Makefile.def: Remove libjava.

2016-09-30 Andrew Haley <aph@redhat.com> * Makefile.def: Remove libjava. * Makefile.tpl: Likewise. * Makefile.in: Regenerate. * configure.ac: Likewise. * configure: Likewise. * gcc/java: Remove. * libjava: Likewise. From-SVN: r240662
author: Andrew Haley <aph@redhat.com> 2016-09-30 16:24:48 +0000
committer: Andrew Haley <aph@gcc.gnu.org> 2016-09-30 16:24:48 +0000
commit: 07b78716af6a9d7c9fd1e94d9baf94a52c873947 (patch)
tree: 3f22b3241c513ad168c8353805614ae1249410f4 /libjava/classpath/java/security/cert
parent: eae993948bae8b788c53772bcb9217c063716f93 (diff)
download: gcc-07b78716af6a9d7c9fd1e94d9baf94a52c873947.zip
gcc-07b78716af6a9d7c9fd1e94d9baf94a52c873947.tar.gz
gcc-07b78716af6a9d7c9fd1e94d9baf94a52c873947.tar.bz2
43 files changed, 0 insertions, 8624 deletions
diff --git a/libjava/classpath/java/security/cert/CRL.java b/libjava/classpath/java/security/cert/CRL.java
deleted file mode 100644
index 1eaa70f..0000000
--- a/libjava/classpath/java/security/cert/CRL.java
+++ /dev/null
@@ -1,98 +0,0 @@
-/* CRL.java --- Certificate Revocation List
-   Copyright (C) 1999 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-/**
-   Certificate Revocation List class for managing CRLs that
-   have different formats but the same general use. They
-   all serve as lists of revoked certificates and can
-   be queried for a given certificate.
-
-   Specialized CRLs extend this class.
-
-   @author Mark Benvenuto
-
-   @since JDK 1.2
-*/
-public abstract class CRL
-{
-
-  private String type;
-
-  /**
-     Creates a new CRL for the specified type. An example
-     is "X.509".
-
-     @param type the standard name for the CRL type.
-  */
-  protected CRL(String type)
-  {
-    this.type = type;
-  }
-
-  /**
-     Returns the CRL type.
-
-     @return a string representing the CRL type
-  */
-  public final String getType()
-  {
-    return type;
-  }
-
-  /**
-     Returns a string representing the CRL.
-
-     @return a string representing the CRL.
-  */
-  public abstract String toString();
-
-  /**
-     Determines whether or not the specified Certificate
-     is revoked.
-
-     @param cert A certificate to check if it is revoked
-
-     @return true if the certificate is revoked,
-     false otherwise.
-  */
-  public abstract boolean isRevoked(Certificate cert);
-
-
-}
diff --git a/libjava/classpath/java/security/cert/CRLException.java b/libjava/classpath/java/security/cert/CRLException.java
deleted file mode 100644
index 10171c4..0000000
--- a/libjava/classpath/java/security/cert/CRLException.java
+++ /dev/null
@@ -1,95 +0,0 @@
-/* CRLException.java -- Certificate Revocation List Exception
-   Copyright (C) 1999, 2002, 2006 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-import java.security.GeneralSecurityException;
-
-/**
- * Exception for a Certificate Revocation List.
- *
- * @author Mark Benvenuto
- * @since 1.2
- * @status updated to 1.5
-*/
-public class CRLException extends GeneralSecurityException
-{
-  /**
-   * Compatible with JDK 1.2+.
-   */
-  private static final long serialVersionUID = -6694728944094197147L;
-
-  /**
-   * Constructs an CRLExceptionwithout a message string.
-   */
-  public CRLException()
-  {
-  }
-
-  /**
-   * Constructs an CRLException with a message string.
-   *
-   * @param msg a message to display with exception
-   */
-  public CRLException(String msg)
-  {
-    super(msg);
-  }
-
-  /**
-   * Create a new instance with a descriptive error message and
-   * a cause.
-   * @param s the descriptive error message
-   * @param cause the cause
-   * @since 1.5
-   */
-  public CRLException(String s, Throwable cause)
-  {
-    super(s, cause);
-  }
-
-  /**
-   * Create a new instance with a cause.
-   * @param cause the cause
-   * @since 1.5
-   */
-  public CRLException(Throwable cause)
-  {
-    super(cause);
-  }
-}
diff --git a/libjava/classpath/java/security/cert/CRLSelector.java b/libjava/classpath/java/security/cert/CRLSelector.java
deleted file mode 100644
index 6cd657c..0000000
--- a/libjava/classpath/java/security/cert/CRLSelector.java
+++ /dev/null
@@ -1,69 +0,0 @@
-/* CRLSelector.java -- matches CRLs against criteria.
-   Copyright (C) 2003 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-/**
- * A generic interface to classes that match certificate revocation
- * lists (CRLs) to some given criteria. Implementations of this
- * interface are useful for finding {@link CRL} objects in a {@link
- * CertStore}.
- *
- * @see CertStore
- * @see CertSelector
- * @see X509CRLSelector
- */
-public interface CRLSelector extends Cloneable
-{
-
-  /**
-   * Returns a clone of this instance.
-   *
-   * @return The clone.
-   */
-  Object clone();
-
-  /**
-   * Match a given certificate revocation list to this selector's
-   * criteria, returning true if it matches, false otherwise.
-   *
-   * @param crl The certificate revocation list to test.
-   * @return The boolean result of this test.
-   */
-  boolean match(CRL crl);
-}
diff --git a/libjava/classpath/java/security/cert/CertPath.java b/libjava/classpath/java/security/cert/CertPath.java
deleted file mode 100644
index 7211647..0000000
--- a/libjava/classpath/java/security/cert/CertPath.java
+++ /dev/null
@@ -1,254 +0,0 @@
-/* CertPath.java -- a sequence of certificates
-   Copyright (C) 2002, 2005  Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-package java.security.cert;
-
-import gnu.java.lang.CPStringBuilder;
-
-import java.io.ByteArrayInputStream;
-import java.io.NotSerializableException;
-import java.io.ObjectStreamException;
-import java.io.Serializable;
-import java.util.Iterator;
-import java.util.List;
-
-/**
- * This class represents an immutable sequence, or path, of security
- * certificates. The path type must match the type of each certificate in the
- * path, or in other words, for all instances of cert in a certpath object,
- * <code>cert.getType().equals(certpath.getType())</code> will return true.
- *
- * <p>Since this class is immutable, it is thread-safe. During serialization,
- * the path is consolidated into a {@link CertPathRep}, which preserves the
- * data regardless of the underlying implementation of the path.
- *
- * @author Eric Blake (ebb9@email.byu.edu)
- * @since 1.4
- * @status updated to 1.4
- */
-public abstract class CertPath implements Serializable
-{
-  /**
-   * The serialized representation of a path.
-   *
-   * @author Eric Blake (ebb9@email.byu.edu)
-   */
-  protected static class CertPathRep implements Serializable
-  {
-    /**
-     * Compatible with JDK 1.4+.
-     */
-    private static final long serialVersionUID = 3015633072427920915L;
-
-    /**
-     * The certificate type.
-     *
-     * @serial the type of the certificate path
-     */
-    private final String type;
-
-    /**
-     * The encoded form of the path.
-     *
-     * @serial the encoded form
-     */
-    private final byte[] data;
-
-    /**
-     * Create the new serial representation.
-     *
-     * @param type the path type
-     * @param data the encoded path data
-     */
-    protected CertPathRep(String type, byte[] data)
-    {
-      this.type = type;
-      this.data = data;
-    }
-
-    /**
-     * Decode the data into an actual {@link CertPath} upon deserialization.
-     *
-     * @return the replacement object
-     * @throws ObjectStreamException if replacement fails
-     */
-    protected Object readResolve() throws ObjectStreamException
-    {
-      try
-        {
-          return CertificateFactory.getInstance(type)
-            .generateCertPath(new ByteArrayInputStream(data));
-        }
-      catch (CertificateException e)
-        {
-          throw (ObjectStreamException)
-            new NotSerializableException("java.security.cert.CertPath: "
-                                         + type).initCause(e);
-        }
-    }
-  } // class CertPathRep
-
-  /**
-   * Compatible with JDK 1.4+.
-   */
-  private static final long serialVersionUID = 6068470306649138683L;
-
-  /**
-   * The path type.
-   *
-   * @serial the type of all certificates in this path
-   */
-  private final String type;
-
-  /**
-   * Create a certificate path with the given type. Most code should use
-   * {@link CertificateFactory} to create CertPaths.
-   *
-   * @param type the type of the path
-   */
-  protected CertPath(String type)
-  {
-    this.type = type;
-  }
-
-  /**
-   * Get the (non-null) type of all certificates in the path.
-   *
-   * @return the path certificate type
-   */
-  public String getType()
-  {
-    return type;
-  }
-
-  /**
-   * Get an immutable iterator over the path encodings (all String names),
-   * starting with the default encoding. The iterator will throw an
-   * <code>UnsupportedOperationException</code> if an attempt is made to
-   * remove items from the list.
-   *
-   * @return the iterator of supported encodings in the path
-   */
-  public abstract Iterator<String> getEncodings();
-
-  /**
-   * Compares this path to another for semantic equality. To be equal, both
-   * must be instances of CertPath, with the same type, and identical
-   * certificate lists. Overriding classes must not change this behavior.
-   *
-   * @param o the object to compare to
-   * @return true if the two are equal
-   */
-  public boolean equals(Object o)
-  {
-    if (! (o instanceof CertPath))
-      return false;
-    CertPath cp = (CertPath) o;
-    return type.equals(cp.type)
-      && getCertificates().equals(cp.getCertificates());
-  }
-
-  /**
-   * Returns the hashcode of this certificate path. This is defined as:<br>
-   * <code>31 * getType().hashCode() + getCertificates().hashCode()</code>.
-   *
-   * @return the hashcode
-   */
-  public int hashCode()
-  {
-    return 31 * type.hashCode() + getCertificates().hashCode();
-  }
-
-  public String toString()
-  {
-    List l = getCertificates();
-    int size = l.size();
-    int i = 0;
-    CPStringBuilder result = new CPStringBuilder(type);
-    result.append(" Cert Path: length = ").append(size).append(".\n[\n");
-    while (--size >= 0)
-      result.append(l.get(i++)).append('\n');
-    return result.append("\n]").toString();
-  }
-
-  /**
-   * Returns the encoded form of this path, via the default encoding.
-   *
-   * @return the encoded form
-   * @throws CertificateEncodingException if encoding fails
-   */
-  public abstract byte[] getEncoded() throws CertificateEncodingException;
-
-  /**
-   * Returns the encoded form of this path, via the specified encoding.
-   *
-   * @param encoding the encoding to use
-   * @return the encoded form
-   * @throws CertificateEncodingException if encoding fails or does not exist
-   */
-  public abstract byte[] getEncoded(String encoding)
-    throws CertificateEncodingException;
-
-  /**
-   * Returns the immutable, thread-safe list of certificates in this path.
-   *
-   * @return the list of certificates, non-null but possibly empty
-   */
-  public abstract List<? extends Certificate> getCertificates();
-
-  /**
-   * Serializes the path in its encoded form, to ensure reserialization with
-   * the appropriate factory object without worrying about list implementation.
-   * The result will always be an instance of {@link CertPathRep}.
-   *
-   * @return the replacement object
-   * @throws ObjectStreamException if the replacement creation fails
-   */
-  protected Object writeReplace() throws ObjectStreamException
-  {
-    try
-      {
-        return new CertPathRep(type, getEncoded());
-      }
-    catch (CertificateEncodingException e)
-      {
-        throw (ObjectStreamException)
-          new NotSerializableException("java.security.cert.CertPath: "
-                                       + type).initCause(e);
-      }
-  }
-} // class CertPath
diff --git a/libjava/classpath/java/security/cert/CertPathBuilder.java b/libjava/classpath/java/security/cert/CertPathBuilder.java
deleted file mode 100644
index 47bae6d..0000000
--- a/libjava/classpath/java/security/cert/CertPathBuilder.java
+++ /dev/null
@@ -1,251 +0,0 @@
-/* CertPathBuilder.java -- bulids CertPath objects from Certificates.
-   Copyright (C) 2003, 2004  Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-import gnu.java.lang.CPStringBuilder;
-
-import gnu.java.security.Engine;
-
-import java.lang.reflect.InvocationTargetException;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.Provider;
-import java.security.Security;
-
-/**
- * This class builds certificate paths (also called certificate chains),
- * which can be used to establish trust for a particular certificate by
- * building a path from a trusted certificate (a trust anchor) to the
- * untrusted certificate.
- *
- * @see CertPath
- */
-public class CertPathBuilder
-{
-
-  // Constants and fields.
-  // ------------------------------------------------------------------------
-
-  /** Service name for CertPathBuilder. */
-  private static final String CERT_PATH_BUILDER = "CertPathBuilder";
-
-  /** The underlying implementation. */
-  private CertPathBuilderSpi cpbSpi;
-
-  /** The provider of this implementation. */
-  private Provider provider;
-
-  /** The name of this implementation. */
-  private String algorithm;
-
-  // Constructor.
-  // ------------------------------------------------------------------------
-
-  /**
-   * Creates a new CertPathBuilder.
-   *
-   * @param cpbSpi    The underlying implementation.
-   * @param provider  The provider of the implementation.
-   * @param algorithm This implementation's name.
-   */
-  protected CertPathBuilder(CertPathBuilderSpi cpbSpi, Provider provider,
-                            String algorithm)
-  {
-    this.cpbSpi = cpbSpi;
-    this.provider = provider;
-    this.algorithm = algorithm;
-  }
-
-  // Class methods.
-  // ------------------------------------------------------------------------
-
-  /**
-   * Get the default cert path builder type.
-   *
-   * <p>This value can be set at run-time by the security property
-   * <code>"certpathbuilder.type"</code>. If this property is not set,
-   * then the value returned is <code>"PKIX"</code>.
-   *
-   * @return The default CertPathBuilder algorithm.
-   */
-  public static final String getDefaultType()
-  {
-    String type = Security.getProperty("certpathbuilder.type");
-    if (type == null)
-      type = "PKIX";
-    return type;
-  }
-
-  /**
-   * Returns an instance of a named <code>CertPathBuilder</code> from the
-   * first provider that implements it.
-   *
-   * @param algorithm The name of the <code>CertPathBuilder</code> to create.
-   * @return The new instance.
-   * @throws NoSuchAlgorithmException If no installed provider implements the
-   *           named algorithm.
-   * @throws IllegalArgumentException if <code>algorithm</code> is
-   *           <code>null</code> or is an empty string.
-   */
-  public static CertPathBuilder getInstance(String algorithm)
-      throws NoSuchAlgorithmException
-  {
-    Provider[] p = Security.getProviders();
-    NoSuchAlgorithmException lastException = null;
-    for (int i = 0; i < p.length; i++)
-      try
-        {
-          return getInstance(algorithm, p[i]);
-        }
-      catch (NoSuchAlgorithmException x)
-        {
-          lastException = x;
-        }
-    if (lastException != null)
-      throw lastException;
-    throw new NoSuchAlgorithmException(algorithm);
-  }
-
-  /**
-   * Returns an instance of a named <code>CertPathBuilder</code> from a named
-   * provider.
-   *
-   * @param algorithm The name of the <code>CertPathBuilder</code> to create.
-   * @param provider The name of the provider to use.
-   * @return The new instance.
-   * @throws NoSuchAlgorithmException If no installed provider implements the
-   *           named algorithm.
-   * @throws NoSuchProviderException If the named provider does not exist.
-   * @throws IllegalArgumentException if either <code>algorithm</code> or
-   *           <code>provider</code> is <code>null</code>, or if
-   *           <code>algorithm</code> is an empty string.
-   */
-  public static CertPathBuilder getInstance(String algorithm, String provider)
-      throws NoSuchAlgorithmException, NoSuchProviderException
-  {
-    if (provider == null)
-      throw new IllegalArgumentException("provider MUST NOT be null");
-    Provider p = Security.getProvider(provider);
-    if (p == null)
-      throw new NoSuchProviderException(provider);
-    return getInstance(algorithm, p);
-  }
-
-  /**
-   * Returns an instance of a named <code>CertPathBuilder</code> from the
-   * specified provider.
-   *
-   * @param algorithm The name of the <code>CertPathBuilder</code> to create.
-   * @param provider The provider to use.
-   * @return The new instance.
-   * @throws NoSuchAlgorithmException If no installed provider implements the
-   *           named algorithm.
-   * @throws IllegalArgumentException if either <code>algorithm</code> or
-   *           <code>provider</code> is <code>null</code>, or if
-   *           <code>algorithm</code> is an empty string.
-   */
-  public static CertPathBuilder getInstance(String algorithm, Provider provider)
-      throws NoSuchAlgorithmException
-  {
-    CPStringBuilder sb = new CPStringBuilder("CertPathBuilder for algorithm [")
-        .append(algorithm).append("] from provider[")
-        .append(provider).append("] could not be created");
-    Throwable cause;
-    try
-      {
-        Object spi = Engine.getInstance(CERT_PATH_BUILDER, algorithm, provider);
-        return new CertPathBuilder((CertPathBuilderSpi) spi, provider, algorithm);
-      }
-    catch (InvocationTargetException x)
-      {
-        cause = x.getCause();
-        if (cause instanceof NoSuchAlgorithmException)
-          throw (NoSuchAlgorithmException) cause;
-        if (cause == null)
-          cause = x;
-      }
-    catch (ClassCastException x)
-      {
-        cause = x;
-      }
-    NoSuchAlgorithmException x = new NoSuchAlgorithmException(sb.toString());
-    x.initCause(cause);
-    throw x;
-  }
-
-  /**
-   * Return the name of this CertPathBuilder algorithm.
-   *
-   * @return The algorithm name.
-   */
-  public final String getAlgorithm()
-  {
-    return algorithm;
-  }
-
-  /**
-   * Return the provider of this instance's implementation.
-   *
-   * @return The provider.
-   */
-  public final Provider getProvider()
-  {
-    return provider;
-  }
-
-  /**
-   * Builds a certificate path. The {@link CertPathParameters} parameter
-   * passed to this method is implementation-specific, but in general
-   * should contain some number of certificates and some number of
-   * trusted certificates (or "trust anchors").
-   *
-   * @param params The parameters.
-   * @retrun The certificate path result.
-   * @throws CertPathBuilderException If the certificate path cannot be
-   *   built.
-   * @throws InvalidAlgorithmParameterException If the implementation
-   *   rejects the specified parameters.
-   */
-  public final CertPathBuilderResult build(CertPathParameters params)
-    throws CertPathBuilderException, InvalidAlgorithmParameterException
-  {
-    return cpbSpi.engineBuild(params);
-  }
-}
diff --git a/libjava/classpath/java/security/cert/CertPathBuilderException.java b/libjava/classpath/java/security/cert/CertPathBuilderException.java
deleted file mode 100644
index 9851510..0000000
--- a/libjava/classpath/java/security/cert/CertPathBuilderException.java
+++ /dev/null
@@ -1,159 +0,0 @@
-/* CertPathBuilderException.java -- wraps an exception during certificate
-   path building
-   Copyright (C) 2002, 2005  Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-import java.io.PrintStream;
-import java.io.PrintWriter;
-import java.security.GeneralSecurityException;
-
-/**
- * Indicates a problem while using a <code>CertPathBuilder</code>, wrapping
- * the lower exception. This class is not thread-safe.
- *
- * @author Eric Blake (ebb9@email.byu.edu)
- * @see CertPathBuilder
- * @since 1.4
- * @status updated to 1.4
-*/
-public class CertPathBuilderException extends GeneralSecurityException
-{
-  /**
-   * Compatible with JDK 1.4+.
-   */
-  private static final long serialVersionUID = 5316471420178794402L;
-
-  /**
-   * Create an exception without a message. The cause may be initialized.
