTE, CENTER, DEL, DIR,
-        DIV, DL, FIELDSET, FORM, H1,
-        H2, H3, H4, H5, H6,
-        HR, INS, ISINDEX, MENU, NOFRAMES,
-        NOSCRIPT, OL, P, PRE, TABLE,
-        UL
-      }
-    ,
+      getBodyElements()
+      ,
       new AttributeList[] {
         attr(sID, null, null, ID, IMPLIED),
         attr(CLASS, null, null, 0, IMPLIED),
@@ -3634,7 +3619,7 @@ public class HTML_401F
    * Crate a content model, consisting of the single
    * element, specified by name.
    */
-  private ContentModel model(String element)
+  protected ContentModel model(String element)
   {
     return new ContentModel(getElement(element));
   }
@@ -3653,7 +3638,7 @@ public class HTML_401F
 
   /**
    * Create the model HEAD, BODY
-   * @return
+   * @return the HTML content model of the whole document
    */
   protected ContentModel createHtmlContentModel()
   {
@@ -3725,5 +3710,27 @@ public class HTML_401F
     li.type = ul.type = ol.type = '|';
     return li;
   }
-
+  
+  /**
+   * Get elements that are allowed in the document body, at the zero level.
+   */
+  protected String[] getBodyElements()
+  {
+    return new String[] {
+        PCDATA, A, ABBR, ACRONYM,
+        APPLET, B, BASEFONT, BDO, BIG,
+        BR, BUTTON, CITE, CODE, DFN,
+        EM, FONT, I, IFRAME, IMG,
+        INPUT, KBD, LABEL, MAP, OBJECT,
+        Q, S, SAMP, SCRIPT, SELECT,
+        SMALL, SPAN, STRIKE, STRONG, SUB,
+        SUP, TEXTAREA, TT, U, VAR,
+        ADDRESS, BLOCKQUOTE, CENTER, DEL, DIR,
+        DIV, DL, FIELDSET, FORM, H1,
+        H2, H3, H4, H5, H6,
+        HR, INS, ISINDEX, MENU, NOFRAMES,
+        NOSCRIPT, OL, P, PRE, TABLE,
+        UL
+      };
+  }
 }
diff --git a/libjava/classpath/gnu/javax/swing/text/html/parser/HTML_401Swing.java b/libjava/classpath/gnu/javax/swing/text/html/parser/HTML_401Swing.java
new file mode 100644
index 00000000000..9c934f647de
--- /dev/null
+++ b/libjava/classpath/gnu/javax/swing/text/html/parser/HTML_401Swing.java
@@ -0,0 +1,91 @@
+/* HTML_401Swing.java -- The HTML 4.01 DTD, adapted for HTML rendering in Swing
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.javax.swing.text.html.parser;
+
+import javax.swing.text.html.parser.DTD;
+
+/**
+ * This class is necessary because the current implementation of the GNU
+ * Classpath Swing requires always enclose the text into paragraphs.
+ * 
+ * @author Audrius Meskauskas (AudriusA@Bioinformatics.org)
+ */
+public class HTML_401Swing extends HTML_401F
+{
+  /**
+   * The singleton instance;
+   */
+  final static HTML_401Swing singleton = new HTML_401Swing();
+  
+  /**
+   * Either takes the document (by name) from DTD table, or
+   * creates a new instance and registers it in the tabe.
+   * The document is registerd under name "-//W3C//DTD HTML 4.01 Frameset//EN".
+   * @return The new or existing DTD for parsing HTML 4.01 Frameset.
+   */
+  public static DTD getInstance()
+  {
+    return singleton;
+  }  
+  
+  /**
+   * Get elements that are allowed in the document body, at the zero level.
+   * This list disallows the text at this level (the implied P tag will be
+   * generated). It also disallows A, B, I, U, CITE and other similar
+   * elements that have the plain text inside. They will also be placed
+   * inside the generated implied P tags.
+   */
+  protected String[] getBodyElements()
+  {
+    return new String[] {
+        APPLET, BASEFONT,
+        BR, BUTTON, 
+        IFRAME, IMG,
+        INPUT, LABEL, MAP, OBJECT,
+        SCRIPT, SELECT,
+        TEXTAREA, 
+        BLOCKQUOTE, CENTER, DEL, DIR,
+        DIV, DL, FIELDSET, FORM, H1,
+        H2, H3, H4, H5, H6,
+        HR, INS, ISINDEX, MENU, NOFRAMES,
+        NOSCRIPT, OL, P, PRE, TABLE,
+        UL
+      };
+  }
+}
diff --git a/libjava/classpath/gnu/javax/swing/text/html/parser/SmallHtmlAttributeSet.java b/libjava/classpath/gnu/javax/swing/text/html/parser/SmallHtmlAttributeSet.java
index 45e1dce7b04..930a324f9b7 100644
--- a/libjava/classpath/gnu/javax/swing/text/html/parser/SmallHtmlAttributeSet.java
+++ b/libjava/classpath/gnu/javax/swing/text/html/parser/SmallHtmlAttributeSet.java
@@ -100,8 +100,6 @@ public class SmallHtmlAttributeSet
         key = en.nextElement();
         keys[i] = key;
         value = copyFrom.getAttribute(key);
-        if (value instanceof String)
-          value = ((String) value).toLowerCase();
         values[i] = value;
       }
   }
diff --git a/libjava/classpath/gnu/javax/swing/text/html/parser/htmlValidator.java b/libjava/classpath/gnu/javax/swing/text/html/parser/htmlValidator.java
index 1f9eee03a91..4d287a67763 100644
--- a/libjava/classpath/gnu/javax/swing/text/html/parser/htmlValidator.java
+++ b/libjava/classpath/gnu/javax/swing/text/html/parser/htmlValidator.java
@@ -233,7 +233,9 @@ public abstract class htmlValidator
                 Element fe = (Element) v;
 