-   */
-  public CertPathBuilderException()
-  {
-  }
-
-  /**
-   * Create an exception with a message. The cause may be initialized.
-   *
-   * @param msg a message to display with exception
-   */
-  public CertPathBuilderException(String msg)
-  {
-    super(msg);
-  }
-
-  /**
-   * Create an exception with a cause. The message will be
-   * <code>cause == null ? null : cause.toString()</code>.
-   *
-   * @param cause the cause
-   */
-  public CertPathBuilderException(Throwable cause)
-  {
-    this(cause == null ? null : cause.toString(), cause);
-  }
-
-  /**
-   * Create an exception with a cause and a message.
-   *
-   * @param msg the message
-   * @param cause the cause
-   */
-  public CertPathBuilderException(String msg, Throwable cause)
-  {
-    super(msg);
-    initCause(cause);
-  }
-
-  /**
-   * Get the detail message.
-   *
-   * @return the detail message
-   */
-  public String getMessage()
-  {
-    return super.getMessage();
-  }
-
-  /**
-   * Get the cause, null if unknown.
-   *
-   * @return the cause
-   */
-  public Throwable getCause()
-  {
-    return super.getCause();
-  }
-
-  /**
-   * Convert this to a string, including its cause.
-   *
-   * @return the string conversion
-   */
-  public String toString()
-  {
-    return super.toString();
-  }
-
-  /**
-   * Print the stack trace to <code>System.err</code>.
-   */
-  public void printStackTrace()
-  {
-    super.printStackTrace();
-  }
-
-  /**
-   * Print the stack trace to a stream.
-   *
-   * @param stream the stream
-   */
-  public void printStackTrace(PrintStream stream)
-  {
-    super.printStackTrace(stream);
-  }
-
-  /**
-   * Print the stack trace to a stream.
-   *
-   * @param stream the stream
-   */
-  public void printStackTrace(PrintWriter stream)
-  {
-    super.printStackTrace(stream);
-  }
-}
diff --git a/libjava/classpath/java/security/cert/CertPathBuilderResult.java b/libjava/classpath/java/security/cert/CertPathBuilderResult.java
deleted file mode 100644
index edae88f6..0000000
--- a/libjava/classpath/java/security/cert/CertPathBuilderResult.java
+++ /dev/null
@@ -1,63 +0,0 @@
-/* CertPathBuilderResult -- results from building cert paths.
-   Copyright (C) 2003 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-/**
- * A standard interface for the result of building a certificate path.
- * All implementations of this class must provide a way to get the
- * certificate path, but may also define additional methods for
- * returning other result data generated by the certificate path
- * builder.
- */
-public interface CertPathBuilderResult extends Cloneable {
-
-        /**
-   * Creates a copy of this builder result.
-   *
-   * @return The copy.
-   */
-        Object clone();
-
-  /**
-   * Get the certificate path that was built.
-   *
-   * @retrn The certificate path.
-   */
-        CertPath getCertPath();
-}
diff --git a/libjava/classpath/java/security/cert/CertPathBuilderSpi.java b/libjava/classpath/java/security/cert/CertPathBuilderSpi.java
deleted file mode 100644
index afc7fc0..0000000
--- a/libjava/classpath/java/security/cert/CertPathBuilderSpi.java
+++ /dev/null
@@ -1,74 +0,0 @@
-/* CertPathBuilderSpi -- CertPathBuilder service provider interface.
-   Copyright (C) 2003 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-package java.security.cert;
-
-/**
- * The {@link CertPathBuilder} <i>Service Provider Interface</i>
- * (<b>SPI</b>).
- *
- * @see CertPathBuilder
- */
-public abstract class CertPathBuilderSpi {
-
-  // Constructors.
-  // ------------------------------------------------------------------------
-
-  /**
-   * Creates a new CertPathBuilderSpi.
-   */
-  public CertPathBuilderSpi() {
-    super();
-  }
-
-  // Abstract methods.
-  // ------------------------------------------------------------------------
-
-  /**
-   * Creates a certificate path from the specified parameters.
-   *
-   * @param params The parameters to use.
-   * @return The certificate path result.
-   * @throws CertPathBuilderException If the certificate path cannot be
-   *   built.
-   * @throws java.security.InvalidAlgorithmParameterException If the
-   *   implementation rejects the specified parameters.
-   */
-  public abstract CertPathBuilderResult engineBuild(CertPathParameters params)
-  throws CertPathBuilderException,
-         java.security.InvalidAlgorithmParameterException;
-}
diff --git a/libjava/classpath/java/security/cert/CertPathParameters.java b/libjava/classpath/java/security/cert/CertPathParameters.java
deleted file mode 100644
index 62a5cb6..0000000
--- a/libjava/classpath/java/security/cert/CertPathParameters.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/* CertPathParameters.java -- parameters for CertPathBuilder.
-   Copyright (C) 2003 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-package java.security.cert;
-
-/**
- * Parameters for generating and validating certificate paths. This
- * class does not define any methods (except a required cloneable
- * interface) and is provided only to provide type safety for
- * implementations. Concrete implementations implement this interface
- * in accord with thier own needs.
- *
- * @see CertPathBuilder
- * @see CertPathValidator
- */
-public interface CertPathParameters extends Cloneable {
-
-   /**
-    * Makes a copy of this CertPathParameters instance.
-    *
-    * @return The copy.
-    */
-   Object clone();
-}
diff --git a/libjava/classpath/java/security/cert/CertPathValidator.java b/libjava/classpath/java/security/cert/CertPathValidator.java
deleted file mode 100644
index 8bd7b58..0000000
--- a/libjava/classpath/java/security/cert/CertPathValidator.java
+++ /dev/null
@@ -1,264 +0,0 @@
-/* CertPathValidator -- validates certificate paths.
-   Copyright (C) 2003, 2004  Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-import gnu.java.lang.CPStringBuilder;
-
-import gnu.java.security.Engine;
-
-import java.lang.reflect.InvocationTargetException;
-import java.security.AccessController;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.PrivilegedAction;
-import java.security.Provider;
-import java.security.Security;
-
-/**
- * Generic interface to classes that validate certificate paths.
- *
- * <p>Using this class is similar to all the provider-based security
- * classes; the method of interest, {@link
- * #validate(java.security.cert.CertPath,java.security.cert.CertPathParameters)},
- * which takes provider-specific implementations of {@link
- * CertPathParameters}, and return provider-specific implementations of
- * {@link CertPathValidatorResult}.
- *
- * @since JDK 1.4
- * @see CertPath
- */
-public class CertPathValidator {
-
-  // Constants and fields.
-  // ------------------------------------------------------------------------
-
-  /** Service name for CertPathValidator. */
-  private static final String CERT_PATH_VALIDATOR = "CertPathValidator";
-
-  /** The underlying implementation. */
-  private final CertPathValidatorSpi validatorSpi;
-
-  /** The provider of this implementation. */
-  private final Provider provider;
-
-  /** The algorithm's name. */
-  private final String algorithm;
-
-  // Constructor.
-  // ------------------------------------------------------------------------
-
-  /**
-   * Creates a new CertPathValidator.
-   *
-   * @param validatorSpi The underlying implementation.
-   * @param provider     The provider of the implementation.
-   * @param algorithm    The algorithm name.
-   */
-  protected CertPathValidator(CertPathValidatorSpi validatorSpi,
-                              Provider provider, String algorithm)
-  {
-    this.validatorSpi = validatorSpi;
-    this.provider = provider;
-    this.algorithm = algorithm;
-  }
-
-  // Class methods.
-  // ------------------------------------------------------------------------
-
-  /**
-   * Returns the default validator type.
-   *
-   * <p>This value may be set at run-time via the security property
-   * "certpathvalidator.type", or the value "PKIX" if this property is
-   * not set.
-   *
-   * @return The default validator type.
-   */
-  public static synchronized String getDefaultType() {
-    String type = (String) AccessController.doPrivileged(
-      new PrivilegedAction()
-        {
-          public Object run()
-          {
-            return Security.getProperty("certpathvalidator.type");
-          }
-        }
-    );
-    if (type == null)
-      type = "PKIX";
-    return type;
-  }
-
-  /**
-   * Returns an instance of the given validator from the first provider that
-   * implements it.
-   *
-   * @param algorithm The name of the algorithm to get.
-   * @return The new instance.
-   * @throws NoSuchAlgorithmException If no installed provider implements the
-   *           requested algorithm.
-   * @throws IllegalArgumentException if <code>algorithm</code> is
-   *           <code>null</code> or is an empty string.
-   */
-  public static CertPathValidator getInstance(String algorithm)
-    throws NoSuchAlgorithmException
-  {
-    Provider[] p = Security.getProviders();
-    NoSuchAlgorithmException lastException = null;
-    for (int i = 0; i < p.length; i++)
-      try
-        {
-          return getInstance(algorithm, p[i]);
-        }
-      catch (NoSuchAlgorithmException x)
-        {
-          lastException = x;
-        }
-    if (lastException != null)
-      throw lastException;
-    throw new NoSuchAlgorithmException(algorithm);
-  }
-
-  /**
-   * Returns an instance of the given validator from the named provider.
-   *
-   * @param algorithm The name of the algorithm to get.
-   * @param provider The name of the provider from which to get the
-   *          implementation.
-   * @return The new instance.
-   * @throws NoSuchAlgorithmException If the named provider does not implement
-   *           the algorithm.
-   * @throws NoSuchProviderException If no provider named <i>provider</i> is
-   *           installed.
-   * @throws IllegalArgumentException if either <code>algorithm</code> or
-   *           <code>provider</code> is <code>null</code>, or if
-   *           <code>algorithm</code> is an empty string.
-   */
-  public static CertPathValidator getInstance(String algorithm, String provider)
-      throws NoSuchAlgorithmException, NoSuchProviderException
-  {
-    if (provider == null)
-      throw new IllegalArgumentException("provider MUST NOT be null");
-    Provider p = Security.getProvider(provider);
-    if (p == null)
-      throw new NoSuchProviderException(provider);
-    return getInstance(algorithm, p);
-  }
-
-  /**
-   * Returns an instance of the given validator from the given provider.
-   *
-   * @param algorithm The name of the algorithm to get.
-   * @param provider The provider from which to get the implementation.
-   * @return The new instance.
-   * @throws NoSuchAlgorithmException If the provider does not implement the
-   *           algorithm.
-   * @throws IllegalArgumentException if either <code>algorithm</code> or
-   *           <code>provider</code> is <code>null</code>, or if
-   *           <code>algorithm</code> is an empty string.
-   */
-  public static CertPathValidator getInstance(String algorithm,
-                                              Provider provider)
-    throws NoSuchAlgorithmException
-  {
-    CPStringBuilder sb = new CPStringBuilder("CertPathValidator for algorithm [")
-        .append(algorithm).append("] from provider[")
-        .append(provider).append("] could not be created");
-    Throwable cause;
-    try
-      {
-        Object spi = Engine.getInstance(CERT_PATH_VALIDATOR, algorithm, provider);
-        return new CertPathValidator((CertPathValidatorSpi) spi, provider, algorithm);
-      }
-    catch (InvocationTargetException x)
-      {
-        cause = x.getCause();
-        if (cause instanceof NoSuchAlgorithmException)
-          throw (NoSuchAlgorithmException) cause;
-        if (cause == null)
-          cause = x;
-      }
-    catch (ClassCastException x)
-      {
-        cause = x;
-      }
-    NoSuchAlgorithmException x = new NoSuchAlgorithmException(sb.toString());
-    x.initCause(cause);
-    throw x;
-  }
-
-  /**
-   * Return the name of this validator.
-   *
-   * @return This validator's name.
-   */
-  public final String getAlgorithm()
-  {
-    return algorithm;
-  }
-
-  /**
-   * Return the provider of this implementation.
-   *
-   * @return The provider.
-   */
-  public final Provider getProvider()
-  {
-    return provider;
-  }
-
-  /**
-   * Attempt to validate a certificate path.
-   *
-   * @param certPath The path to validate.
-   * @param params   The algorithm-specific parameters.
-   * @return The result of this validation attempt.
-   * @throws CertPathValidatorException If the certificate path cannot
-   * be validated.
-   * @throws InvalidAlgorithmParameterException If this implementation
-   * rejects the specified parameters.
-   */
-  public final CertPathValidatorResult validate(CertPath certPath,
-                                                CertPathParameters params)
-    throws CertPathValidatorException, InvalidAlgorithmParameterException
-  {
-    return validatorSpi.engineValidate(certPath, params);
-  }
-}
diff --git a/libjava/classpath/java/security/cert/CertPathValidatorException.java b/libjava/classpath/java/security/cert/CertPathValidatorException.java
deleted file mode 100644
index f3195be..0000000
--- a/libjava/classpath/java/security/cert/CertPathValidatorException.java
+++ /dev/null
@@ -1,226 +0,0 @@
-/* CertPathValidatorException.java -- wraps an exception during validation
-   of a CertPath
-   Copyright (C) 2002, 2005  Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-import java.io.PrintStream;
-import java.io.PrintWriter;
-import java.security.GeneralSecurityException;
-
-/**
- * Indicates a problem while validating a certification path. In addition,
- * it can store the path an index in that path that caused the problem. This
- * class is not thread-safe.
- *
- * @author Eric Blake (ebb9@email.byu.edu)
- * @see CertPathValidator
- * @since 1.4
- * @status updated to 1.4
-*/
-public class CertPathValidatorException extends GeneralSecurityException
-{
-  /**
-   * Compatible with JDK 1.4+.
-   */
-  private static final long serialVersionUID = -3083180014971893139L;
-
-  /**
-   * The index of the certificate path that failed, or -1.
-   *
-   * @serial the failed index
-   */
-  private final int index;
-
-  /**
-   * The <code>CertPath</code> that failed.
-   *
-   * @serial the object being validated at time of failure
-   */
-  private final CertPath certPath;
-
-  /**
-   * Create an exception without a message. The cause may be initialized. The
-   * index is set to -1 and the failed CertPath object to null.
-   */
-  public CertPathValidatorException()
-  {
-    this((String) null);
-  }
-
-  /**
-   * Create an exception with a message. The cause may be initialized. The
-   * index is set to -1 and the failed CertPath object to null.
-   *
-   * @param msg a message to display with exception
-   */
-  public CertPathValidatorException(String msg)
-  {
-    super(msg);
-    index = -1;
-    certPath = null;
-  }
-
-  /**
-   * Create an exception with a cause. The message will be
-   * <code>cause == null ? null : cause.toString()</code>. The index is set
-   * to -1 and the failed CertPath object to null.
-   *
-   * @param cause the cause
-   */
-  public CertPathValidatorException(Throwable cause)
-  {
-    this(cause == null ? null : cause.toString(), cause, null, -1);
-  }
-
-  /**
-   * Create an exception with a cause and a message. The index is set to -1
-   * and the failed CertPath object to null.
-   *
-   * @param msg the message
-   * @param cause the cause
-   */
-  public CertPathValidatorException(String msg, Throwable cause)
-  {
-    this(msg, cause, null, -1);
-  }
-
-  /**
-   * Create an exception with a cause, message, failed object, and index of
-   * failure in that CertPath.
-   *
-   * @param msg the message
-   * @param cause the cause
-   * @param certPath the path that was being validated, or null
-   * @param index the index of the path, or -1
-   * @throws IndexOutOfBoundsException if index is &lt; -1 or
-   *         &gt; certPath.getCertificates().size()
-   * @throws IllegalArgumentException if certPath is null but index != -1
-   */
-  public CertPathValidatorException(String msg, Throwable cause,
-                                    CertPath certPath, int index)
-  {
-    super(msg);
-    initCause(cause);
-    if (index < -1 || (certPath != null
-                       && index >= certPath.getCertificates().size()))
-      throw new IndexOutOfBoundsException();
-    if ((certPath == null) != (index == -1))
-      throw new IllegalArgumentException();
-    this.certPath = certPath;
-    this.index = index;
-  }
-
-  /**
-   * Get the detail message.
-   *
-   * @return the detail message
-   */
-  public String getMessage()
-  {
-    return super.getMessage();
-  }
-
-  /**
-   * Get the certificate path that had the failure, or null.
-   *
-   * @return the culprit path
-   */
-  public CertPath getCertPath()
-  {
-    return certPath;
-  }
-
-  /**
-   * Get the index that failed, or -1.
-   *
-   * @return the colprit index
-   */
-  public int getIndex()
-  {
-    return index;
-  }
-
-  /**
-   * Get the cause, null if unknown.
-   *
-   * @return the cause
-   */
-  public Throwable getCause()
-  {
-    return super.getCause();
-  }
-
-  /**
-   * Convert this to a string, including its cause.
-   *
-   * @return the string conversion
-   */
-  public String toString()
-  {
-    return super.toString();
-  }
-
-  /**
-   * Print the stack trace to <code>System.err</code>.
-   */
-  public void printStackTrace()
-  {
-    super.printStackTrace();
-  }
-
-  /**
-   * Print the stack trace to a stream.
-   *
-   * @param stream the stream
-   */
-  public void printStackTrace(PrintStream stream)
-  {
-    super.printStackTrace(stream);
-  }
-
-  /**
-   * Print the stack trace to a stream.
-   *
-   * @param stream the stream
-   */
-  public void printStackTrace(PrintWriter stream)
-  {
-    super.printStackTrace(stream);
-  }
-}
diff --git a/libjava/classpath/java/security/cert/CertPathValidatorResult.java b/libjava/classpath/java/security/cert/CertPathValidatorResult.java
deleted file mode 100644
index 0ccd1be..0000000
--- a/libjava/classpath/java/security/cert/CertPathValidatorResult.java
+++ /dev/null
@@ -1,63 +0,0 @@
-/* CertPathValidatorResult -- result of validating certificate paths
-   Copyright (C) 2003 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-/**
- * Interface to the result of calling {@link
- * CertPathValidator#validate(java.security.cert.CertPath,java.security.cert.CertPathParameters)}.
- *
- * <p>This interface defines no methods other than the required
- * {@link java.lang.Cloneable} interface, and is intended to group and
- * provide type safety for validator results. Providers that implement
- * a certificate path validator must also provide an implementation of
- * this interface, possibly defining additional methods.
- *
- * @since JDK 1.4
- * @see CertPathValidator
- */
-public interface CertPathValidatorResult extends Cloneable
-{
-
-  /**
-   * Returns a copy of this validator result.
-   *
-   * @return The copy.
-   */
-  Object clone();
-}
diff --git a/libjava/classpath/java/security/cert/CertPathValidatorSpi.java b/libjava/classpath/java/security/cert/CertPathValidatorSpi.java
deleted file mode 100644
index d4531e7..0000000
--- a/libjava/classpath/java/security/cert/CertPathValidatorSpi.java
+++ /dev/null
@@ -1,81 +0,0 @@
-/* CertPathValidatorSpi -- cert path validator service provider interface
-   Copyright (C) 2003 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-import java.security.InvalidAlgorithmParameterException;
-
-/**
- * The <i>service provider interface</i> (<b>SPI</b>) for the {@link
- * CertPathValidator} class. Providers implementing certificate path
- * validators must subclass this class and implement its abstract
- * methods.
- */
-public abstract class CertPathValidatorSpi
-{
-
-  // Constructor.
-  // ------------------------------------------------------------------------
-
-  /**
-   * Default constructor.
-   */
-  public CertPathValidatorSpi()
-  {
-    super();
-  }
-
-  // Abstract methods.
-  // ------------------------------------------------------------------------
-
-  /**
-   * Attempt to validate a certificate path.
-   *
-   * @param certPath The path to validate.
-   * @param params   The algorithm-specific parameters.
-   * @return The result of this validation attempt.
-   * @throws CertPathValidatorException If the certificate path cannot
-   * be validated.