                 // notify the content model that we add the proposed tag
-                getCurrentContentModel().show(fe);
+                node ccm = getCurrentContentModel();
+                if (ccm != null)
+                  ccm.show(fe);
                 openFictionalTag(fe);
 
                 Object vv = tagIsValidForContext(tElement);
@@ -301,13 +303,12 @@ public abstract class htmlValidator
   }
 
   /**
-   * Check if this tag is valid for the current context.
-   * Return Boolean.True if it is OK, Boolean.False
-   * if it is surely not OK or the Element that the
-   * content model recommends to insert making the situation
-   * ok. If Boolean.True is returned, the content model current
-   * position is moved forward. Otherwise this position remains
-   * the same.
+   * Check if this tag is valid for the current context. Return Boolean.True if
+   * it is OK, Boolean.False if it is surely not OK or the Element that the
+   * content model recommends to insert making the situation ok. If Boolean.True
+   * is returned, the content model current position is moved forward. Otherwise
+   * this position remains the same.
+   * 
    * @param tElement
    * @return
    */
@@ -321,7 +322,7 @@ public abstract class htmlValidator
 
     // Check exclusions and inclusions.
     ListIterator iter = stack.listIterator(stack.size());
-    hTag t;
+    hTag t = null;
     final int idx = tElement.getElement().index;
 
     // Check only known tags.
@@ -331,19 +332,27 @@ public abstract class htmlValidator
         while (iter.hasPrevious())
           {
             t = (hTag) iter.previous();
-            if (!t.forcibly_closed)
+            if (! t.forcibly_closed)
               {
-                if (t.element.exclusions != null &&
-                    t.element.exclusions.get(idx)
-                   )
+                if (t.element.exclusions != null
+                    && t.element.exclusions.get(idx))
                   return Boolean.FALSE;
 