-   * @throws InvalidAlgorithmParameterException If this implementation
-   * rejects the specified parameters.
-   */
-  public abstract CertPathValidatorResult
-  engineValidate(CertPath certPath, CertPathParameters params)
-  throws CertPathValidatorException,
-         InvalidAlgorithmParameterException;
-}
diff --git a/libjava/classpath/java/security/cert/CertSelector.java b/libjava/classpath/java/security/cert/CertSelector.java
deleted file mode 100644
index 4a2e7d9..0000000
--- a/libjava/classpath/java/security/cert/CertSelector.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/* CertSelector.java -- certificate selector interface.
-   Copyright (C) 2003 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-public interface CertSelector extends Cloneable
-{
-
-  /**
-   * Returns a copy of this CertSelector.
-   *
-   * @return The copy.
-   */
-  Object clone();
-
-  /**
-   * Match a certificate according to this selector's criteria.
-   *
-   * @param cert The certificate to match.
-   * @return true if the certificate matches thin criteria.
-   */
-  boolean match(Certificate cert);
-}
diff --git a/libjava/classpath/java/security/cert/CertStore.java b/libjava/classpath/java/security/cert/CertStore.java
deleted file mode 100644
index 630e967..0000000
--- a/libjava/classpath/java/security/cert/CertStore.java
+++ /dev/null
@@ -1,305 +0,0 @@
-/* CertStore -- stores and retrieves certificates.
-   Copyright (C) 2003, 2004  Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-import gnu.java.lang.CPStringBuilder;
-
-import gnu.java.security.Engine;
-
-import java.lang.reflect.InvocationTargetException;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.PrivilegedAction;
-import java.security.Provider;
-import java.security.Security;
-import java.util.Collection;
-
-/**
- * A CertStore is a read-only repository for certificates and
- * certificate revocation lists.
- *
- * @since 1.4
- */
-public class CertStore
-{
-
-  // Constants and fields.
-  // ------------------------------------------------------------------------
-
-  /** Service name for CertStore. */
-  private static final String CERT_STORE = "CertStore";
-
-  /** The underlying implementation. */
-  private CertStoreSpi storeSpi;
-
-  /** This implementation's provider. */
-  private Provider provider;
-
-  /** The name of this key store type. */
-  private String type;
-
-  /** The parameters used to initialize this instance, if any. */
-  private CertStoreParameters params;
-
-  // Constructor.
-  // ------------------------------------------------------------------------
-
-  /**
-   * Create a new CertStore.
-   *
-   * @param storeSpi The underlying implementation.
-   * @param provider The provider of this implementation.
-   * @param type     The type of CertStore this class represents.
-   * @param params   The parameters used to initialize this instance, if any.
-   */
-  protected CertStore(CertStoreSpi storeSpi, Provider provider, String type,
-                      CertStoreParameters params)
-  {
-    this.storeSpi = storeSpi;
-    this.provider = provider;
-    this.type = type;
-    this.params = params;
-  }
-
-// Class methods.
-  // ------------------------------------------------------------------------
-
-  /**
-   * Returns the default certificate store type.
-   *
-   * <p>This value can be set at run-time via the security property
-   * "certstore.type"; if not specified than the default type will be
-   * "LDAP".
-   *
-   * @return The default CertStore type.
-   */
-  public static final synchronized String getDefaultType()
-  {
-    String type = null;
-    type = (String) java.security.AccessController.doPrivileged(
-      new PrivilegedAction() {
-        public Object run() {
-          return Security.getProperty("certstore.type");
-        }
-      }
-    );
-    if (type == null)
-      type = "LDAP";
-    return type;
-  }
-
-  /**
-   * Returns an instance of the given certificate store type from the first
-   * installed provider.
-   *
-   * @param type The type of <code>CertStore</code> to create.
-   * @param params The parameters to initialize this cert store with.
-   * @return The new instance.
-   * @throws InvalidAlgorithmParameterException If the instance rejects the
-   *           specified parameters.
-   * @throws NoSuchAlgorithmException If no installed provider implements the
-   *           specified CertStore.
-   * @throws IllegalArgumentException if <code>type</code> is
-   *           <code>null</code> or is an empty string.
-   */
-  public static CertStore getInstance(String type, CertStoreParameters params)
-    throws InvalidAlgorithmParameterException, NoSuchAlgorithmException
-  {
-    Provider[] p = Security.getProviders();
-    NoSuchAlgorithmException lastException = null;
-    for (int i = 0; i < p.length; i++)
-      try
-        {
-          return getInstance(type, params, p[i]);
-        }
-      catch (NoSuchAlgorithmException x)
-        {
-          lastException = x;
-        }
-    if (lastException != null)
-      throw lastException;
-    throw new NoSuchAlgorithmException(type);
-  }
-
-  /**
-   * Returns an instance of the given certificate store type from a named
-   * provider.
-   *
-   * @param type The type of <code>CertStore</code> to create.
-   * @param params The parameters to initialize this cert store with.
-   * @param provider The name of the provider to use.
-   * @return The new instance.
-   * @throws InvalidAlgorithmParameterException If the instance rejects the
-   *           specified parameters.
-   * @throws NoSuchAlgorithmException If the specified provider does not
-   *           implement the specified CertStore.
-   * @throws NoSuchProviderException If no provider named <i>provider</i> is
-   *           installed.
-   * @throws IllegalArgumentException if either <code>type</code> or
-   *           <code>provider</code> is <code>null</code>, or if
-   *           <code>type</code> is an empty string.
-   */
-  public static CertStore getInstance(String type, CertStoreParameters params,
-                                      String provider)
-    throws InvalidAlgorithmParameterException, NoSuchAlgorithmException,
-           NoSuchProviderException
-  {
-    if (provider == null)
-      throw new IllegalArgumentException("provider MUST NOT be null");
-    Provider p = Security.getProvider(provider);
-    if (p == null)
-      throw new NoSuchProviderException(provider);
-    return getInstance(type, params, p);
-  }
-
-  /**
-   * Returns an instance of the given certificate store type from a given
-   * provider.
-   *
-   * @param type The type of <code>CertStore</code> to create.
-   * @param params   The parameters to initialize this cert store with.
-   * @param provider The provider to use.
-   * @return The new instance.
-   * @throws InvalidAlgorithmParameterException If the instance rejects
-   *         the specified parameters.
-   * @throws NoSuchAlgorithmException If the specified provider does not
-   *         implement the specified CertStore.
-   * @throws IllegalArgumentException if either <code>type</code> or
-   *           <code>provider</code> is <code>null</code>, or if
-   *           <code>type</code> is an empty string.
-   */
-  public static CertStore getInstance(String type, CertStoreParameters params,
-                                      Provider provider)
-      throws InvalidAlgorithmParameterException, NoSuchAlgorithmException
-  {
-    CPStringBuilder sb = new CPStringBuilder("CertStore of type [")
-        .append(type).append("] from provider[")
-        .append(provider).append("] could not be created");
-    Throwable cause;
-    try
-      {
-        Object[] args = new Object[] { params };
-        Object spi = Engine.getInstance(CERT_STORE, type, provider, args);
-        return new CertStore((CertStoreSpi) spi, provider, type, params);
-      }
-    catch (InvocationTargetException x)
-      {
-        cause = x.getCause();
-        if (cause instanceof NoSuchAlgorithmException)
-          throw (NoSuchAlgorithmException) cause;
-        if (cause == null)
-          cause = x;
-      }
-    catch (ClassCastException x)
-      {
-        cause = x;
-      }
-    NoSuchAlgorithmException x = new NoSuchAlgorithmException(sb.toString());
-    x.initCause(cause);
-    throw x;
-  }
-
-  /**
-   * Return the type of certificate store this instance represents.
-   *
-   * @return The CertStore type.
-   */
-  public final String getType()
-  {
-    return type;
-  }
-
-  /**
-   * Return the provider of this implementation.
-   *
-   * @return The provider.
-   */
-  public final Provider getProvider()
-  {
-    return provider;
-  }
-
-  /**
-   * Get the parameters this instance was created with, if any. The
-   * parameters will be cloned before they are returned.
-   *
-   * @return The parameters, or null.
-   */
-  public final CertStoreParameters getCertStoreParameters()
-  {
-    return params != null ? (CertStoreParameters) params.clone() : null;
-  }
-
-  /**
-   * Get a collection of certificates from this CertStore, optionally
-   * filtered by the specified CertSelector. The Collection returned may
-   * be empty, but will never be null.
-   *
-   * <p>Implementations may not allow a null argument, even if no
-   * filtering is desired.
-   *
-   * @param selector The certificate selector.
-   * @return The collection of certificates.
-   * @throws CertStoreException If the certificates cannot be retrieved.
-   */
-  public final Collection<? extends Certificate> getCertificates(CertSelector selector)
-    throws CertStoreException
-  {
-    return storeSpi.engineGetCertificates(selector);
-  }
-
-  /**
-   * Get a collection of certificate revocation lists from this CertStore,
-   * optionally filtered by the specified CRLSelector. The Collection
-   * returned may be empty, but will never be null.
-   *
-   * <p>Implementations may not allow a null argument, even if no
-   * filtering is desired.
-   *
-   * @param selector The certificate selector.
-   * @return The collection of certificate revocation lists.
-   * @throws CertStoreException If the CRLs cannot be retrieved.
-   */
-  public final Collection<? extends CRL> getCRLs(CRLSelector selector)
-    throws CertStoreException
-  {
-    return storeSpi.engineGetCRLs(selector);
-  }
-}
diff --git a/libjava/classpath/java/security/cert/CertStoreException.java b/libjava/classpath/java/security/cert/CertStoreException.java
deleted file mode 100644
index a4d8b7a..0000000
--- a/libjava/classpath/java/security/cert/CertStoreException.java
+++ /dev/null
@@ -1,159 +0,0 @@
-/* CertStoreException.java -- wraps an exception during certificate storage
-   Copyright (C) 2002, 2005  Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-import java.io.PrintStream;
-import java.io.PrintWriter;
-import java.security.GeneralSecurityException;
-
-/**
- * Indicates a problem while retrieving certificates and CRLs from
- * <code>CertStore</code>, wrapping the lower exception. This class is not
- * thread-safe.
- *
- * @author Eric Blake (ebb9@email.byu.edu)
- * @see CertStore
- * @since 1.4
- * @status updated to 1.4
-*/
-public class CertStoreException extends GeneralSecurityException
-{
-  /**
-   * Compatible with JDK 1.4+.
-   */
-  private static final long serialVersionUID = 2395296107471573245L;
-
-  /**
-   * Create an exception without a message. The cause may be initialized.
-   */
-  public CertStoreException()
-  {
-  }
-
-  /**
-   * Create an exception with a message. The cause may be initialized.
-   *
-   * @param msg a message to display with exception
-   */
-  public CertStoreException(String msg)
-  {
-    super(msg);
-  }
-
-  /**
-   * Create an exception with a cause. The message will be
-   * <code>cause == null ? null : cause.toString()</code>.
-   *
-   * @param cause the cause
-   */
-  public CertStoreException(Throwable cause)
-  {
-    this(cause == null ? null : cause.toString(), cause);
-  }
-
-  /**
-   * Create an exception with a cause and a message.
-   *
-   * @param msg the message
-   * @param cause the cause
-   */
-  public CertStoreException(String msg, Throwable cause)
-  {
-    super(msg);
-    initCause(cause);
-  }
-
-  /**
-   * Get the detail message.
-   *
-   * @return the detail message
-   */
-  public String getMessage()
-  {
-    return super.getMessage();
-  }
-
-  /**
-   * Get the cause, null if unknown.
-   *
-   * @return the cause
-   */
-  public Throwable getCause()
-  {
-    return super.getCause();
-  }
-
-  /**
-   * Convert this to a string, including its cause.
-   *
-   * @return the string conversion
-   */
-  public String toString()
-  {
-    return super.toString();
-  }
-
-  /**
-   * Print the stack trace to <code>System.err</code>.
-   */
-  public void printStackTrace()
-  {
-    super.printStackTrace();
-  }
-
-  /**
-   * Print the stack trace to a stream.
-   *
-   * @param stream the stream
-   */
-  public void printStackTrace(PrintStream stream)
-  {
-    super.printStackTrace(stream);
-  }
-
-  /**
-   * Print the stack trace to a stream.
-   *
-   * @param stream the stream
-   */
-  public void printStackTrace(PrintWriter stream)
-  {
-    super.printStackTrace(stream);
-  }
-}
diff --git a/libjava/classpath/java/security/cert/CertStoreParameters.java b/libjava/classpath/java/security/cert/CertStoreParameters.java
deleted file mode 100644
index 71bcd61..0000000
--- a/libjava/classpath/java/security/cert/CertStoreParameters.java
+++ /dev/null
@@ -1,60 +0,0 @@
-/* CertStoreParameters -- interface to CertStore parameters.
-   Copyright (C) 2003 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-/**
- * Parameters used when creating instances of {@link CertStore}. This
- * class does not define any methods (except a required cloneable
- * interface) and is provided only to provide type safety for
- * implementations. Concrete implementations implement this interface
- * in accord with thier own needs.
- *
- * @see LDAPCertStoreParameters
- * @see CollectionCertStoreParameters
- */
-public interface CertStoreParameters extends Cloneable
-{
-
-  /**
-   * Create a copy of these parameters.
-   *
-   * @return The copy.
-   */
-  Object clone();
-}
diff --git a/libjava/classpath/java/security/cert/CertStoreSpi.java b/libjava/classpath/java/security/cert/CertStoreSpi.java
deleted file mode 100644
index a47978a..0000000
--- a/libjava/classpath/java/security/cert/CertStoreSpi.java
+++ /dev/null
@@ -1,103 +0,0 @@
-/* CertStoreSpi -- certificate store service provider interface.
-   Copyright (C) 2003 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-import java.security.InvalidAlgorithmParameterException;
-import java.util.Collection;
-
-/**
- * The <i>service provider interface</i> (<b>SPI</b>) for the {@link
- * CertStore} class.
- *
- * <p>Providers wishing to implement a CertStore must subclass this
- * class, implementing all the abstract methods. Providers may also
- * implement the {@link CertStoreParameters} interface, if they require
- * parameters.
- *
- * @since 1.4
- * @see CertStore
- * @see CollectionCertStoreParameters
- * @see LDAPCertStoreParameters
- */
-public abstract class CertStoreSpi
-{
-
-  // Constructors.
-  // ------------------------------------------------------------------------
-
-  /**
-   * Creates a new CertStoreSpi.
-   *
-   * @param params The parameters to initialize this instance with, or
-   *        null if no parameters are required.
-   * @throws InvalidAlgorithmParameterException If the specified
-   *         parameters are inappropriate for this class.
-   */
-  public CertStoreSpi(CertStoreParameters params)
-    throws InvalidAlgorithmParameterException
-  {
-    super();
-  }
-
-  // Abstract methods.
-  // ------------------------------------------------------------------------
-
-  /**
-   * Get the certificates from this store, filtering them through the
-   * specified CertSelector.
-   *
-   * @param selector The CertSelector to filter certificates.
-   * @return A (non-null) collection of certificates.
-   * @throws CertStoreException If the certificates cannot be retrieved.
-   */
-  public abstract Collection<? extends Certificate> engineGetCertificates(CertSelector selector)
-  throws CertStoreException;
-
-  /**
-   * Get the certificate revocation list from this store, filtering them
-   * through the specified CRLSelector.
-   *
-   * @param selector The CRLSelector to filter certificate revocation
-   *        lists.
-   * @return A (non-null) collection of certificate revocation list.
-   * @throws CertStoreException If the CRLs cannot be retrieved.
-   */
-  public abstract Collection<? extends CRL> engineGetCRLs(CRLSelector selector)
-  throws CertStoreException;
-}
diff --git a/libjava/classpath/java/security/cert/Certificate.java b/libjava/classpath/java/security/cert/Certificate.java
deleted file mode 100644
index be1713c..0000000
--- a/libjava/classpath/java/security/cert/Certificate.java
+++ /dev/null
@@ -1,306 +0,0 @@
-/* Certificate.java --- Certificate class
-   Copyright (C) 1999, 2003, 2004 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-import java.io.ByteArrayInputStream;
-import java.io.InvalidObjectException;
-import java.io.ObjectStreamException;
-import java.io.Serializable;
-import java.security.InvalidKeyException;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.PublicKey;
-import java.security.SignatureException;
-
-/**
- * The Certificate class is an abstract class used to manage
- * identity certificates. An identity certificate is a
- * combination of a principal and a public key which is
- * certified by another principal. This is the puprose of
- * Certificate Authorities (CA).
- *
- * <p>This class is used to manage different types of certificates
- * but have important common puposes. Different types of
- * certificates like X.509 and OpenPGP share general certificate
- * functions (like encoding and verifying) and information like
- * public keys.
- *
- * <p>X.509, OpenPGP, and SDSI can be implemented by subclassing this
- * class even though they differ in storage methods and information
- * stored.
- *
- * @see CertificateFactory
- * @see X509Certificate
- * @since JDK 1.2
- * @author Mark Benvenuto
- * @author Casey Marshall
- */
-public abstract class Certificate implements Serializable
-{
-  private static final long serialVersionUID = -3585440601605666277L;
-
-  private String type;
-
-  /**
-     Constructs a new certificate of the specified type. An example
-     is "X.509".
-
-     @param type a valid standard name for a certificate.
-  */
-  protected Certificate(String type)
-  {
-    this.type = type;
-  }
-
-  /**
-     Returns the Certificate type.
-
-     @return a string representing the Certificate type
-  */
-  public final String getType()
-  {
-    return type;
-  }
-
-  /**
-     Compares this Certificate to other. It checks if the
-     object if instanceOf Certificate and then checks if
-     the encoded form matches.
-
-     @param other An Object to test for equality
-
-     @return true if equal, false otherwise
-  */
-  public boolean equals(Object other)
-  {
-    if( other instanceof Certificate ) {
-      try {
-        Certificate x = (Certificate) other;
-        if( getEncoded().length != x.getEncoded().length )
-          return false;
-
-        byte[] b1 = getEncoded();
-        byte[] b2 = x.getEncoded();
-
-        for( int i = 0; i < b1.length; i++ )
-          if( b1[i] != b2[i] )
-            return false;
-
-      } catch( CertificateEncodingException cee ) {
-        return false;
-      }
-      return true;
-    }
-    return false;
-  }
-
-  /**
-     Returns a hash code for this Certificate in its encoded
-     form.
-
-     @return A hash code of this class
-  */
-  public int hashCode()
-  {
-    return super.hashCode();
-  }
-
-  /**
-     Gets the DER ASN.1 encoded format for this Certificate.
-     It assumes each certificate has only one encoding format.
-     Ex: X.509 is encoded as ASN.1 DER
-
-     @return byte array containg encoded form
-
-     @throws CertificateEncodingException if an error occurs
-  */
-  public abstract byte[] getEncoded() throws CertificateEncodingException;
-
-  /**
-     Verifies that this Certificate was properly signed with the
-     PublicKey that corresponds to its private key.
-
-     @param key PublicKey to verify with
-
-     @throws CertificateException encoding error
-     @throws NoSuchAlgorithmException unsupported algorithm
-     @throws InvalidKeyException incorrect key
-     @throws NoSuchProviderException no provider
-     @throws SignatureException signature error
-  */
-  public abstract void verify(PublicKey key)
-    throws CertificateException,
-    NoSuchAlgorithmException,
-    InvalidKeyException,
-    NoSuchProviderException,
-    SignatureException;
-
-  /**
-     Verifies that this Certificate was properly signed with the
-     PublicKey that corresponds to its private key and uses
-     the signature engine provided by the provider.