                 if (t.element.inclusions != null)
                   inclusions.or(t.element.inclusions);
               }
           }
-        if (!inclusions.get(idx))
-          return Boolean.FALSE;
+        if (! inclusions.get(idx))
+          {
+            // If we need to insert something, and cannot do this, but
+            // it is allowed to insert the paragraph here, insert the
+            // paragraph.
+            Element P = dtd.getElement(HTML_401F.P);
+            if (inclusions.get(P.index))
+              return P;
+            else
+              return Boolean.FALSE;
+          }
       }
     return Boolean.TRUE;
   }
diff --git a/libjava/classpath/gnu/xml/dom/DomIterator.java b/libjava/classpath/gnu/xml/dom/DomIterator.java
index 472c6e80585..31f9982467b 100644
--- a/libjava/classpath/gnu/xml/dom/DomIterator.java
+++ b/libjava/classpath/gnu/xml/dom/DomIterator.java
@@ -1,5 +1,5 @@
 /* DomIterator.java -- 
-   Copyright (C) 1999,2000,2001 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2000, 2001, 2006 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -253,7 +253,13 @@ public final class DomIterator
       {
         return here.getFirstChild();
       }
-
+    
+    // There's no way up or sideways from the root, so if we
+    // couldn't move down to a child, there's nowhere to go.
+    //
+    if (here == root)
+      return null;
+    
     //
     // Siblings ... if forward, we visit them, if backwards
     // we visit their children first.
@@ -297,7 +303,9 @@ public final class DomIterator
       {
         next = next.getParentNode();
       }
-    if (next == root)
+    
+    // If we have exceeded the root node then stop traversing.
+    if (next == root.getParentNode())
       {
         return null;
       }
diff --git a/libjava/classpath/gnu/xml/stream/SAXParser.java b/libjava/classpath/gnu/xml/stream/SAXParser.java
index fd768a43da3..e58d5fb52ff 100644
--- a/libjava/classpath/gnu/xml/stream/SAXParser.java
+++ b/libjava/classpath/gnu/xml/stream/SAXParser.java
@@ -976,10 +976,56 @@ public class SAXParser
   public static void main(String[] args)
     throws Exception
   {
-    SAXParser parser = new SAXParser();
-    InputSource input = new InputSource(args[0]);
-    parser.parse(input, new org.xml.sax.helpers.DefaultHandler());
-    
+    boolean validating = false;
+    boolean namespaceAware = false;
+    boolean xIncludeAware = false;
+    boolean expectCallbackClass = false;
+    String callbackClass = null;
+    int pos = 0;
+    while (pos < args.length && (args[pos].startsWith("-") || expectCallbackClass))
+      {
+        if ("-x".equals(args[pos]))
+          xIncludeAware = true;
+        else if ("-v".equals(args[pos]))
+          validating = true;
+        else if ("-n".equals(args[pos]))
+          namespaceAware = true;
+        else if ("-c".equals(args[pos]))
+          expectCallbackClass = true;
+        else if (expectCallbackClass)
+          {
+            callbackClass = args[pos];
+            expectCallbackClass = false;
+          }
+        pos++;
+      }
+    if (pos >= args.length || expectCallbackClass)
+      {
+        System.out.println("Syntax: SAXParser [-n] [-v] [-x] [-c <class>] <file> [<file2> [...]]");
+        System.out.println("\t-n: use namespace aware mode");
+        System.out.println("\t-v: use validating parser");
+        System.out.println("\t-x: use XInclude aware mode");
+        System.out.println("\t-c <class>: use specified class as callback handler (must have a no-arg public constructor)");
+        System.exit(2);
+      }
+    while (pos < args.length)
+      {
+        ContentHandler handler = null;
+        if (callbackClass != null)
+          {
+            Class t = Class.forName(callbackClass);
+            handler = (ContentHandler) t.newInstance();
+          }
+        else
+          handler = new org.xml.sax.helpers.DefaultHandler();
+        SAXParser parser = new SAXParser(validating, namespaceAware,
+                                         xIncludeAware);
+        InputSource input = new InputSource(args[pos]);
+        XMLReader reader = parser.getXMLReader();
+        reader.setContentHandler(handler);
+        reader.parse(input);
+        pos++;
+      }
   }
   