-
-     @param key PublicKey to verify with
-     @param sigProvider Provider to use for signature algorithm
-
-     @throws CertificateException encoding error
-     @throws NoSuchAlgorithmException unsupported algorithm
-     @throws InvalidKeyException incorrect key
-     @throws NoSuchProviderException incorrect provider
-     @throws SignatureException signature error
-  */
-  public abstract void verify(PublicKey key,
-                              String sigProvider)
-    throws CertificateException,
-    NoSuchAlgorithmException,
-    InvalidKeyException,
-    NoSuchProviderException,
-    SignatureException;
-
-  /**
-     Returns a string representing the Certificate.
-
-     @return a string representing the Certificate.
-  */
-  public abstract String toString();
-
-
-  /**
-     Returns the public key stored in the Certificate.
-
-     @return The public key
-  */
-  public abstract PublicKey getPublicKey();
-
-  // Protected methods.
-  // ------------------------------------------------------------------------
-
-  /**
-   * Returns a replacement for this certificate to be serialized. This
-   * method returns the equivalent to the following for this class:
-   *
-   * <blockquote>
-   * <pre>new CertificateRep(getType(), getEncoded());</pre>
-   * </blockquote>
-   *
-   * <p>This thusly replaces the certificate with its name and its
-   * encoded form, which can be deserialized later with the {@link
-   * CertificateFactory} implementation for this certificate's type.
-   *
-   * @return The replacement object to be serialized.
-   * @throws ObjectStreamException If the replacement could not be
-   * created.
-   */
-  protected Object writeReplace() throws ObjectStreamException
-  {
-    try
-      {
-        return new CertificateRep(getType(), getEncoded());
-      }
-    catch (CertificateEncodingException cee)
-      {
-        throw new InvalidObjectException(cee.toString());
-      }
-  }
-
-  // Inner class.
-  // ------------------------------------------------------------------------
-
-  /**
-     Certificate.CertificateRep is an inner class used to provide an alternate
-     storage mechanism for serialized Certificates.
-  */
-  protected static class CertificateRep implements java.io.Serializable
-  {
-
-    /** From JDK1.4. */
-    private static final long serialVersionUID = -8563758940495660020L;
-
-    /** The certificate type, e.g. "X.509". */
-    private String type;
-
-    /** The encoded certificate data. */
-    private byte[] data;
-
-    /**
-     * Create an alternative representation of this certificate. The
-     * <code>(type, data)</code> pair is typically the certificate's
-     * type as returned by {@link Certificate#getType()} (i.e. the
-     * canonical name of the certificate type) and the encoded form as
-     * returned by {@link Certificate#getEncoded()}.
-     *
-     * <p>For example, X.509 certificates would create an instance of
-     * this class with the parameters "X.509" and the ASN.1
-     * representation of the certificate, encoded as DER bytes.
-     *
-     * @param type The certificate type.
-     * @param data The encoded certificate data.
-     */
-    protected CertificateRep(String type, byte[] data)
-    {
-      this.type = type;
-      this.data = data;
-    }
-
-    /**
-     * Deserialize this certificate replacement into the appropriate
-     * certificate object. That is, this method attempts to create a
-     * {@link CertificateFactory} for this certificate's type, then
-     * attempts to parse the encoded data with that factory, returning
-     * the resulting certificate.
-     *
-     * @return The deserialized certificate.
-     * @throws ObjectStreamException If there is no appropriate
-     * certificate factory for the given type, or if the encoded form
-     * cannot be parsed.
-     */
-    protected Object readResolve() throws ObjectStreamException
-    {
-      try
-        {
-          CertificateFactory fact = CertificateFactory.getInstance(type);
-          return fact.generateCertificate(new ByteArrayInputStream(data));
-        }
-      catch (Exception e)
-        {
-          throw new InvalidObjectException(e.toString());
-        }
-    }
-  }
-}
diff --git a/libjava/classpath/java/security/cert/CertificateEncodingException.java b/libjava/classpath/java/security/cert/CertificateEncodingException.java
deleted file mode 100644
index 3f87169..0000000
--- a/libjava/classpath/java/security/cert/CertificateEncodingException.java
+++ /dev/null
@@ -1,93 +0,0 @@
-/* CertificateEncodingException.java -- Certificate Encoding Exception
-   Copyright (C) 1999, 2002, 2006 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-/**
- * Exception for a Certificate Encoding.
- *
- * @author Mark Benvenuto
- * @since 1.2
- * @status updated to 1.5
- */
-public class CertificateEncodingException extends CertificateException
-{
-  /**
-   * Compatible with JDK 1.2+.
-   */
-  private static final long serialVersionUID = 6219492851589449162L;
-
-  /**
-   * Constructs an exception without a message string.
-   */
-  public CertificateEncodingException()
-  {
-  }
-
-  /**
-   * Constructs an exception with a message string.
-   *
-   * @param msg A message to display with exception
-   */
-  public CertificateEncodingException(String msg)
-  {
-    super(msg);
-  }
-
-  /**
-   * Create a new instance with a descriptive error message and
-   * a cause.
-   * @param s the descriptive error message
-   * @param cause the cause
-   * @since 1.5
-   */
-  public CertificateEncodingException(String s, Throwable cause)
-  {
-    super(s, cause);
-  }
-
-  /**
-   * Create a new instance with a cause.
-   * @param cause the cause
-   * @since 1.5
-   */
-  public CertificateEncodingException(Throwable cause)
-  {
-    super(cause);
-  }
-}
diff --git a/libjava/classpath/java/security/cert/CertificateException.java b/libjava/classpath/java/security/cert/CertificateException.java
deleted file mode 100644
index 8a6f383..0000000
--- a/libjava/classpath/java/security/cert/CertificateException.java
+++ /dev/null
@@ -1,96 +0,0 @@
-/* CertificateException.java -- Certificate Exception
-   Copyright (C) 1999, 2002, 2006 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-import java.security.GeneralSecurityException;
-
-/**
- * Exception for a Certificate.
- *
- * @author Mark Benvenuto
- * @see Certificate
- * @since 1.2
- * @status updated to 1.5
- */
-public class CertificateException extends GeneralSecurityException
-{
-  /**
-   * Compatible with JDK 1.2+.
-   */
-  private static final long serialVersionUID = 3192535253797119798L;
-
-  /**
-   * Constructs an exception without a message string.
-   */
-  public CertificateException()
-  {
-  }
-
-  /**
-   * Constructs an exception with a message string.
-   *
-   * @param msg a message to display with exception
-   */
-  public CertificateException(String msg)
-  {
-    super(msg);
-  }
-
-  /**
-   * Create a new instance with a descriptive error message and
-   * a cause.
-   * @param s the descriptive error message
-   * @param cause the cause
-   * @since 1.5
-   */
-  public CertificateException(String s, Throwable cause)
-  {
-    super(s, cause);
-  }
-
-  /**
-   * Create a new instance with a cause.
-   * @param cause the cause
-   * @since 1.5
-   */
-  public CertificateException(Throwable cause)
-  {
-    super(cause);
-  }
-}
diff --git a/libjava/classpath/java/security/cert/CertificateExpiredException.java b/libjava/classpath/java/security/cert/CertificateExpiredException.java
deleted file mode 100644
index 5b37142..0000000
--- a/libjava/classpath/java/security/cert/CertificateExpiredException.java
+++ /dev/null
@@ -1,71 +0,0 @@
-/* CertificateExpiredException.java --- Certificate Expired Exception
-   Copyright (C) 1999, 2002 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-/**
- * Exception for a Certificate Expiring.
- *
- * @author Mark Benvenuto
- * @since 1.2
- * @status updated to 1.4
- */
-public class CertificateExpiredException extends CertificateException
-{
-  /**
-   * Compatible with JDK 1.2+.
-   */
-  private static final long serialVersionUID = 9071001339691533771L;
-
-  /**
-   * Constructs an exception without a message string.
-   */
-  public CertificateExpiredException()
-  {
-  }
-
-  /**
-   * Constructs an exception with a message string.
-   *
-   * @param msg a message to display with exception
-   */
-  public CertificateExpiredException(String msg)
-  {
-    super(msg);
-  }
-}
diff --git a/libjava/classpath/java/security/cert/CertificateFactory.java b/libjava/classpath/java/security/cert/CertificateFactory.java
deleted file mode 100644
index 4fd5b39..0000000
--- a/libjava/classpath/java/security/cert/CertificateFactory.java
+++ /dev/null
@@ -1,355 +0,0 @@
-/* CertificateFactory.java -- Certificate Factory Class
-   Copyright (C) 1999, 2002, 2003, 2004  Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-import gnu.java.security.Engine;
-
-import java.io.InputStream;
-import java.lang.reflect.InvocationTargetException;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.Provider;
-import java.security.Security;
-import java.util.Collection;
-import java.util.Iterator;
-import java.util.List;
-
-/**
- * This class implements the CertificateFactory class interface used to
- * generate certificates, certificate revocation lists (CRLs), and certificate
- * paths objects from their encoded forms.
- *
- * @author Mark Benvenuto
- * @author Casey Marshall
- * @since 1.2
- * @status Fully compatible with JDK 1.4.
- */
-public class CertificateFactory
-{
-
-  /** The service name for certificate factories. */
-  private static final String CERTIFICATE_FACTORY = "CertificateFactory";
-
-  private CertificateFactorySpi certFacSpi;
-  private Provider provider;
-  private String type;
-
-  /**
-   * Creates an instance of CertificateFactory.
-   *
-   * @param certFacSpi The underlying CertificateFactory engine.
-   * @param provider   The provider of this implementation.
-   * @param type       The type of Certificate this factory creates.
-   */
-  protected CertificateFactory(CertificateFactorySpi certFacSpi,
-                               Provider provider, String type)
-  {
-    this.certFacSpi = certFacSpi;
-    this.provider = provider;
-    this.type = type;
-  }
-
-  /**
-   * Returns an instance of a <code>CertificateFactory</code> representing the
-   * specified certificate factory type.
-   *
-   * @param type The type of certificate factory to create.
-   * @return A <code>CertificateFactory</code> of the desired type.
-   * @throws CertificateException If the type of certificate factory is not
-   *           implemented by any installed provider.
-   * @throws IllegalArgumentException if <code>type</code> is
-   *           <code>null</code> or is an empty string.
-   */
-  public static final CertificateFactory getInstance(String type)
-      throws CertificateException
-  {
-    Provider[] p = Security.getProviders();
-    CertificateException lastException = null;
-    for (int i = 0; i < p.length; i++)
-      try
-        {
-          return getInstance(type, p[i]);
-        }
-      catch (CertificateException x)
-        {
-          lastException = x;
-        }
-    if (lastException != null)
-      throw lastException;
-    throw new CertificateException(type);
-  }
-
-  /**
-   * Returns an instance of a <code>CertificateFactory</code> representing the
-   * specified certificate factory type from the named provider.
-   *
-   * @param type The type of certificate factory to create.
-   * @param provider The name of the provider to use.
-   * @return A <code>CertificateFactory</code> for the desired type.
-   * @throws CertificateException If the type of certificate is not implemented
-   *           by the named provider.
-   * @throws NoSuchProviderException If the named provider is not installed.
-   * @throws IllegalArgumentException if either <code>type</code> or
-   *           <code>provider</code> is <code>null</code>, or if
-   *           <code>type</code> is an empty string.
-   */
-  public static final CertificateFactory getInstance(String type,
-                                                     String provider)
-    throws CertificateException, NoSuchProviderException
-  {
-    if (provider == null)
-      throw new IllegalArgumentException("provider MUST NOT be null");
-    Provider p = Security.getProvider(provider);
-    if (p == null)
-      throw new NoSuchProviderException(provider);
-    return getInstance(type, p);
-  }
-
-  /**
-   * Returns an instance of a <code>CertificateFactory</code> representing the
-   * specified certificate factory type from the designated provider.
-   *
-   * @param type The type of certificate factory to create.
-   * @param provider The provider from which to get the implementation.
-   * @return A <code>CertificateFactory</code> for the desired type.
-   * @throws CertificateException If the type of certificate is not implemented
-   *           by the provider.
-   * @throws IllegalArgumentException if either <code>type</code> or
-   *           <code>provider</code> is <code>null</code>, or if
-   *           <code>type</code> is an empty string.
-   */
-  public static final CertificateFactory getInstance(String type,
-                                                     Provider provider)
-      throws CertificateException
-  {
-    Throwable cause;
-    try
-      {
-        Object spi = Engine.getInstance(CERTIFICATE_FACTORY, type, provider);
-        return new CertificateFactory((CertificateFactorySpi) spi, provider, type);
-      }
-    catch (ClassCastException x)
-      {
-        cause = x;
-      }
-    catch (InvocationTargetException x)
-      {
-        cause = x.getCause() != null ? x.getCause() : x;
-      }
-    catch (NoSuchAlgorithmException x)
-      {
-        cause = x;
-      }
-    CertificateException x = new CertificateException(type);
-    x.initCause(cause);
-    throw x;
-  }
-
-  /**
-   * Gets the provider of this implementation.
-   *
-   * @return The provider of this implementation.
-   */
-  public final Provider getProvider()
-  {
-    return provider;
-  }
-
-  /**
-   * Returns the type of the certificate this factory creates.
-   *
-   * @return A string with the type of certificate
-   */
-  public final String getType()
-  {
-    return type;
-  }
-
-  /**
-   * Generates a Certificate from the encoded data read
-   * from an InputStream.
-   *
-   * <p>The input stream must contain only one certificate.
-   *
-   * <p>If there exists a specialized certificate class for the
-   * certificate format handled by the certificate factory
-   * then the return Ceritificate should be a typecast of it.
-   * Ex: A X.509 CertificateFactory should return X509Certificate.
-   *
-   * <p>For X.509 certificates, the certificate in inStream must be
-   * DER encoded and supplied in binary or printable (Base64)
-   * encoding. If the certificate is in Base64 encoding, it must be
-   * bounded by -----BEGINCERTIFICATE-----, and
-   * -----END CERTIFICATE-----.
-   *
-   * @param inStream An input stream containing the certificate data.
-   * @return A certificate initialized from the decoded InputStream data.
-   * @throws CertificateException If an error occurs decoding the
-   *   certificate.
-   */
-  public final Certificate generateCertificate(InputStream inStream)
-    throws CertificateException
-  {
-    return certFacSpi.engineGenerateCertificate(inStream);
-  }
-
-  /**
-   * Returns a collection of certificates that were read from the
-   * input stream. It may be empty, have only one, or have
-   * multiple certificates.
-   *
-   * For a X.509 certificate factory, the stream may contain a
-   * single DER encoded certificate or a PKCS#7 certificate
-   * chain. This is a PKCS#7 <I>SignedData</I> object with the
-   * most significant field being <I>certificates</I>. If no
-   * CRLs are present, then an empty collection is returned.
-         *
-   * @param inStream An input stream containing the certificate data.
-   * @return A collection of certificates initialized from the decoded
-   *   InputStream data.
-   * @throws CertificateException If an error occurs decoding the
-   *   certificates.
-   */
-  public final Collection<? extends Certificate> generateCertificates(InputStream inStream)
-    throws CertificateException
-  {
-    return certFacSpi.engineGenerateCertificates(inStream);
-  }
-
-  /**
-   * Generates a CRL based on the encoded data read
-   * from the InputStream.
-   *
-   * <p>The input stream must contain only one CRL.
-   *
-   * <p>If there exists a specialized CRL class for the
-   * CRL format handled by the certificate factory
-   * then the return CRL should be a typecast of it.
-   * Ex: A X.509 CertificateFactory should return X509CRL.
-   *
-   * @param inStream An input stream containing the CRL data.
-   * @return A CRL initialized from the decoded InputStream data.
-   * @throws CRLException If an error occurs decoding the CRL.
-   */
-  public final CRL generateCRL(InputStream inStream)
-    throws CRLException
-  {
-    return certFacSpi.engineGenerateCRL(inStream);
-  }
-
-  /**
-   * <p>Generates CRLs based on the encoded data read
-   * from the InputStream.
-   *
-   * <p>For a X.509 certificate factory, the stream may contain a
-   * single DER encoded CRL or a PKCS#7 CRL set. This is a
-   * PKCS#7 <I>SignedData</I> object with the most significant
-   * field being <I>crls</I>. If no CRLs are present, then an
-   * empty collection is returned.
-   *
-   * @param inStream an input stream containing the CRLs.
-   * @return a collection of CRLs initialized from the decoded
-   *    InputStream data.
-   * @throws CRLException If an error occurs decoding the CRLs.
-   */
-  public final Collection<? extends CRL> generateCRLs(InputStream inStream)
-    throws CRLException
-  {
-    return certFacSpi.engineGenerateCRLs( inStream );
-  }
-
-  /**
-   * Generate a {@link CertPath} and initialize it with data parsed from
-   * the input stream. The default encoding of this factory is used.
-   *
-   * @param inStream The InputStream containing the CertPath data.
-   * @return A CertPath initialized from the input stream data.
-   * @throws CertificateException If an error occurs decoding the
-   * CertPath.
-   */
-  public final CertPath generateCertPath(InputStream inStream)
-    throws CertificateException
-  {
-    return certFacSpi.engineGenerateCertPath(inStream);
-  }
-
-  /**
-   * Generate a {@link CertPath} and initialize it with data parsed from
-   * the input stream, using the specified encoding.
-   *
-   * @param inStream The InputStream containing the CertPath data.
-   * @param encoding The encoding of the InputStream data.
-   * @return A CertPath initialized from the input stream data.
-   * @throws CertificateException If an error occurs decoding the
-   *   CertPath.
-   */
-  public final CertPath generateCertPath(InputStream inStream, String encoding)
-    throws CertificateException
-  {
-    return certFacSpi.engineGenerateCertPath(inStream, encoding);
-  }
-
-  /**
-   * Generate a {@link CertPath} and initialize it with the certificates
-   * in the {@link java.util.List} argument.
-   *
-   * @param certificates The list of certificates with which to create
-   *   the CertPath.
-   * @return A CertPath initialized from the certificates.
-   * @throws CertificateException If an error occurs generating the
-   *   CertPath.
-   */
-  public final CertPath generateCertPath(List<? extends Certificate> certificates)
-    throws CertificateException
-  {
-    return certFacSpi.engineGenerateCertPath(certificates);
-  }
-
-  /**
-   * Returns an Iterator of CertPath encodings supported by this
-   * factory, with the default encoding first. The returned Iterator
-   * cannot be modified.
-   *
-   * @return The Iterator of supported encodings.
-   */
-  public final Iterator<String> getCertPathEncodings()
-  {
-    return certFacSpi.engineGetCertPathEncodings();
-  }
-} // class CertificateFactory
diff --git a/libjava/classpath/java/security/cert/CertificateFactorySpi.java b/libjava/classpath/java/security/cert/CertificateFactorySpi.java
deleted file mode 100644
index 2c9ca5d..0000000
--- a/libjava/classpath/java/security/cert/CertificateFactorySpi.java
+++ /dev/null
@@ -1,224 +0,0 @@
-/* CertificateFactorySpi.java --- Certificate Factory Class
-   Copyright (C) 1999,2003 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-import java.io.InputStream;
-
-import java.util.Collection;
-import java.util.Iterator;
-import java.util.List;
-
-/**
-   CertificateFactorySpi is the abstract class Service Provider
-   Interface (SPI) for the CertificateFactory class. A provider
-   must implement all the abstract methods if they wish to
-   supply a certificate factory for a particular certificate
-   type. Ex: X.509
-
-   Certificate factories are used to generate certificates and
-   certificate revocation lists (CRL) from their encoding.
-
-   @since 1.2
-
-   @author Mark Benvenuto
- */
-public abstract class CertificateFactorySpi
-{
-
-  // Constructor.
-  // ------------------------------------------------------------------------
-
-  /**
-   * Constructs a new CertificateFactorySpi
-   */
-  public CertificateFactorySpi()
-  {}
-
-  // Abstract methods.