 }
diff --git a/libjava/classpath/gnu/xml/stream/XMLParser.java b/libjava/classpath/gnu/xml/stream/XMLParser.java
index 87096eecf9e..ef3779944c3 100644
--- a/libjava/classpath/gnu/xml/stream/XMLParser.java
+++ b/libjava/classpath/gnu/xml/stream/XMLParser.java
@@ -56,6 +56,8 @@ package gnu.xml.stream;
 import java.io.BufferedInputStream;
 import java.io.EOFException;
 import java.io.File;
+import java.io.FileOutputStream;
+import java.io.FileWriter;
 import java.io.InputStream;
 import java.io.InputStreamReader;
 import java.io.IOException;
@@ -86,6 +88,8 @@ import javax.xml.stream.XMLStreamException;
 import javax.xml.stream.XMLStreamReader;
 
 import gnu.java.net.CRLFInputStream;
+import gnu.classpath.debug.TeeInputStream;
+import gnu.classpath.debug.TeeReader;
 
 /**
  * An XML parser.
@@ -420,6 +424,21 @@ public class XMLParser
         ids = new HashSet();
         idrefs = new HashSet();
       }
+    String debug = System.getProperty("gnu.xml.debug.input");
+    if (debug != null)
+      {
+        try
+          {
+            File file = File.createTempFile(debug, ".xml");
+            in = new TeeInputStream(in, new FileOutputStream(file));
+          }
+        catch (IOException e)
+          {
+            RuntimeException e2 = new RuntimeException();
+            e2.initCause(e);
+            throw e2;
+          }
+      }
     pushInput(new Input(in, null, null, systemId, null, null, false, true));
   }
 
@@ -479,6 +498,21 @@ public class XMLParser
         ids = new HashSet();
         idrefs = new HashSet();
       }
+    String debug = System.getProperty("gnu.xml.debug.input");
+    if (debug != null)
+      {
+        try
+          {
+            File file = File.createTempFile(debug, ".xml");
+            reader = new TeeReader(reader, new FileWriter(file));
+          }
+        catch (IOException e)
+          {
+            RuntimeException e2 = new RuntimeException();
+            e2.initCause(e);
+            throw e2;
+          }
+      }
     pushInput(new Input(null, reader, null, systemId, null, null, false, true));
   }
 
@@ -1332,6 +1366,15 @@ public class XMLParser
         return false;
       }
     count += l2;
+    // check the characters we received first before doing additional reads
+    for (int i = 0; i < count; i++)
+      {
+        if (chars[i] != tmpBuf[i])
+          {
+            reset();
+            return false;
+          }
+      }
     while (count < len)
       {
         // force read
@@ -1341,15 +1384,14 @@ public class XMLParser
             reset();
             return false;
           }
-        tmpBuf[count++] = (char) c;
-      }
-    for (int i = 0; i < len; i++)
-      {
-        if (chars[i] != tmpBuf[i])
+        tmpBuf[count] = (char) c;
+        // check each character as it is read
+        if (chars[count] != tmpBuf[count])
           {
             reset();
             return false;
           }
+        count++;
       }
     return true;
   }
@@ -4250,97 +4292,131 @@ public class XMLParser
   public static void main(String[] args)
     throws Exception
   {
+    boolean validating = false;
+    boolean namespaceAware = false;
     boolean xIncludeAware = false;
-    if (args.length > 1 && "-x".equals(args[1]))
-      xIncludeAware = true;
-    XMLParser p = new XMLParser(new java.io.FileInputStream(args[0]),
-                                absolutize(null, args[0]),
-                                true, // validating
-                                true, // namespaceAware
-                                true, // coalescing,
-                                true, // replaceERefs
-                                true, // externalEntities
-                                true, // supportDTD
-                                true, // baseAware
-                                true, // stringInterning
-                                true, // extendedEventTypes
-                                null,
-                                null);
-    XMLStreamReader reader = p;
-    if (xIncludeAware)
-      reader = new XIncludeFilter(p, args[0], true, true, true);
-    try
+    int pos = 0;
+    while (pos < args.length && args[pos].startsWith("-"))
       {
-        int event;
-        //do
-        while (reader.hasNext())
+        if ("-x".equals(args[pos]))
+          xIncludeAware = true;
+        else if ("-v".equals(args[pos]))
+          validating = true;
+        else if ("-n".equals(args[pos]))
+          namespaceAware = true;
+        pos++;
+      }
+    if (pos >= args.length)
+      {
+        System.out.println("Syntax: XMLParser [-n] [-v] [-x] <file> [<file2> [...]]");
+        System.out.println("\t-n: use namespace aware mode");
+        System.out.println("\t-v: use validating parser");
+        System.out.println("\t-x: use XInclude aware mode");
+        System.exit(2);
+      }
+    while (pos < args.length)
+      {
+        XMLParser p = new XMLParser(new java.io.FileInputStream(args[pos]),
+                                    absolutize(null, args[pos]),
+                                    validating, // validating
+                                    namespaceAware, // namespaceAware
+                                    true, // coalescing,
+                                    true, // replaceERefs
+                                    true, // externalEntities
+                                    true, // supportDTD
+                                    true, // baseAware
+                                    true, // stringInterning
+                                    true, // extendedEventTypes
+                                    null,
+                                    null);
+        XMLStreamReader reader = p;
+        if (xIncludeAware)
+          reader = new XIncludeFilter(p, args[pos], true, true, true);
+        try
           {
-            event = reader.next();
-            Location loc = reader.getLocation();
-            System.out.print(loc.getLineNumber()+":"+loc.getColumnNumber()+" ");
-            switch (event)
+            int event;
+            //do
+            while (reader.hasNext())
               {
-              case XMLStreamConstants.START_DOCUMENT:
-                System.out.println("START_DOCUMENT version="+reader.getVersion()+
-                                   " encoding="+reader.getEncoding());
-                break;
-              case XMLStreamConstants.END_DOCUMENT:
-                System.out.println("END_DOCUMENT");
-                break;
-              case XMLStreamConstants.START_ELEMENT:
-                System.out.println("START_ELEMENT "+reader.getName());
-                int l = reader.getNamespaceCount();
-                for (int i = 0; i < l; i++)
-                  System.out.println("\tnamespace "+reader.getNamespacePrefix(i)+
-                                     "='"+reader.getNamespaceURI(i)+"'");
-                l = reader.getAttributeCount();
-                for (int i = 0; i < l; i++)
-                  System.out.println("\tattribute "+reader.getAttributeName(i)+
-                                     "='"+reader.getAttributeValue(i)+"'");
-                break;
-              case XMLStreamConstants.END_ELEMENT:
-                System.out.println("END_ELEMENT "+reader.getName());
-                break;
-              case XMLStreamConstants.CHARACTERS:
-                System.out.println("CHARACTERS '"+encodeText(reader.getText())+"'");
-                break;
-              case XMLStreamConstants.CDATA:
-                System.out.println("CDATA '"+encodeText(reader.getText())+"'");
-                break;
-              case XMLStreamConstants.SPACE:
-                System.out.println("SPACE '"+encodeText(reader.getText())+"'");
-                break;
-              case XMLStreamConstants.DTD:
-                System.out.println("DTD "+reader.getText());
-                break;
-              case XMLStreamConstants.ENTITY_REFERENCE:
-                System.out.println("ENTITY_REFERENCE "+reader.getText());
-                break;
-              case XMLStreamConstants.COMMENT:
-                System.out.println("COMMENT '"+encodeText(reader.getText())+"'");
-                break;
-              case XMLStreamConstants.PROCESSING_INSTRUCTION:
-                System.out.println("PROCESSING_INSTRUCTION "+reader.getPITarget()+
-                                   " "+reader.getPIData());
-                break;
-              case START_ENTITY:
-                System.out.println("START_ENTITY "+reader.getText());
-                break;
-              case END_ENTITY:
-                System.out.println("END_ENTITY "+reader.getText());
-                break;
-              default:
-                System.out.println("Unknown event: "+event);
+                event = reader.next();
+                Location loc = reader.getLocation();
+                System.out.print(loc.getLineNumber() + ":" + 
+                                 loc.getColumnNumber() + " ");
+                switch (event)
+                  {
+                  case XMLStreamConstants.START_DOCUMENT:
+                    System.out.println("START_DOCUMENT version=" +
+                                       reader.getVersion() +
+                                       " encoding=" +
+                                       reader.getEncoding());
+                    break;
+                  case XMLStreamConstants.END_DOCUMENT:
+                    System.out.println("END_DOCUMENT");
+                    break;
+                  case XMLStreamConstants.START_ELEMENT:
+                    System.out.println("START_ELEMENT " +
+                                       reader.getName());
+                    int l = reader.getNamespaceCount();
+                    for (int i = 0; i < l; i++)
+                      System.out.println("\tnamespace " +
+                                         reader.getNamespacePrefix(i) + "='" +
+                                         reader.getNamespaceURI(i)+"'");
+                    l = reader.getAttributeCount();
+                    for (int i = 0; i < l; i++)
+                      System.out.println("\tattribute " +
+                                         reader.getAttributeName(i) + "='" +
+                                         reader.getAttributeValue(i) + "'");
+                    break;
+                  case XMLStreamConstants.END_ELEMENT:
+                    System.out.println("END_ELEMENT " + reader.getName());
+                    break;
+                  case XMLStreamConstants.CHARACTERS:
+                    System.out.println("CHARACTERS '" +
+                                       encodeText(reader.getText()) + "'");
+                    break;
+                  case XMLStreamConstants.CDATA:
+                    System.out.println("CDATA '" +
+                                       encodeText(reader.getText()) + "'");
+                    break;
+                  case XMLStreamConstants.SPACE:
+                    System.out.println("SPACE '" +
+                                       encodeText(reader.getText()) + "'");
+                    break;
+                  case XMLStreamConstants.DTD:
+                    System.out.println("DTD " + reader.getText());
+                    break;
+                  case XMLStreamConstants.ENTITY_REFERENCE:
+                    System.out.println("ENTITY_REFERENCE " + reader.getText());
+                    break;
+                  case XMLStreamConstants.COMMENT:
+                    System.out.println("COMMENT '" +
+                                       encodeText(reader.getText()) + "'");
+                    break;
+                  case XMLStreamConstants.PROCESSING_INSTRUCTION:
+                    System.out.println("PROCESSING_INSTRUCTION " +
+                                       reader.getPITarget() + " " +
+                                       reader.getPIData());
+                    break;
+                  case START_ENTITY:
+                    System.out.println("START_ENTITY " + reader.getText());
+                    break;
+                  case END_ENTITY:
+                    System.out.println("END_ENTITY " + reader.getText());
+                    break;
+                  default:
+                    System.out.println("Unknown event: " + event);
+                  }
               }
           }
-      }
-    catch (XMLStreamException e)
-      {
-        Location l = reader.getLocation();
-        System.out.println("At line "+l.getLineNumber()+
-                           ", column "+l.getColumnNumber()+
-                           " of "+l.getSystemId());
-        throw e;
+        catch (XMLStreamException e)
+          {
+            Location l = reader.getLocation();
+            System.out.println("At line "+l.getLineNumber()+
+                               ", column "+l.getColumnNumber()+
+                               " of "+l.getSystemId());
+            throw e;
+          }
+        pos++;
       }
   }
 