-  // ------------------------------------------------------------------------
-
-  /**
-     Generates a Certificate based on the encoded data read
-     from the InputStream.
-
-     The input stream must contain only one certificate.
-
-     If there exists a specialized certificate class for the
-     certificate format handled by the certificate factory
-     then the return Ceritificate should be a typecast of it.
-     Ex: A X.509 CertificateFactory should return X509Certificate.
-
-     For X.509 certificates, the certificate in inStream must be
-     DER encoded and supplied in binary or printable (Base64)
-     encoding. If the certificate is in Base64 encoding, it must be
-     bounded by -----BEGIN CERTIFICATE-----, and
-     -----END CERTIFICATE-----.
-
-     @param inStream an input stream containing the certificate data
-
-     @return a certificate initialized with InputStream data.
-
-     @throws CertificateException Certificate parsing error
-  */
-  public abstract Certificate engineGenerateCertificate(InputStream inStream)
-    throws CertificateException;
-
-  /**
-     Returns a collection of certificates that were read from the
-     input stream. It may be empty, have only one, or have
-     multiple certificates.
-
-     For a X.509 certificate factory, the stream may contain a
-     single DER encoded certificate or a PKCS#7 certificate
-     chain. This is a PKCS#7 <I>SignedData</I> object with the
-     most significant field being <I>certificates</I>. If no
-     CRLs are present, then an empty collection is returned.
-
-     @param inStream an input stream containing the certificates
-
-     @return a collection of certificates initialized with
-     the InputStream data.
-
-     @throws CertificateException Certificate parsing error
-  */
-  public abstract Collection<? extends Certificate> engineGenerateCertificates(InputStream inStream)
-    throws CertificateException;
-
-  /**
-     Generates a CRL based on the encoded data read
-     from the InputStream.
-
-     The input stream must contain only one CRL.
-
-     If there exists a specialized CRL class for the
-     CRL format handled by the certificate factory
-     then the return CRL should be a typecast of it.
-     Ex: A X.509 CertificateFactory should return X509CRL.
-
-     @param inStream an input stream containing the CRL data
-
-     @return a CRL initialized with InputStream data.
-
-     @throws CRLException CRL parsing error
-  */
-  public abstract CRL engineGenerateCRL(InputStream inStream)
-    throws CRLException;
-
-  /**
-     Generates CRLs based on the encoded data read
-     from the InputStream.
-
-     For a X.509 certificate factory, the stream may contain a
-     single DER encoded CRL or a PKCS#7 CRL set. This is a
-     PKCS#7 <I>SignedData</I> object with the most significant
-     field being <I>crls</I>. If no CRLs are present, then an
-     empty collection is returned.
-
-     @param inStream an input stream containing the CRLs
-
-     @return a collection of CRLs initialized with
-     the InputStream data.
-
-     @throws CRLException CRL parsing error
-  */
-  public abstract Collection<? extends CRL> engineGenerateCRLs(InputStream inStream)
-    throws CRLException;
-
-  // 1.4 instance methods.
-  // ------------------------------------------------------------------------
-
-  /**
-   * Generate a {@link CertPath} and initialize it with data parsed from
-   * the input stream. The default encoding of this factory is used.
-   *
-   * @param inStream The InputStream containing the CertPath data.
-   * @return A CertPath initialized from the input stream data.
-   * @throws CertificateException If an error occurs decoding the
-   * CertPath.
-   */
-  public CertPath engineGenerateCertPath(InputStream inStream)
-    throws CertificateException
-  {
-    throw new UnsupportedOperationException("not implemented");
-  }
-
-  /**
-   * Generate a {@link CertPath} and initialize it with data parsed from
-   * the input stream, using the specified encoding.
-   *
-   * @param inStream The InputStream containing the CertPath data.
-   * @param encoding The encoding of the InputStream data.
-   * @return A CertPath initialized from the input stream data.
-   * @throws CertificateException If an error occurs decoding the
-   *   CertPath.
-   */
-  public CertPath engineGenerateCertPath(InputStream inStream, String encoding)
-    throws CertificateException
-  {
-    throw new UnsupportedOperationException("not implemented");
-  }
-
-  /**
-   * Generate a {@link CertPath} and initialize it with the certificates
-   * in the {@link java.util.List} argument.
-   *
-   * @param certificates The list of certificates with which to create
-   *   the CertPath.
-   * @return A CertPath initialized from the certificates.
-   * @throws CertificateException If an error occurs generating the
-   *   CertPath.
-   */
-  public CertPath engineGenerateCertPath(List<? extends Certificate> certificates)
-    throws CertificateException
-  {
-    throw new UnsupportedOperationException("not implemented");
-  }
-
-  /**
-   * Returns an Iterator of CertPath encodings supported by this
-   * factory, with the default encoding first. The returned Iterator
-   * cannot be modified.
-   *
-   * @return The Iterator of supported encodings.
-   */
-  public Iterator<String> engineGetCertPathEncodings()
-  {
-    throw new UnsupportedOperationException("not implemented");
-  }
-}
diff --git a/libjava/classpath/java/security/cert/CertificateNotYetValidException.java b/libjava/classpath/java/security/cert/CertificateNotYetValidException.java
deleted file mode 100644
index dfb4b48..0000000
--- a/libjava/classpath/java/security/cert/CertificateNotYetValidException.java
+++ /dev/null
@@ -1,71 +0,0 @@
-/* CertificateNotYetValidException.java -- Certificate Not Yet Valid Exception
-   Copyright (C) 1999, 2002 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-/**
- * Exception for a Certificate that is not yet valid.
- *
- * @author Mark Benvenuto
- * @since 1.2
- * @status updated to 1.4
-*/
-public class CertificateNotYetValidException extends CertificateException
-{
-  /**
-   * Compatible with JDK 1.2+.
-   */
-  private static final long serialVersionUID = 4355919900041064702L;
-
-  /**
-   * Constructs an exception without a message string.
-   */
-  public CertificateNotYetValidException()
-  {
-  }
-
-  /**
-   * Constructs an exception with a message string.
-   *
-   * @param msg A message to display with exception
-   */
-  public CertificateNotYetValidException(String msg)
-  {
-    super(msg);
-  }
-}
diff --git a/libjava/classpath/java/security/cert/CertificateParsingException.java b/libjava/classpath/java/security/cert/CertificateParsingException.java
deleted file mode 100644
index 5a930f4..0000000
--- a/libjava/classpath/java/security/cert/CertificateParsingException.java
+++ /dev/null
@@ -1,93 +0,0 @@
-/* CertificateParsingException.java -- Certificate Parsing Exception
-   Copyright (C) 1999, 2002, 2006 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-/**
- * Exception for parsing a DER-encoded Certificate.
- *
- * @author Mark Benvenuto
- * @since 1.2
- * @status updated to 1.5
-*/
-public class CertificateParsingException extends CertificateException
-{
-  /**
-   * Compatible with JDK 1.2+.
-   */
-  private static final long serialVersionUID = -7989222416793322029L;
-
-  /**
-   * Constructs an exception without a message string.
-   */
-  public CertificateParsingException()
-  {
-  }
-
-  /**
-   * Constructs an exception with a message string.
-   *
-   * @param msg a message to display with exception
-   */
-  public CertificateParsingException(String msg)
-  {
-    super(msg);
-  }
-
-  /**
-   * Create a new instance with a descriptive error message and
-   * a cause.
-   * @param s the descriptive error message
-   * @param cause the cause
-   * @since 1.5
-   */
-  public CertificateParsingException(String s, Throwable cause)
-  {
-    super(s, cause);
-  }
-
-  /**
-   * Create a new instance with a cause.
-   * @param cause the cause
-   * @since 1.5
-   */
-  public CertificateParsingException(Throwable cause)
-  {
-    super(cause);
-  }
-}
diff --git a/libjava/classpath/java/security/cert/CollectionCertStoreParameters.java b/libjava/classpath/java/security/cert/CollectionCertStoreParameters.java
deleted file mode 100644
index 3898748..0000000
--- a/libjava/classpath/java/security/cert/CollectionCertStoreParameters.java
+++ /dev/null
@@ -1,122 +0,0 @@
-/* CollectionCertStoreParameters -- collection-based cert store parameters
-   Copyright (C) 2003 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Collections;
-
-/**
- * An implementation of {@link CertStoreParameters} with a simple,
- * in-memory {@link Collection} of certificates and certificate
- * revocation list.
- *
- * <p>Note that this class is not thread-safe, and its underlying
- * collection may be changed at any time.
- *
- * @see CertStore
- * @since 1.4
- */
-public class CollectionCertStoreParameters implements CertStoreParameters
-{
-
-  // Constants and fields.
-  // ------------------------------------------------------------------------
-
-  /** The underlying collection. */
-  private final Collection collection;
-
-  // Constructors.
-  // ------------------------------------------------------------------------
-
-  /**
-   * Creates a new CollectionCertStoreParameters with an empty,
-   * immutable collection.
-   */
-  public CollectionCertStoreParameters()
-  {
-    this(Collections.EMPTY_LIST);
-  }
-
-  /**
-   * Create a new CollectionCertStoreParameters with the specified
-   * collection. The argument is not copied, and subsequent changes to
-   * the collection will change this class's collection.
-   *
-   * @param collection The collection.
-   * @throws NullPointerException If <i>collection</i> is null.
-   */
-  public CollectionCertStoreParameters(Collection<?> collection)
-  {
-    if (collection == null)
-      throw new NullPointerException();
-    this.collection = collection;
-  }
-
-  // Instance methods.
-  // ------------------------------------------------------------------------
-
-  public Object clone()
-  {
-    return new CollectionCertStoreParameters(new ArrayList(collection));
-  }
-
-  /**
-   * Return the underlying collection. The collection is not copied
-   * before being returned, so callers may update the collection that is
-   * returned.
-   *
-   * @return The collection.
-   */
-  public Collection<?> getCollection()
-  {
-    return collection;
-  }
-
-  /**
-   * Return a string representation of these parameters.
-   *
-   * @return The string representation of these parameters.
-   */
-  public String toString()
-  {
-    return "CollectionCertStoreParameters: [ collection: "
-      + collection + " ]";
-  }
-}
diff --git a/libjava/classpath/java/security/cert/LDAPCertStoreParameters.java b/libjava/classpath/java/security/cert/LDAPCertStoreParameters.java
deleted file mode 100644
index f2dff76..0000000
--- a/libjava/classpath/java/security/cert/LDAPCertStoreParameters.java
+++ /dev/null
@@ -1,140 +0,0 @@
-/* LDAPCertStoreParameters.java -- LDAP CertStore parameters.
-   Copyright (C) 2003 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-/**
- * Parameters for CertStores that are retrieved via the <i>lightweight
- * directory access protocol</i> (<b>LDAP</b>).
- *
- * @see CertStore
- */
-public class LDAPCertStoreParameters implements CertStoreParameters
-{
-
-  // Constants and fields.
-  // ------------------------------------------------------------------------
-
-  /** The default LDAP port. */
-  private static final int LDAP_PORT = 389;
-
-  /** The server name. */
-  private final String serverName;
-
-  /** The LDAP port. */
-  private final int port;
-
-  // Constructors.
-  // ------------------------------------------------------------------------
-
-  /**
-   * Create a new LDAPCertStoreParameters object, with a servername of
-   * "localhost" and a port of 389.
-   */
-  public LDAPCertStoreParameters()
-  {
-    this("localhost", LDAP_PORT);
-  }
-
-  /**
-   * Create a new LDAPCertStoreParameters object, with a specified
-   * server name and a port of 389.
-   *
-   * @param serverName The LDAP server name.
-   * @throws NullPointerException If <i>serverName</i> is null.
-   */
-  public LDAPCertStoreParameters(String serverName)
-  {
-    this(serverName, LDAP_PORT);
-  }
-
-  /**
-   * Create a new LDAPCertStoreParameters object, with a specified
-   * server name and port.
-   *
-   * @param serverName The LDAP server name.
-   * @param port       The LDAP port.
-   * @throws NullPointerException If <i>serverName</i> is null.
-   */
-  public LDAPCertStoreParameters(String serverName, int port)
-  {
-    if (serverName == null)
-      throw new NullPointerException();
-    this.serverName = serverName;
-    this.port = port;
-  }
-
-  // Instance methods.
-  // ------------------------------------------------------------------------
-
-  public Object clone()
-  {
-    return new LDAPCertStoreParameters(serverName, port);
-  }
-
-  /**
-   * Return the server name.
-   *
-   * @return The server name.
-   */
-  public String getServerName()
-  {
-    return serverName;
-  }
-
-  /**
-   * Return the port.
-   *
-   * @return the port.
-   */
-  public int getPort()
-  {
-    return port;
-  }
-
-  /**
-   * Return a string representation of these parameters.
-   *
-   * @return The string representation of these parameters.
-   */
-  public String toString()
-  {
-    return "LDAPCertStoreParameters: [ serverName: " + serverName
-      + "; port: " + port + " ]";
-  }
-}
diff --git a/libjava/classpath/java/security/cert/PKIXBuilderParameters.java b/libjava/classpath/java/security/cert/PKIXBuilderParameters.java
deleted file mode 100644
index 3a29b52..0000000
--- a/libjava/classpath/java/security/cert/PKIXBuilderParameters.java
+++ /dev/null
@@ -1,149 +0,0 @@
-/* PKIXBuilderParameters.java -- parameters for PKIX cert path builders
-   Copyright (C) 2003 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-import gnu.java.lang.CPStringBuilder;
-
-import java.security.InvalidAlgorithmParameterException;
-import java.security.KeyStore;
-import java.security.KeyStoreException;
-
-import java.util.Set;
-
-/**
- * Parameters for building certificate paths using the PKIX algorithm.
- *
- * @see CertPathBuilder
- * @since 1.4
- */
-public class PKIXBuilderParameters extends PKIXParameters
-{
-
-  // Fields.
-  // ------------------------------------------------------------------------
-
-  /** The maximum path length. */
-  private int maxPathLength;
-
-  // Constructors.
-  // ------------------------------------------------------------------------
-
-  /**
-   * Create a new PKIXBuilderParameters object, populating the trusted
-   * certificates set with all X.509 certificates found in the given key
-   * store. All certificates found in the key store are assumed to be
-   * trusted by this constructor.
-   *
-   * @param keystore The key store.
-   * @param targetConstraints The target certificate constraints.
-   * @throws KeyStoreException If the certificates cannot be retrieved
-   *         from the key store.
-   * @throws InvalidAlgorithmParameterException If there are no
-   *         certificates in the key store.
-   * @throws NullPointerException If <i>keystore</i> is null.
-   */
-  public PKIXBuilderParameters(KeyStore keystore,
-                               CertSelector targetConstraints)
-    throws KeyStoreException, InvalidAlgorithmParameterException
-  {
-    super(keystore);
-    setTargetCertConstraints(targetConstraints);
-    maxPathLength = 5;
-  }
-
-  /**
-   * Create a new PKIXBuilderParameters object, populating the trusted
-   * certificates set with the elements of the given set, each of which
-   * must be a {@link TrustAnchor}.
-   *
-   * @param trustAnchors The set of trust anchors.
-   * @param targetConstraints The target certificate constraints.
-   * @throws InvalidAlgorithmParameterException If there are no
-   *         certificates in the set.
-   * @throws NullPointerException If <i>trustAnchors</i> is null.
-   * @throws ClassCastException If every element in <i>trustAnchors</i>
-   *         is not a {@link TrustAnchor}.
-   */
-  public PKIXBuilderParameters(Set<TrustAnchor> trustAnchors,
-                               CertSelector targetConstraints)
-    throws InvalidAlgorithmParameterException
-  {
-    super(trustAnchors);
-    setTargetCertConstraints(targetConstraints);
-    maxPathLength = 5;
-  }
-
-  // Instance methods.
-  // ------------------------------------------------------------------------
-
-  /**
-   * Returns the maximum length of certificate paths to build.
-   *
-   * <p>If this value is 0 it is taken to mean that the certificate path
-   * should contain only one certificate. A value of -1 means that the
-   * certificate path length is unconstrained. The default value is 5.
-   *
-   * @return The maximum path length.
-   */
-  public int getMaxPathLength()
-  {
-    return maxPathLength;
-  }
-
-  /**
-   * Sets the maximum length of certificate paths to build.
-   *
-   * @param maxPathLength The new path length.
-   * @throws IllegalArgumentException If <i>maxPathLength</i> is less
-   *         than -1.
-   */
-  public void setMaxPathLength(int maxPathLength)
-  {
-    if (maxPathLength < -1)
-      throw new IllegalArgumentException();
-    this.maxPathLength = maxPathLength;
-  }
-
-  public String toString()
-  {
-    CPStringBuilder buf = new CPStringBuilder(super.toString());
-    buf.insert(buf.length() - 2, "; Max Path Length=" + maxPathLength);
-    return buf.toString();
-  }
-}
diff --git a/libjava/classpath/java/security/cert/PKIXCertPathBuilderResult.java b/libjava/classpath/java/security/cert/PKIXCertPathBuilderResult.java
deleted file mode 100644
index 52984b5..0000000
--- a/libjava/classpath/java/security/cert/PKIXCertPathBuilderResult.java
+++ /dev/null
@@ -1,104 +0,0 @@
-/* PKIXCertPathBuilderResult.java -- PKIX cert path bulider result
-   Copyright (C) 2003 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-import gnu.java.lang.CPStringBuilder;
-
-/**
- * The result of calling the {@link
- * CertPathBuilder#build(java.security.cert.CertPathParameters)} method
- * of PKIX {@link CertPathBuilder}s.
- *
- * @see CertPathBuilder
- * @see CertPathBuilderResult
- */
-public class PKIXCertPathBuilderResult extends PKIXCertPathValidatorResult
-  implements CertPathBuilderResult
-{
-
-  // Fields.
-  // ------------------------------------------------------------------------
-
-  /** The certificate path. */
-  private CertPath certPath;
-
-  // Constructor.
-  // ------------------------------------------------------------------------
-
-  /**
-   * Creates a new PKIXCertPathBuilderResult.
-   *
-   * @param certPath         The certificate path.
-   * @param trustAnchor      The trust anchor.
-   * @param policyTree       The root node of the policy tree.
-   * @param subjectPublicKey The public key.
-   * @throws NullPointerException If <i>certPath</i>, <i>trustAnchor</i> or
-   *         <i>subjectPublicKey</i> is null.
-   */
-  public PKIXCertPathBuilderResult(CertPath certPath,
-                                   TrustAnchor trustAnchor,
-                                   PolicyNode policyTree,
-                                   java.security.PublicKey subjectPublicKey)
-  {
-    super(trustAnchor, policyTree, subjectPublicKey);
-    if (certPath == null)
-      throw new NullPointerException();
-    this.certPath = certPath;
-  }
-
-  // Instance methods.
-  // ------------------------------------------------------------------------
-
-  /**
-   * Returns the certificate path that was built.
-   *
-   * @return The certificate path that was built.
-   */
-  public CertPath getCertPath()
-  {
-    return certPath;
-  }
-
-  public String toString()
-  {
-    CPStringBuilder buf = new CPStringBuilder(super.toString());
-    buf.insert(buf.length() - 2, "; CertPath=" + certPath);
-    return buf.toString();
-  }
-}
diff --git a/libjava/classpath/java/security/cert/PKIXCertPathChecker.java b/libjava/classpath/java/security/cert/PKIXCertPathChecker.java
deleted file mode 100644
index 0bedf40..0000000
--- a/libjava/classpath/java/security/cert/PKIXCertPathChecker.java
+++ /dev/null
@@ -1,134 +0,0 @@
-/* PKIXCertPathChecker.java -- checks X.509 certificate paths.
-   Copyright (C) 2003 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-import java.util.Collection;
-import java.util.Set;
-
-/**
- * A validator for X.509 certificates when approving certificate chains.
- *
- * <p>Concrete subclasses can be passed to the {@link
- * PKIXParameters#setCertPathCheckers(java.util.List)} and {@link
- * PKIXParameters#addCertPathChecker(java.security.cert.PKIXCertPathChecker)}
- * methods, which are then used to set up PKIX certificate chain
- * builders or validators. These classes then call the {@link
- * #check(java.security.cert.Certificate,java.util.Collection)} method
- * of this class, performing whatever checks on the certificate,
- * throwing an exception if any check fails.
- *
- * <p>Subclasses of this must be able to perform their checks in the
- * backward direction -- from the most-trusted certificate to the target
- * -- and may optionally support forward checking -- from the target to
- * the most-trusted certificate.
- *
- * @see PKIXParameters
- * @since 1.4
- */
-public abstract class PKIXCertPathChecker implements Cloneable
-{
-
-  // Constructor.
-  // ------------------------------------------------------------------------
-
-  /** Default constructor. */
-  protected PKIXCertPathChecker()
-  {
-    super();
-  }
-
-  // Cloneable interface.
-  // ------------------------------------------------------------------------
-
-  public Object clone()
-  {
-    try
-      {
-        return super.clone();
-      }
-    catch (CloneNotSupportedException cnse)
-      {
-        throw new InternalError(cnse.getMessage());
-      }
-  }
-
-  // Abstract methods.
-  // ------------------------------------------------------------------------
-
-  /**
-   * Initialize this PKIXCertPathChecker. If subclasses support forward
-   * checking, a value of true can be passed to this method, and
-   * certificates can be validated from the target certificate to the
-   * most-trusted certifcate.
-   *
-   * @param forward The direction of this PKIXCertPathChecker.
-   * @throws CertPathValidatorException If <i>forward</i> is true and
-   *         this class does not support forward checking.
-   */
-  public abstract void init(boolean forward) throws CertPathValidatorException;
-
-  /**
-   * Returns whether or not this class supports forward checking.
-   *
-   * @return Whether or not this class supports forward checking.
-   */
-  public abstract boolean isForwardCheckingSupported();
-
-  /**
-   * Returns an immutable set of X.509 extension object identifiers (OIDs)
-   * supported by this PKIXCertPathChecker.
-   *
-   * @return An immutable set of Strings of the supported X.509 OIDs, or
-   *         null if no extensions are supported.
-   */
-  public abstract Set<String> getSupportedExtensions();
-
-  /**
-   * Checks a certificate, removing any critical extensions that are
-   * resolved in this check.
-   *
-   * @param cert               The certificate to check.
-   * @param unresolvedCritExts The (mutable) collection of as-of-yet
-   *        unresolved critical extensions, as OID strings.
-   * @throws CertPathValidatorException If this certificate fails this
-   *         check.
-   */
-  public abstract void check(Certificate cert, Collection<String> unresolvedCritExts)
-  throws CertPathValidatorException;
-}
diff --git a/libjava/classpath/java/security/cert/PKIXCertPathValidatorResult.java b/libjava/classpath/java/security/cert/PKIXCertPathValidatorResult.java
deleted file mode 100644
index 17b5c86..0000000
--- a/libjava/classpath/java/security/cert/PKIXCertPathValidatorResult.java
+++ /dev/null
@@ -1,142 +0,0 @@
-/* PKIXCertPathValidatorResult.java -- PKIX cert path builder result
-   Copyright (C) 2003 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-import java.security.PublicKey;
-
-/**
- * Results returned by the {@link
- * CertPathValidator#validate(java.security.cert.CertPath,java.security.cert.CertPathParameters)}
- * method for PKIX {@link CertPathValidator}s.
- *
- * @see CertPathValidator
- */
-public class PKIXCertPathValidatorResult implements CertPathValidatorResult
-{
-
-  // Fields.
-  // ------------------------------------------------------------------------
-
-  /** The trust anchor. */
-  private final TrustAnchor trustAnchor;
-
-  /** The root node of the policy tree. */
-  private final PolicyNode policyTree;
-
-  /** The subject's public key. */
-  private final PublicKey subjectPublicKey;
-
-  // Constructor.
-  // ------------------------------------------------------------------------
-
-  /**
-   * Creates a new PKIXCertPathValidatorResult.
-   *
-   * @param trustAnchor      The trust anchor.
-   * @param policyTree       The root node of the policy tree.
-   * @param subjectPublicKey The public key.
-   * @throws NullPointerException If either <i>trustAnchor</i> or
-   *         <i>subjectPublicKey</i> is null.
-   */
-  public PKIXCertPathValidatorResult(TrustAnchor trustAnchor,
-                                     PolicyNode policyTree,
-                                     PublicKey subjectPublicKey)
-  {
-    if (trustAnchor == null || subjectPublicKey == null)
-      throw new NullPointerException();
-    this.trustAnchor = trustAnchor;
-    this.policyTree = policyTree;
-    this.subjectPublicKey = subjectPublicKey;
-  }
-
-  // Instance methods.
-  // ------------------------------------------------------------------------
-
-  /**
-   * Returns the trust anchor.
-   *
-   * @return The trust anchor.
-   */
-  public TrustAnchor getTrustAnchor()
-  {
-    return trustAnchor;
-  }
-
-  /**
-   * Returns the root node of the policy tree.
-   *
-   * @return The root node of the policy tree.
-   */
-  public PolicyNode getPolicyTree()
-  {
-    return policyTree;
-  }
-
-  /**
-   * Returns the subject public key.
-   *
-   * @return The subject public key.
-   */
-  public PublicKey getPublicKey()
-  {
-    return subjectPublicKey;
-  }
-
-  /**
-   * Returns a copy of this object.
-   *
-   * @return The copy.
-   */
-  public Object clone()
-  {
-    return new PKIXCertPathValidatorResult(trustAnchor, policyTree,
-                                           subjectPublicKey);
-  }
-
-  /**
-   * Returns a printable string representation of this result.
-   *
-   * @return A printable string representation of this result.
-   */
-  public String toString()
-  {
-    return "[ Trust Anchor=" + trustAnchor + "; Policy Tree="
-      + policyTree + "; Subject Public Key=" + subjectPublicKey + " ]";
-  }
-}
diff --git a/libjava/classpath/java/security/cert/PKIXParameters.java b/libjava/classpath/java/security/cert/PKIXParameters.java
deleted file mode 100644
index bbb7557..0000000
--- a/libjava/classpath/java/security/cert/PKIXParameters.java
+++ /dev/null
@@ -1,547 +0,0 @@
-/* PKIXParameters.java -- parameters for the PKIX cert path algorithm
-   Copyright (C) 2003 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-import java.security.InvalidAlgorithmParameterException;
-import java.security.KeyStore;
-import java.security.KeyStoreException;
-
-import java.util.Collections;
-import java.util.Date;
-import java.util.Enumeration;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.Set;
-
-/**
- * Parameters for verifying certificate paths using the PKIX
- * (Public-Key Infrastructure (X.509)) algorithm.
- *
- * @see CertPathBuilder
- * @since 1.4
- */
-public class PKIXParameters implements CertPathParameters
-{
-
-  // Fields.
-  // ------------------------------------------------------------------------
-
-  /** The trusted certificates. */
-  private final Set trustAnchors;
-
-  /** The set of initial policy identifiers. */
-  private final Set initPolicies;
-
-  /** The list of certificate stores. */
-  private final List certStores;
-
-  /** The list of path checkers. */
-  private final List pathCheckers;
-
-  /** The revocation enabled flag. */
-  private boolean revocationEnabled;
-
-  /** The explicit policy required flag. */
-  private boolean exPolicyRequired;
-
-  /** The policy mapping inhibited flag. */
-  private boolean policyMappingInhibited;
-
-  /** The any policy inhibited flag. */
-  private boolean anyPolicyInhibited;
-
-  /** The policy qualifiers rejected flag. */
-  private boolean policyQualRejected;
-
-  /** The target validation date. */
-  private Date date;
-
-  /** The signature algorithm provider. */
-  private String sigProvider;
-
-  /** The target constraints. */
-  private CertSelector targetConstraints;
-
-  // Constructors.
-  // ------------------------------------------------------------------------
-
-  /**
-   * Create a new PKIXParameters object, populating the trusted
-   * certificates set with all certificates found in the given key
-   * store. All certificates found in the key store are assumed to be
-   * trusted by this constructor.
-   *
-   * @param keystore The key store.
-   * @throws KeyStoreException If the certificates cannot be retrieved
-   *         from the key store.
-   * @throws InvalidAlgorithmParameterException If there are no
-   *         certificates in the key store.
-   * @throws NullPointerException If <i>keystore</i> is null.
-   */
-  public PKIXParameters(KeyStore keystore)
-    throws KeyStoreException, InvalidAlgorithmParameterException
-  {
-    this();
-    for (Enumeration e = keystore.aliases(); e.hasMoreElements(); )
-      {
-        String alias = (String) e.nextElement();
-        if (!keystore.isCertificateEntry(alias))
-          continue;
-        Certificate cert = keystore.getCertificate(alias);
-        if (cert instanceof X509Certificate)
-          trustAnchors.add(new TrustAnchor((X509Certificate) cert, null));
-      }
-    if (trustAnchors.isEmpty())
-      throw new InvalidAlgorithmParameterException("no certs in the key store");
-  }
-
-  /**
-   * Create a new PKIXParameters object, populating the trusted
-   * certificates set with the elements of the given set, each of which
-   * must be a {@link TrustAnchor}.
-   *
-   * @param trustAnchors The set of trust anchors.
-   * @throws InvalidAlgorithmParameterException If there are no
-   *         certificates in the set.
-   * @throws NullPointerException If <i>trustAnchors</i> is null.
-   * @throws ClassCastException If every element in <i>trustAnchors</i>
-   *         is not a {@link TrustAnchor}.
-   */
-  public PKIXParameters(Set<TrustAnchor> trustAnchors)
-    throws InvalidAlgorithmParameterException
-  {
-    this();
-    setTrustAnchors(trustAnchors);
-  }
-
-  /**
-   * Default constructor.
-   */
-  private PKIXParameters()
-  {
-    trustAnchors = new HashSet();
-    initPolicies = new HashSet();
-    certStores = new LinkedList();
-    pathCheckers = new LinkedList();
-    revocationEnabled = true;
-    exPolicyRequired = false;
-    policyMappingInhibited = false;
-    anyPolicyInhibited = false;
-    policyQualRejected = true;
-  }
-
-  /**
-   * Copying constructor for cloning.
-   *
-   * @param that The instance being cloned.
-   */
-  private PKIXParameters(PKIXParameters that)
-  {
-    this();
-    this.trustAnchors.addAll(that.trustAnchors);
-    this.initPolicies.addAll(that.initPolicies);
-    this.certStores.addAll(that.certStores);
-    this.pathCheckers.addAll(that.pathCheckers);
-    this.revocationEnabled = that.revocationEnabled;
-    this.exPolicyRequired = that.exPolicyRequired;
-    this.policyMappingInhibited = that.policyMappingInhibited;
-    this.anyPolicyInhibited = that.anyPolicyInhibited;
-    this.policyQualRejected = that.policyQualRejected;
-    this.date = that.date;
-    this.sigProvider = that.sigProvider;
-    this.targetConstraints = that.targetConstraints != null
-      ? (CertSelector) that.targetConstraints.clone() : null;
-  }
-
-  // Instance methods.
-  // ------------------------------------------------------------------------
-
-  /**
-   * Returns an immutable set of trust anchors. The set returned will
-   * never be null and will never be empty.
-   *
-   * @return A (never null, never empty) immutable set of trust anchors.
-   */
-  public Set<TrustAnchor> getTrustAnchors()
-  {
-    return Collections.unmodifiableSet(trustAnchors);
-  }
-
-  /**
-   * Sets the trust anchors of this class, replacing the current trust
-   * anchors with those in the given set. The supplied set is copied to
-   * prevent modification.
-   *
-   * @param trustAnchors The new set of trust anchors.
-   * @throws InvalidAlgorithmParameterException If there are no
-   *         certificates in the set.
-   * @throws NullPointerException If <i>trustAnchors</i> is null.
-   * @throws ClassCastException If every element in <i>trustAnchors</i>
-   *         is not a {@link TrustAnchor}.
-   */
-  public void setTrustAnchors(Set<TrustAnchor> trustAnchors)
-    throws InvalidAlgorithmParameterException
-  {
-    if (trustAnchors.isEmpty())
-      throw new InvalidAlgorithmParameterException("no trust anchors");
-    this.trustAnchors.clear();
-    for (Iterator i = trustAnchors.iterator(); i.hasNext(); )
-      {
-        this.trustAnchors.add((TrustAnchor) i.next());
-      }
-  }
-
-  /**
-   * Returns the set of initial policy identifiers (as OID strings). If
-   * any policy is accepted, this method returns the empty set.
-   *
-   * @return An immutable set of initial policy OID strings, or the
-   *         empty set if any policy is acceptable.
-   */
-  public Set<String> getInitialPolicies()
-  {
-    return Collections.unmodifiableSet(initPolicies);
-  }
-
-  /**
-   * Sets the initial policy identifiers (as OID strings). If the
-   * argument is null or the empty set, then any policy identifier will
-   * be accepted.
-   *
-   * @param initPolicies The new set of policy strings, or null.
-   * @throws ClassCastException If any element in <i>initPolicies</i> is
-   *         not a string.
-   */
-  public void setInitialPolicies(Set<String> initPolicies)
-  {
-    this.initPolicies.clear();
-    if (initPolicies == null)
-      return;
-    for (Iterator i = initPolicies.iterator(); i.hasNext(); )
-      {
-        this.initPolicies.add((String) i.next());
-      }
-  }
-
-  /**
-   * Add a {@link CertStore} to the list of cert stores.
-   *
-   * @param store The CertStore to add.
-   */
-  public void addCertStore(CertStore store)
-  {
-    if (store != null)
-      certStores.add(store);
-  }
-
-  /**
-   * Returns an immutable list of cert stores. This method never returns
-   * null.
-   *
-   * @return The list of cert stores.
-   */
-  public List<CertStore> getCertStores()
-  {
-    return Collections.unmodifiableList(certStores);
-  }
-
-  /**
-   * Set the cert stores. If the argument is null the list of cert
-   * stores will be empty.
-   *
-   * @param certStores The cert stores.
-   */
-  public void setCertStores(List<CertStore> certStores)
-  {
-    this.certStores.clear();
-    if (certStores == null)
-      return;
-    for (Iterator i = certStores.iterator(); i.hasNext(); )
-      {
-        this.certStores.add((CertStore) i.next());
-      }
-  }
-
-  /**
-   * Returns the value of the <i>revocation enabled</i> flag. The default
-   * value for this flag is <code>true</code>.
-   *
-   * @return The <i>revocation enabled</i> flag.
-   */
-  public boolean isRevocationEnabled()
-  {
-    return revocationEnabled;
-  }
-
-  /**
-   * Sets the value of the <i>revocation enabled</i> flag.
-   *
-   * @param value The new value.
-   */
-  public void setRevocationEnabled(boolean value)
-  {
-    revocationEnabled = value;
-  }
-
-  /**
-   * Returns the value of the <i>explicit policy required</i> flag. The
-   * default value of this flag is <code>false</code>.
-   *
-   * @return The <i>explicit policy required</i> flag.
-   */
-  public boolean isExplicitPolicyRequired()
-  {
-    return exPolicyRequired;
-  }
-
-  /**
-   * Sets the value of the <i>explicit policy required</i> flag.
-   *
-   * @param value The new value.
-   */
-  public void setExplicitPolicyRequired(boolean value)
-  {
-    exPolicyRequired = value;
-  }
-
-  /**
-   * Returns the value of the <i>policy mapping inhibited</i> flag. The
-   * default value of this flag is <code>false</code>.
-   *
-   * @return The <i>policy mapping inhibited</i> flag.
-   */
-  public boolean isPolicyMappingInhibited()
-  {
-    return policyMappingInhibited;
-  }
-
-  /**
-   * Sets the value of the <i>policy mapping inhibited</i> flag.
-   *
-   * @param value The new value.
-   */
-  public void setPolicyMappingInhibited(boolean value)
-  {
-    policyMappingInhibited = value;
-  }
-
-  /**
-   * Returns the value of the <i>any policy inhibited</i> flag. The
-   * default value of this flag is <code>false</code>.
-   *
-   * @return The <i>any policy inhibited</i> flag.
-   */
-  public boolean isAnyPolicyInhibited()
-  {
-    return anyPolicyInhibited;
-  }
-
-  /**
-   * Sets the value of the <i>any policy inhibited</i> flag.
-   *
-   * @param value The new value.
-   */
-  public void setAnyPolicyInhibited(boolean value)
-  {
-    anyPolicyInhibited = value;
-  }
-
-  /**
-   * Returns the value of the <i>policy qualifiers enabled</i> flag. The
-   * default value of this flag is <code>true</code>.
-   *
-   * @return The <i>policy qualifiers enabled</i> flag.
-   */
-  public boolean getPolicyQualifiersRejected()
-  {
-    return policyQualRejected;
-  }
-
-  /**
-   * Sets the value of the <i>policy qualifiers enabled</i> flag.
-   *
-   * @param value The new value.
-   */
-  public void setPolicyQualifiersRejected(boolean value)
-  {
-    policyQualRejected = value;
-  }
-
-  /**
-   * Returns the date for which the certificate path should be
-   * validated, or null if the current time should be used. The date
-   * object is copied to prevent subsequent modification.
-   *
-   * @return The date, or null if not set.
-   */
-  public Date getDate()
-  {
-    return date != null ? (Date) date.clone() : null;
-  }
-
-  /**
-   * Sets the date for which the certificate path should be validated,
-   * or null if the current time should be used.
-   *
-   * @param date The new date, or null.
-   */
-  public void setDate(Date date)
-  {
-    if (date != null)
-      this.date = (Date) date.clone();
-    else
-      this.date = null;
-  }
-
-  /**
-   * Add a certificate path checker.
-   *
-   * @param checker The certificate path checker to add.
-   */
-  public void addCertPathChecker(PKIXCertPathChecker checker)
-  {
-    if (checker != null)
-      pathCheckers.add(checker);
-  }
-
-  /**
-   * Returns an immutable list of all certificate path checkers.
-   *
-   * @return An immutable list of all certificate path checkers.
-   */
-  public List<PKIXCertPathChecker> getCertPathCheckers()
-  {
-    return Collections.unmodifiableList(pathCheckers);
-  }
-
-  /**
-   * Sets the certificate path checkers. If the argument is null, the
-   * list of checkers will merely be cleared.
-   *
-   * @param pathCheckers The new list of certificate path checkers.
-   * @throws ClassCastException If any element of <i>pathCheckers</i> is
-   *         not a {@link PKIXCertPathChecker}.
-   */
-  public void setCertPathCheckers(List<PKIXCertPathChecker> pathCheckers)
-  {
-    this.pathCheckers.clear();
-    if (pathCheckers == null)
-      return;
-    for (Iterator i = pathCheckers.iterator(); i.hasNext(); )
-      {
-        this.pathCheckers.add((PKIXCertPathChecker) i.next());
-      }
-  }
-
-  /**
-   * Returns the signature algorithm provider, or null if not set.
-   *
-   * @return The signature algorithm provider, or null if not set.
-   */
-  public String getSigProvider()
-  {
-    return sigProvider;
-  }
-
-  /**
-   * Sets the signature algorithm provider, or null if there is no
-   * preferred provider.
-   *
-   * @param sigProvider The signature provider name.
-   */
-  public void setSigProvider(String sigProvider)
-  {
-    this.sigProvider = sigProvider;
-  }
-
-  /**
-   * Returns the constraints placed on the target certificate, or null
-   * if there are none. The target constraints are copied to prevent
-   * subsequent modification.