@@ -5039,7 +5115,6 @@ public class XMLParser
     void mark(int len)
       throws IOException
     {
-      //System.out.println("  mark:"+len);
       markOffset = offset;
       markLine = line;
       markColumn = column;
@@ -5082,7 +5157,9 @@ public class XMLParser
     {
       int ret;
       if (unicodeReader != null)
-        ret = unicodeReader.read(b, off, len);
+        {
+          ret = unicodeReader.read(b, off, len);
+        }
       else
         {
           byte[] b2 = new byte[len];
diff --git a/libjava/classpath/gnu/xml/transform/ApplyTemplatesNode.java b/libjava/classpath/gnu/xml/transform/ApplyTemplatesNode.java
index 38b605a07ed..041809bdf1a 100644
--- a/libjava/classpath/gnu/xml/transform/ApplyTemplatesNode.java
+++ b/libjava/classpath/gnu/xml/transform/ApplyTemplatesNode.java
@@ -80,7 +80,7 @@ final class ApplyTemplatesNode
     List sortKeys2 = new ArrayList(len);
     for (int i = 0; i < len; i++)
       sortKeys2.add(((Key) sortKeys.get(i)).clone(stylesheet));
-    len = withParams.size();
+    len = withParams != null ? withParams.size() : 0;
     List withParams2 = new ArrayList(len);
     for (int i = 0; i < len; i++)
       withParams2.add(((WithParam) withParams.get(i)).clone(stylesheet));
diff --git a/libjava/classpath/gnu/xml/transform/ForEachNode.java b/libjava/classpath/gnu/xml/transform/ForEachNode.java
index c8f51a6febb..25b824534c9 100644
--- a/libjava/classpath/gnu/xml/transform/ForEachNode.java
+++ b/libjava/classpath/gnu/xml/transform/ForEachNode.java
@@ -67,7 +67,7 @@ final class ForEachNode
 