-   *
-   * @return The target constraints, or null.
-   */
-  public CertSelector getTargetCertConstraints()
-  {
-    return targetConstraints != null
-      ? (CertSelector) targetConstraints.clone() : null;
-  }
-
-  /**
-   * Sets the constraints placed on the target certificate.
-   *
-   * @param targetConstraints The target constraints.
-   */
-  public void setTargetCertConstraints(CertSelector targetConstraints)
-  {
-    this.targetConstraints = targetConstraints != null
-      ? (CertSelector) targetConstraints.clone() : null;
-  }
-
-  /**
-   * Returns a copy of these parameters.
-   *
-   * @return The copy.
-   */
-  public Object clone()
-  {
-    return new PKIXParameters(this);
-  }
-
-  /**
-   * Returns a printable representation of these parameters.
-   *
-   * @return A printable representation of these parameters.
-   */
-  public String toString() {
-    return "[ Trust Anchors: " + trustAnchors + "; Initial Policy OIDs="
-      + (initPolicies != null ? initPolicies.toString() : "any")
-      + "; Validity Date=" + date + "; Signature Provider="
-      + sigProvider + "; Default Revocation Enabled=" + revocationEnabled
-      + "; Explicit Policy Required=" + exPolicyRequired
-      + "; Policy Mapping Inhibited=" + policyMappingInhibited
-      + "; Any Policy Inhibited=" + anyPolicyInhibited
-      + "; Policy Qualifiers Rejected=" + policyQualRejected
-      + "; Target Cert Contstraints=" + targetConstraints
-      + "; Certification Path Checkers=" + pathCheckers
-      + "; CertStores=" + certStores + " ]";
-  }
-}
diff --git a/libjava/classpath/java/security/cert/PolicyNode.java b/libjava/classpath/java/security/cert/PolicyNode.java
deleted file mode 100644
index 5da78c1..0000000
--- a/libjava/classpath/java/security/cert/PolicyNode.java
+++ /dev/null
@@ -1,108 +0,0 @@
-/* PolicyNode.java -- a single node in a policy tree
-   Copyright (C) 2003 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-import java.util.Iterator;
-import java.util.Set;
-
-/**
- * @since 1.4
- */
-public interface PolicyNode
-{
-
-  /**
-   * Get the iterator of the child nodes of this node. The returned
-   * iterator is (naturally) unmodifiable.
-   *
-   * @return An iterator over the child nodes.
-   */
-  Iterator<? extends PolicyNode> getChildren();
-
-  /**
-   * Get the depth of this node within the tree, starting at 0 for the
-   * root node.
-   *
-   * @return The depth of this node.
-   */
-  int getDepth();
-
-  /**
-   * Returns a set of policies (string OIDs) that will satisfy this
-   * node's policy. The root node should always return the singleton set
-   * with the element "any-policy".
-   *
-   * @return The set of expected policies.
-   */
-  Set<String> getExpectedPolicies();
-
-  /**
-   * Returns the parent node of this node, or null if this is the root
-   * node.
-   *
-   * @return The parent node, or null.
-   */
-  PolicyNode getParent();
-
-  /**
-   * Returns a set of {@link PolicyQualifierInfo} objects that qualify
-   * the valid policy of this node. The root node should always return
-   * the empty set.
-   *
-   * @return The set of {@link PolicyQualifierInfo} objects.
-   */
-  Set<? extends PolicyQualifierInfo> getPolicyQualifiers();
-
-  /**
-   * Get the policy OID this node represents. The root node should return
-   * the special value "any-policy".
-   *
-   * @return The policy of this node.
-   */
-  String getValidPolicy();
-
-  /**
-   * Return the criticality flag of this policy node. Nodes who return
-   * true for this method should be considered critical. The root node
-   * is never critical.
-   *
-   * @return The criticality flag.
-   */
-  boolean isCritical();
-}
diff --git a/libjava/classpath/java/security/cert/PolicyQualifierInfo.java b/libjava/classpath/java/security/cert/PolicyQualifierInfo.java
deleted file mode 100644
index b53faa9..0000000
--- a/libjava/classpath/java/security/cert/PolicyQualifierInfo.java
+++ /dev/null
@@ -1,169 +0,0 @@
-/* PolicyQualifierInfo.java -- policy qualifier info object.
-   Copyright (C) 2003, 2004  Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-import gnu.java.io.ASN1ParsingException;
-import gnu.java.security.OID;
-import gnu.java.security.der.DERReader;
-import gnu.java.security.der.DERValue;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-
-/**
- * The PolicyQualifierInfo X.509 certificate extension.
- * PolicyQualifierInfo objects are represented by the ASN.1 structure:
- *
- * <pre>
- * PolicyQualifierInfo ::= SEQUENCE {
- *    policyQualifierId   PolicyQualifierId,
- *    qualifier           ANY DEFINED BY policyQualifierId
- * }
- *
- * PolicyQualifierId ::= OBJECT IDENTIFIER
- * </pre>
- *
- * @since 1.4
- * @specnote this class was final in 1.4, but beginning with 1.5 is not
- */
-public class PolicyQualifierInfo
-{
-
-  // Fields.
-  // ------------------------------------------------------------------------
-
-  /** The <code>policyQualifierId</code> field. */
-  private OID oid;
-
-  /** The DER encoded form of this object. */
-  private byte[] encoded;
-
-  /** The DER encoded form of the <code>qualifier</code> field. */
-  private DERValue qualifier;
-
-  // Constructor.
-  // ------------------------------------------------------------------------
-
-  /**
-   * Create a new PolicyQualifierInfo object from the DER encoded form
-   * passed in the byte array. The argument is copied.
-   *
-   * <p>The ASN.1 form of PolicyQualifierInfo is:
-<pre>
-PolicyQualifierInfo ::= SEQUENCE {
-   policyQualifierId     PolicyQualifierId,
-   qualifier             ANY DEFINED BY policyQualifierId
-}
-
-PolicyQualifierId ::= OBJECT IDENTIFIER
-</pre>
-   *
-   * @param encoded The DER encoded form.
-   * @throws IOException If the structure cannot be parsed from the
-   *         encoded bytes.
-   */
-  public PolicyQualifierInfo(byte[] encoded) throws IOException
-  {
-    if (encoded == null)
-      throw new IOException("null bytes");
-    this.encoded = (byte[]) encoded.clone();
-    DERReader in = new DERReader(new ByteArrayInputStream(this.encoded));
-    DERValue qualInfo = in.read();
-    if (!qualInfo.isConstructed())
-      throw new ASN1ParsingException("malformed PolicyQualifierInfo");
-    DERValue val = in.read();
-    if (!(val.getValue() instanceof OID))
-      throw new ASN1ParsingException("value read not an OBJECT IDENTIFIER");
-    oid = (OID) val.getValue();
-    if (val.getEncodedLength() < val.getLength())
-      qualifier = in.read();
-  }
-
-  // Instance methods.
-  // ------------------------------------------------------------------------
-
-  /**
-   * Returns the <code>policyQualifierId</code> field of this structure,
-   * as a dotted-decimal representation of the object identifier.
-   *
-   * @return This structure's OID field.
-   */
-  public final String getPolicyQualifierId()
-  {
-    return oid.toString();
-  }
-
-  /**
-   * Returns the DER encoded form of this object; the contents of the
-   * returned byte array are equivalent to those that were passed to the
-   * constructor. The byte array is cloned every time this method is
-   * called.
-   *
-   * @return The encoded form.
-   */
-  public final byte[] getEncoded()
-  {
-    return (byte[]) encoded.clone();
-  }
-
-  /**
-   * Get the <code>qualifier</code> field of this object, as a DER
-   * encoded byte array. The byte array returned is cloned every time
-   * this method is called.
-   *
-   * @return The encoded qualifier.
-   */
-  public final byte[] getPolicyQualifier()
-  {
-    if (qualifier == null)
-      return new byte[0];
-    return qualifier.getEncoded();
-  }
-
-  /**
-   * Returns a printable string representation of this object.
-   *
-   * @return The string representation.
-   */
-  public String toString()
-  {
-    return "PolicyQualifierInfo { policyQualifierId ::= " + oid
-      + ", qualifier ::= " + qualifier + " }";
-  }
-}
diff --git a/libjava/classpath/java/security/cert/TrustAnchor.java b/libjava/classpath/java/security/cert/TrustAnchor.java
deleted file mode 100644
index 2110ed5..0000000
--- a/libjava/classpath/java/security/cert/TrustAnchor.java
+++ /dev/null
@@ -1,185 +0,0 @@
-/* TrustAnchor.java -- an ultimately-trusted certificate.
-   Copyright (C) 2003, 2004  Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-import gnu.java.security.x509.X500DistinguishedName;
-
-import java.security.PublicKey;
-
-/**
- * An ultimately-trusted certificate to serve as the root of a
- * certificate chain.
- *
- * @author Casey Marshall (rsdio@metastatic.org)
- */
-public class TrustAnchor
-{
-
-  // Fields.
-  // ------------------------------------------------------------------------
-
-  /** The certificate authority's distinguished name. */
-  private final X500DistinguishedName caName;
-
-  /** The certficate authority's public key. */
-  private final PublicKey caKey;
-
-  /** The certficate authority's certificate. */
-  private final X509Certificate trustedCert;
-
-  /** The encoded name constraints bytes. */
-  private final byte[] nameConstraints;
-
-  // Constnuctors.
-  // ------------------------------------------------------------------------
-
-  /**
-   * Create a new trust anchor from a certificate and (optional) name
-   * constraints.
-   *
-   * <p>If the <i>nameConstraints</i> argument in non-null, it will be
-   * copied to prevent modification.
-   *
-   * @param trustedCert The trusted certificate.
-   * @param nameConstraints The encoded nameConstraints.
-   */
-  public TrustAnchor(X509Certificate trustedCert, byte[] nameConstraints)
-  {
-    if (trustedCert == null)
-      throw new NullPointerException();
-    this.trustedCert = trustedCert;
-    caName = null;
-    caKey = null;
-    if (nameConstraints != null)
-      this.nameConstraints = (byte[]) nameConstraints.clone();
-    else
-      this.nameConstraints = null;
-  }
-
-  /**
-   * Create a new trust anchor from a certificate authority's
-   * distinguished name, public key, and (optional) name constraints.
-   *
-   * <p>If the <i>nameConstraints</i> argument in non-null, it will be
-   * copied to prevent modification.
-   *
-   * @params caName The CA's distinguished name.
-   * @params caKey The CA's public key.
-   * @params nameConstraints The encoded nameConstraints.
-   */
-  public TrustAnchor(String caName, PublicKey caKey, byte[] nameConstraints)
-  {
-    if (caName == null || caKey == null)
-      throw new NullPointerException();
-    if (caName.length() == 0)
-      throw new IllegalArgumentException();
-    trustedCert = null;
-    this.caName = new X500DistinguishedName(caName);
-    this.caKey = caKey;
-    if (nameConstraints != null)
-      this.nameConstraints = (byte[]) nameConstraints.clone();
-    else
-      this.nameConstraints = null;
-  }
-
-  // Instance methods.
-  // ------------------------------------------------------------------------
-
-  /**
-   * Return the trusted certificate, or null if none was specified.
-   *
-   * @return The trusted certificate.
-   */
-  public final X509Certificate getTrustedCert()
-  {
-    return trustedCert;
-  }
-
-  /**
-   * Return the certificate authority's distinguished name, or null if
-   * none was specified.
-   *
-   * @return The CA's distinguished name.
-   */
-  public final String getCAName()
-  {
-    if (caName != null)
-      return caName.toString();
-    return null;
-  }
-
-  /**
-   * Return the certificate authority's public key, or null if none was
-   * specified.
-   *
-   * @return The CA's public key.
-   */
-  public final PublicKey getCAPublicKey()
-  {
-    return caKey;
-  }
-
-  /**
-   * Return the encoded name constraints, or null if none was specified.
-   *
-   * <p>The name constraints byte array is copied when this method is
-   * called to prevent modification.
-   *
-   * @return The encoded name constraints.
-   */
-  public final byte[] getNameConstraints()
-  {
-    if (nameConstraints == null)
-      return null;
-    return (byte[]) nameConstraints.clone();
-  }
-
-  /**
-   * Return a printable representation of this trust anchor.
-   *
-   * @return The printable representation.
-   */
-  public String toString()
-  {
-    if (trustedCert == null)
-      return "[ Trusted CA Public Key=" + caKey + ", Trusted CA Issuer Name="
-        + caName.toString() + " ]";
-    return "[ Trusted CA Certificate=" + trustedCert + " ]";
-  }
-}
diff --git a/libjava/classpath/java/security/cert/X509CRL.java b/libjava/classpath/java/security/cert/X509CRL.java
deleted file mode 100644
index 895ba33..0000000
--- a/libjava/classpath/java/security/cert/X509CRL.java
+++ /dev/null
@@ -1,397 +0,0 @@
-/* X509CRL.java --- X.509 Certificate Revocation List
-   Copyright (C) 1999, 2004  Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-import java.math.BigInteger;
-import java.security.InvalidKeyException;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.Principal;
-import java.security.PublicKey;
-import java.security.SignatureException;
-import java.util.Date;
-import java.util.Set;
-
-import javax.security.auth.x500.X500Principal;
-
-/**
-   The X509CRL class is the abstract class used to manage
-   X.509 Certificate Revocation Lists. The CRL is a list of
-   time stamped entries which indicate which lists have been
-   revoked. The list is signed by a Certificate Authority (CA)
-   and made publically available in a repository.
-
-   Each revoked certificate in the CRL is identified by its
-   certificate serial number. When a piece of code uses a
-   certificate, the certificates validity is checked by
-   validating its signature and determing that it is not
-   only a recently acquired CRL. The recently aquired CRL
-   is depends on the local policy in affect. The CA issues
-   a new CRL periodically and entries are removed as the
-   certificate expiration date is reached
-
-
-   A description of the X.509 v2 CRL follows below from rfc2459.
-
-   "The X.509 v2 CRL syntax is as follows.  For signature calculation,
-   the data that is to be signed is ASN.1 DER encoded.  ASN.1 DER
-   encoding is a tag, length, value encoding system for each element.
-
-           CertificateList  ::=  SEQUENCE  {
-                tbsCertList          TBSCertList,
-                signatureAlgorithm   AlgorithmIdentifier,
-                signatureValue       BIT STRING  }
-
-           TBSCertList  ::=  SEQUENCE  {
-                version                 Version OPTIONAL,
-                                     -- if present, shall be v2
-                signature               AlgorithmIdentifier,
-                issuer                  Name,
-                thisUpdate              Time,
-                nextUpdate              Time OPTIONAL,
-                revokedCertificates     SEQUENCE OF SEQUENCE  {
-                     userCertificate         CertificateSerialNumber,
-                     revocationDate          Time,
-                     crlEntryExtensions      Extensions OPTIONAL
-                                                   -- if present, shall be v2
-                                          }  OPTIONAL,
-                crlExtensions           [0]  EXPLICIT Extensions OPTIONAL
-                                                   -- if present, shall be v2
-                                          }"
-
-        @author Mark Benvenuto
-
-        @since 1.2
-*/
-public abstract class X509CRL extends CRL implements X509Extension
-{
-
-  /**
-     Constructs a new X509CRL.
-  */
-  protected X509CRL()
-  {
-    super("X.509");
-  }
-
-  /**
-     Compares this X509CRL to other. It checks if the
-     object if instanceOf X509CRL and then checks if
-     the encoded form matches.
-
-     @param other An Object to test for equality
-
-     @return true if equal, false otherwise
-  */
-  public boolean equals(Object other)
-  {
-    if( other instanceof X509CRL ) {
-      try {
-        X509CRL x = (X509CRL) other;
-        if( getEncoded().length != x.getEncoded().length )
-          return false;
-
-        byte[] b1 = getEncoded();
-        byte[] b2 = x.getEncoded();
-
-        for( int i = 0; i < b1.length; i++ )
-          if( b1[i] != b2[i] )
-            return false;
-
-      } catch( CRLException crle ) {
-        return false;
-      }
-      return true;
-    }
-    return false;
-  }
-
-  /**
-     Returns a hash code for this X509CRL in its encoded
-     form.
-
-     @return A hash code of this class
-  */
-  public int hashCode()
-  {
-    return super.hashCode();
-  }
-
-  /**
-     Gets the DER ASN.1 encoded format for this X.509 CRL.
-
-     @return byte array containg encoded form
-
-     @throws CRLException if an error occurs
-  */
-  public abstract byte[] getEncoded() throws CRLException;
-
-  /**
-     Verifies that this CRL was properly signed with the
-     PublicKey that corresponds to its private key.
-
-     @param key PublicKey to verify with
-
-     @throws CRLException encoding error
-     @throws NoSuchAlgorithmException unsupported algorithm
-     @throws InvalidKeyException incorrect key
-     @throws NoSuchProviderException no provider
-     @throws SignatureException signature error
-  */
-  public abstract void verify(PublicKey key)
-    throws CRLException,
-    NoSuchAlgorithmException,
-    InvalidKeyException,
-    NoSuchProviderException,
-    SignatureException;
-
-  /**
-     Verifies that this CRL was properly signed with the
-     PublicKey that corresponds to its private key and uses
-     the signature engine provided by the provider.
-
-     @param key PublicKey to verify with
-     @param sigProvider Provider to use for signature algorithm
-
-     @throws CRLException encoding error
-     @throws NoSuchAlgorithmException unsupported algorithm
-     @throws InvalidKeyException incorrect key
-     @throws NoSuchProviderException incorrect provider
-     @throws SignatureException signature error
-  */
-  public abstract void verify(PublicKey key,
-                              String sigProvider)
-    throws CRLException,
-    NoSuchAlgorithmException,
-    InvalidKeyException,
-    NoSuchProviderException,
-    SignatureException;
-
-  /**
-     Gets the version of this CRL.
-
-     The ASN.1 encoding is:
-
-     version                 Version OPTIONAL,
-     -- if present, shall be v2
-
-     Version  ::=  INTEGER  {  v1(0), v2(1), v3(2)  }
-
-     Consult rfc2459 for more information.
-
-     @return the version number, Ex: 1 or 2
-  */
-  public abstract int getVersion();
-
-  /**
-     Returns the issuer (issuer distinguished name) of the CRL.
-     The issuer is the entity who signed and issued the
-     Certificate Revocation List.
-
-     The ASN.1 DER encoding is:
-
-     issuer                  Name,
-
-     Name ::= CHOICE {
-     RDNSequence }
-
-     RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
-
-     RelativeDistinguishedName ::=
-     SET OF AttributeTypeAndValue
-
-     AttributeTypeAndValue ::= SEQUENCE {
-     type     AttributeType,
-     value    AttributeValue }
-
-     AttributeType ::= OBJECT IDENTIFIER
-
-     AttributeValue ::= ANY DEFINED BY AttributeType
-
-     DirectoryString ::= CHOICE {
-     teletexString           TeletexString (SIZE (1..MAX)),
-     printableString         PrintableString (SIZE (1..MAX)),
-     universalString         UniversalString (SIZE (1..MAX)),
-     utf8String              UTF8String (SIZE (1.. MAX)),
-     bmpString               BMPString (SIZE (1..MAX)) }
-
-     Consult rfc2459 for more information.
-
-     @return the issuer in the Principal class
-  */
-  public abstract Principal getIssuerDN();
-
-  /**
-     Returns the thisUpdate date of the CRL.
-
-     The ASN.1 DER encoding is:
-
-     thisUpdate              Time,
-
-     Time ::= CHOICE {
-     utcTime        UTCTime,
-     generalTime    GeneralizedTime }
-
-     Consult rfc2459 for more information.