   TemplateNode clone(Stylesheet stylesheet)
   {
-    int len = sortKeys.size();
+    int len = sortKeys != null ? sortKeys.size() : 0;
     List sortKeys2 = new ArrayList(len);
     for (int i = 0; i < len; i++)
       sortKeys2.add(((Key) sortKeys.get(i)).clone(stylesheet));
diff --git a/libjava/classpath/gnu/xml/transform/TransformerImpl.java b/libjava/classpath/gnu/xml/transform/TransformerImpl.java
index 6a0a5be1643..732a911bd8c 100644
--- a/libjava/classpath/gnu/xml/transform/TransformerImpl.java
+++ b/libjava/classpath/gnu/xml/transform/TransformerImpl.java
@@ -238,7 +238,7 @@ class TransformerImpl
       outputProperties.getProperty(OutputKeys.CDATA_SECTION_ELEMENTS);
     boolean indent =
       "yes".equals(outputProperties.getProperty(OutputKeys.INDENT));
-    if (created)
+    if (created && parent instanceof DomDocument)
       {
         // Discover document element
         DomDocument resultDoc = (DomDocument) parent;
@@ -320,7 +320,7 @@ class TransformerImpl
       }
     if (indent)
       {
-        if (created)
+        if (created && parent instanceof DomDocument)
           {
             DomDocument domDoc = (DomDocument) parent;
             domDoc.setBuilding(true);
@@ -332,7 +332,7 @@ class TransformerImpl
           (Document) parent :
           parent.getOwnerDocument();
         reindent(resultDoc, parent, 0);
-        if (created)
+        if (created && parent instanceof DomDocument)
           {
             DomDocument domDoc = (DomDocument) parent;
             domDoc.setBuilding(false);
@@ -576,6 +576,19 @@ class TransformerImpl
           }
         catch (IOException e)
           {
+            if (errorListener != null)
+              {
+                try
+                  {
+                    errorListener.error(new TransformerException(e));
+                  }
+                catch (TransformerException e2)
+                  {
+                    e2.printStackTrace(System.err);
+                  }
+              }
+            else
+              e.printStackTrace(System.err);
           }
       }
   }