-
-     @return the thisUpdate date
-  */
-  public abstract Date getThisUpdate();
-
-  /*
-    Gets the nextUpdate field
-
-    The ASN.1 DER encoding is:
-
-    nextUpdate              Time OPTIONAL,
-
-    Time ::= CHOICE {
-    utcTime        UTCTime,
-    generalTime    GeneralizedTime }
-
-    Consult rfc2459 for more information.
-
-    @return the nextUpdate date
-  */
-  public abstract Date getNextUpdate();
-
-  /**
-     Gets the requeste dX509Entry for the specified
-     certificate serial number.
-
-     @return a X509CRLEntry representing the X.509 CRL entry
-  */
-  public abstract X509CRLEntry getRevokedCertificate(BigInteger serialNumber);
-
-  /**
-     Returns a Set of revoked certificates.
-
-     @return a set of revoked certificates.
-  */
-  public abstract Set<? extends X509CRLEntry> getRevokedCertificates();
-
-  /**
-     Returns the DER ASN.1 encoded tbsCertList which is
-     the basic information of the list and associated certificates
-     in the encoded state. See top for more information.
-
-     The ASN.1 DER encoding is:
-
-     tbsCertList          TBSCertList,
-
-     Consult rfc2459 for more information.
-
-     @return byte array representing tbsCertList
-  */
-  public abstract byte[] getTBSCertList() throws CRLException;
-
-
-  /**
-     Returns the signature for the CRL.
-
-     The ASN.1 DER encoding is:
-
-     signatureValue       BIT STRING
-
-     Consult rfc2459 for more information.
-  */
-  public abstract byte[] getSignature();
-
-  /**
-     Returns the signature algorithm used to sign the CRL.
-     An examples is "SHA-1/DSA".
-
-     The ASN.1 DER encoding is:
-
-     signatureAlgorithm   AlgorithmIdentifier,
-
-     AlgorithmIdentifier  ::=  SEQUENCE  {
-     algorithm               OBJECT IDENTIFIER,
-     parameters              ANY DEFINED BY algorithm OPTIONAL  }
-
-     Consult rfc2459 for more information.
-
-     The algorithm name is determined from the OID.
-
-     @return a string with the signature algorithm name
-  */
-  public abstract String getSigAlgName();
-
-  /**
-     Returns the OID for the signature algorithm used.
-     Example "1.2.840.10040.4.3" is return for SHA-1 with DSA.\
-
-     The ASN.1 DER encoding for the example is:
-
-     id-dsa-with-sha1 ID  ::=  {
-     iso(1) member-body(2) us(840) x9-57 (10040)
-     x9cm(4) 3 }
-
-     Consult rfc2459 for more information.
-
-     @return a string containing the OID.
-  */
-  public abstract String getSigAlgOID();
-
-  /**
-     Returns the AlgorithmParameters in the encoded form
-     for the signature algorithm used.
-
-     If access to the parameters is need, create an
-     instance of AlgorithmParameters.
-
-     @return byte array containing algorithm parameters, null
-     if no parameters are present in CRL
-  */
-  public abstract byte[] getSigAlgParams();
-
-  // 1.4 instance methods.
-  // ------------------------------------------------------------------------
-
-  /**
-   * Returns the X.500 distinguished name of this CRL's issuer.
-   *
-   * @return The issuer's X.500 distinguished name.
-   * @since JDK 1.4
-   */
-  public X500Principal getIssuerX500Principal()
-  {
-    throw new UnsupportedOperationException();
-  }
-}
diff --git a/libjava/classpath/java/security/cert/X509CRLEntry.java b/libjava/classpath/java/security/cert/X509CRLEntry.java
deleted file mode 100644
index ac5ef47..0000000
--- a/libjava/classpath/java/security/cert/X509CRLEntry.java
+++ /dev/null
@@ -1,169 +0,0 @@
-/* X509CRLEntry.java --- X.509 Certificate Revocation List Entry
-   Copyright (C) 1999 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-import java.math.BigInteger;
-import java.util.Date;
-
-/**
-        Abstract class for entries in the CRL (Certificate Revocation
-        List). The ASN.1 definition for <I>revokedCertificates</I> is
-
-        revokedCertificates     SEQUENCE OF SEQUENCE  {
-             userCertificate         CertificateSerialNumber,
-             revocationDate          Time,
-             crlEntryExtensions      Extensions OPTIONAL
-                                           -- if present, shall be v2
-                                  }  OPTIONAL,
-
-        CertificateSerialNumber  ::=  INTEGER
-
-        Time ::= CHOICE {
-             utcTime        UTCTime,
-             generalTime    GeneralizedTime }
-
-        Extensions  ::=  SEQUENCE SIZE (1..MAX) OF Extension
-
-        Extension  ::=  SEQUENCE  {
-             extnID      OBJECT IDENTIFIER,
-             critical    BOOLEAN DEFAULT FALSE,
-             extnValue   OCTET STRING  }
-
-        For more information consult rfc2459.
-
-        @author Mark Benvenuto
-
-        @since JDK 1.2
-*/
-public abstract class X509CRLEntry implements X509Extension
-{
-
-  /**
-     Creates a new X509CRLEntry
-  */
-  public X509CRLEntry()
-  {}
-
-  /**
-     Compares this X509CRLEntry to other. It checks if the
-     object if instanceOf X509CRLEntry and then checks if
-     the encoded form( the inner SEQUENCE) matches.
-
-     @param other An Object to test for equality
-
-     @return true if equal, false otherwise
-  */
-  public boolean equals(Object other)
-  {
-    if( other instanceof X509CRLEntry ) {
-      try {
-        X509CRLEntry xe = (X509CRLEntry) other;
-        if( getEncoded().length != xe.getEncoded().length )
-          return false;
-
-        byte[] b1 = getEncoded();
-        byte[] b2 = xe.getEncoded();
-
-        for( int i = 0; i < b1.length; i++ )
-          if( b1[i] != b2[i] )
-            return false;
-
-      } catch( CRLException crle ) {
-        return false;
-      }
-      return true;
-    }
-    return false;
-  }
-
-  /**
-     Returns a hash code for this X509CRLEntry in its encoded
-     form.
-
-     @return A hash code of this class
-  */
-  public int hashCode()
-  {
-    return super.hashCode();
-  }
-
-  /**
-     Gets the DER ASN.1 encoded format for this CRL Entry,
-     the inner SEQUENCE.
-
-     @return byte array containg encoded form
-
-     @throws CRLException if an error occurs
-  */
-  public abstract byte[] getEncoded() throws CRLException;
-
-  /**
-     Gets the serial number for <I>userCertificate</I> in
-     this X509CRLEntry.
-
-     @return the serial number for this X509CRLEntry.
-  */
-  public abstract BigInteger getSerialNumber();
-
-
-  /**
-     Gets the revocation date in <I>revocationDate</I> for
-     this X509CRLEntry.
-
-     @return the revocation date for this X509CRLEntry.
-  */
-  public abstract Date getRevocationDate();
-
-
-  /**
-     Checks if this X509CRLEntry has extensions.
-
-     @return true if it has extensions, false otherwise
-  */
-  public abstract boolean hasExtensions();
-
-
-  /**
-     Returns a string that represents this X509CRLEntry.
-
-     @return a string representing this X509CRLEntry.
-  */
-  public abstract String toString();
-
-}
diff --git a/libjava/classpath/java/security/cert/X509CRLSelector.java b/libjava/classpath/java/security/cert/X509CRLSelector.java
deleted file mode 100644
index d412a1a..0000000
--- a/libjava/classpath/java/security/cert/X509CRLSelector.java
+++ /dev/null
@@ -1,442 +0,0 @@
-/* X509CRLSelector.java -- selects X.509 CRLs by criteria.
-   Copyright (C) 2004 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-import gnu.classpath.SystemProperties;
-import gnu.java.lang.CPStringBuilder;
-import gnu.java.security.der.DERReader;
-import gnu.java.security.der.DERValue;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.math.BigInteger;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.Date;
-import java.util.Iterator;
-import java.util.LinkedList;
-import java.util.List;
-
-import javax.security.auth.x500.X500Principal;
-
-/**
- * A class for matching X.509 certificate revocation lists by criteria.
- *
- * <p>Use of this class requires extensive knowledge of the Internet
- * Engineering Task Force's Public Key Infrastructure (X.509). The primary
- * document describing this standard is <a
- * href="http://www.ietf.org/rfc/rfc3280.txt">RFC 3280: Internet X.509
- * Public Key Infrastructure Certificate and Certificate Revocation List
- * (CRL) Profile</a>.
- *
- * <p>Note that this class is not thread-safe. If multiple threads will
- * use or modify this class then they need to synchronize on the object.
- *
- * @author Casey Marshall (csm@gnu.org)
- * @since 1.4
- */
-public class X509CRLSelector implements CRLSelector, Cloneable
-{
-
-  // Fields.
-  // -------------------------------------------------------------------------
-
-  private static final String CRL_NUMBER_ID = "2.5.29.20";
-
-  private List issuerNames;
-  private BigInteger maxCrlNumber;
-  private BigInteger minCrlNumber;
-  private Date date;
-  private X509Certificate cert;
-
-  // Constructor.
-  // -------------------------------------------------------------------------
-
-  /**
-   * Creates a new CRL selector with no criteria enabled; i.e., every CRL
-   * will be matched.
-   */
-  public X509CRLSelector()
-  {
-  }
-
-  // Instance methods.
-  // -------------------------------------------------------------------------
-
-  /**
-   * Add an issuer name to the set of issuer names criteria, as the DER
-   * encoded form.
-   *
-   * @param name The name to add, as DER bytes.
-   * @throws IOException If the argument is not a valid DER-encoding.
-   */
-  public void addIssuerName(byte[] name) throws IOException
-  {
-    X500Principal p = null;
-    try
-      {
-        p = new X500Principal(name);
-      }
-    catch (IllegalArgumentException iae)
-      {
-        IOException ioe = new IOException("malformed name");
-        ioe.initCause(iae);
-        throw ioe;
-      }
-    if (issuerNames == null)
-      issuerNames = new LinkedList();
-    issuerNames.add(p);
-  }
-
-  /**
-   * Add an issuer name to the set of issuer names criteria, as a
-   * String representation.
-   *
-   * @param name The name to add.
-   * @throws IOException If the argument is not a valid name.
-   */
-  public void addIssuerName(String name) throws IOException
-  {
-    X500Principal p = null;
-    try
-      {
-        p = new X500Principal(name);
-      }
-    catch (IllegalArgumentException iae)
-      {
-        IOException ioe = new IOException("malformed name: " + name);
-        ioe.initCause(iae);
-        throw ioe;
-      }
-    if (issuerNames == null)
-      issuerNames = new LinkedList();
-    issuerNames.add(p);
-  }
-
-  /**
-   * Sets the issuer names criterion. Pass <code>null</code> to clear this
-   * value. CRLs matched by this selector must have an issuer name in this
-   * set.
-   *
-   * @param names The issuer names.
-   * @throws IOException If any of the elements in the collection is not
-   *         a valid name.
-   */
-  public void setIssuerNames(Collection<?> names) throws IOException
-  {
-    if (names == null)
-      {
-        issuerNames = null;
-        return;
-      }
-    List l = new ArrayList(names.size());
-    for (Iterator it = names.iterator(); it.hasNext(); )
-      {
-        Object o = it.next();
-        if (o instanceof X500Principal)
-          l.add(o);
-        else if (o instanceof String)
-          {
-            try
-              {
-                l.add(new X500Principal((String) o));
-              }
-            catch (IllegalArgumentException iae)
-              {
-                IOException ioe = new IOException("malformed name: " + o);
-                ioe.initCause(iae);
-                throw ioe;
-              }
-          }
-        else if (o instanceof byte[])
-          {
-            try
-              {
-                l.add(new X500Principal((byte[]) o));
-              }
-            catch (IllegalArgumentException iae)
-              {
-                IOException ioe = new IOException("malformed name");
-                ioe.initCause(iae);
-                throw ioe;
-              }
-          }
-        else if (o instanceof InputStream)
-          {
-            try
-              {
-                l.add(new X500Principal((InputStream) o));
-              }
-            catch (IllegalArgumentException iae)
-              {
-                IOException ioe = new IOException("malformed name");
-                ioe.initCause(iae);
-                throw ioe;
-              }
-          }
-        else
-          throw new IOException("not a valid name: " +
-                                (o != null ? o.getClass().getName() : "null"));
-
-      }
-    issuerNames = l;
-  }
-
-  /**
-   * Returns the set of issuer names that are matched by this selector,
-   * or <code>null</code> if this criteria is not set. The returned
-   * collection is not modifiable.
-   *
-   * @return The set of issuer names.
-   */
-  public Collection<Object> getIssuerNames()
-  {
-    if (issuerNames != null)
-      return Collections.unmodifiableList(issuerNames);
-    else
-      return null;
-  }
-
-  /**
-   * Returns the maximum value of the CRLNumber extension present in
-   * CRLs matched by this selector, or <code>null</code> if this
-   * criteria is not set.
-   *
-   * @return The maximum CRL number.
-   */
-  public BigInteger getMaxCRL()
-  {
-    return maxCrlNumber;
-  }
-
-  /**
-   * Returns the minimum value of the CRLNumber extension present in
-   * CRLs matched by this selector, or <code>null</code> if this
-   * criteria is not set.
-   *
-   * @return The minimum CRL number.
-   */
-  public BigInteger getMinCRL()
-  {
-    return minCrlNumber;
-  }
-
-  /**
-   * Sets the maximum value of the CRLNumber extension present in CRLs
-   * matched by this selector. Specify <code>null</code> to clear this
-   * criterion.
-   *
-   * @param maxCrlNumber The maximum CRL number.
-   */
-  public void setMaxCRLNumber(BigInteger maxCrlNumber)
-  {
-    this.maxCrlNumber = maxCrlNumber;
-  }
-
-  /**
-   * Sets the minimum value of the CRLNumber extension present in CRLs
-   * matched by this selector. Specify <code>null</code> to clear this
-   * criterion.
-   *
-   * @param minCrlNumber The minimum CRL number.
-   */
-  public void setMinCRLNumber(BigInteger minCrlNumber)
-  {
-    this.minCrlNumber = minCrlNumber;
-  }
-
-  /**
-   * Returns the date when this CRL must be valid; that is, the date
-   * must be after the thisUpdate date, but before the nextUpdate date.
-   * Returns <code>null</code> if this criterion is not set.
-   *
-   * @return The date.
-   */
-  public Date getDateAndTime()
-  {
-    return date != null ? (Date) date.clone() : null;
-  }
-
-  /**
-   * Sets the date at which this CRL must be valid. Specify
-   * <code>null</code> to clear this criterion.
-   *
-   * @param date The date.
-   */
-  public void setDateAndTime(Date date)
-  {
-    this.date = date != null ? (Date) date.clone() : null;
-  }
-
-  /**
-   * Returns the certificate being checked, or <code>null</code> if this
-   * value is not set.
-   *
-   * @return The certificate.
-   */
-  public X509Certificate getCertificateChecking()
-  {
-    return cert;
-  }
-
-  /**
-   * Sets the certificate being checked. This is not a criterion, but
-   * info used by certificate store implementations to aid in searching.
-   *
-   * @param cert The certificate.
-   */
-  public void setCertificateChecking(X509Certificate cert)
-  {
-    this.cert = cert;
-  }
-
-  /**
-   * Returns a string representation of this selector. The string will
-   * only describe the enabled criteria, so if none are enabled this will
-   * return a string that contains little else besides the class name.
-   *
-   * @return The string.
-   */
-  public String toString()
-  {
-    CPStringBuilder str = new CPStringBuilder(X509CRLSelector.class.getName());
-    String nl = SystemProperties.getProperty("line.separator");
-    String eol = ";" + nl;
-
-    str.append(" {").append(nl);
-    if (issuerNames != null)
-      str.append("  issuer names = ").append(issuerNames).append(eol);
-    if (maxCrlNumber != null)
-      str.append("  max CRL = ").append(maxCrlNumber).append(eol);
-    if (minCrlNumber != null)
-      str.append("  min CRL = ").append(minCrlNumber).append(eol);
-    if (date != null)
-      str.append("  date = ").append(date).append(eol);
-    if (cert != null)
-      str.append("  certificate = ").append(cert).append(eol);
-    str.append("}").append(nl);
-    return str.toString();
-  }
-
-  /**
-   * Checks a CRL against the criteria of this selector, returning
-   * <code>true</code> if the given CRL matches all the criteria.
-   *
-   * @param _crl The CRL being checked.
-   * @return True if the CRL matches, false otherwise.
-   */
-  public boolean match(CRL _crl)
-  {
-    if (!(_crl instanceof X509CRL))
-      return false;
-    X509CRL crl = (X509CRL) _crl;
-    if (issuerNames != null)
-      {
-        if (!issuerNames.contains(crl.getIssuerX500Principal()))
-          return false;
-      }
-    BigInteger crlNumber = null;
-    if (maxCrlNumber != null)
-      {
-        byte[] b = crl.getExtensionValue(CRL_NUMBER_ID);
-        if (b == null)
-          return false;
-        try
-          {
-            DERValue val = DERReader.read(b);
-            if (!(val.getValue() instanceof BigInteger))
-              return false;
-            crlNumber = (BigInteger) val.getValue();
-          }
-        catch (IOException ioe)
-          {
-            return false;
-          }
-        if (maxCrlNumber.compareTo(crlNumber) < 0)
-          return false;
-      }
-    if (minCrlNumber != null)
-      {
-        if (crlNumber == null)
-          {
-            byte[] b = crl.getExtensionValue(CRL_NUMBER_ID);
-            if (b == null)
-              return false;
-            try
-              {
-                DERValue val = DERReader.read(b);
-                if (!(val.getValue() instanceof BigInteger))
-                  return false;
-                crlNumber = (BigInteger) val.getValue();
-              }
-            catch (IOException ioe)
-              {
-                return false;
-              }
-          }
-        if (minCrlNumber.compareTo(crlNumber) > 0)
-          return false;
-      }
-    if (date != null)
-      {
-        if (date.compareTo(crl.getThisUpdate()) < 0 ||
-            date.compareTo(crl.getNextUpdate()) > 0)
-          return false;
-      }
-    return true;
-  }
-
-  /**
-   * Returns a copy of this object.
-   *
-   * @return The copy.
-   */
-  public Object clone()
-  {
-    try
-      {
-        return super.clone();
-      }
-    catch (CloneNotSupportedException shouldNotHappen)
-      {
-        throw new Error(shouldNotHappen);
-      }
-  }
-}
diff --git a/libjava/classpath/java/security/cert/X509CertSelector.java b/libjava/classpath/java/security/cert/X509CertSelector.java
deleted file mode 100644
index 8c1230a..0000000
--- a/libjava/classpath/java/security/cert/X509CertSelector.java
+++ /dev/null
@@ -1,1319 +0,0 @@
-/* X509CertSelector.java -- selects X.509 certificates by criteria.
-   Copyright (C) 2004, 2005, 2006 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-import gnu.classpath.SystemProperties;
-import gnu.java.lang.CPStringBuilder;
-import gnu.java.security.OID;
-import gnu.java.security.x509.GnuPKIExtension;
-import gnu.java.security.x509.ext.CertificatePolicies;
-import gnu.java.security.x509.ext.Extension;
-import gnu.java.security.x509.ext.GeneralName;
-import gnu.java.security.x509.ext.GeneralSubtree;
-import gnu.java.security.x509.ext.NameConstraints;
-import gnu.java.security.x509.ext.GeneralName.Kind;
-
-import java.io.IOException;
-import java.math.BigInteger;
-import java.net.InetAddress;
-import java.security.KeyFactory;
-import java.security.PublicKey;
-import java.security.spec.X509EncodedKeySpec;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.Date;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.Set;
-
-import javax.security.auth.x500.X500Principal;
-
-/**
- * A concrete implementation of {@link CertSelector} for X.509 certificates,
- * which allows a number of criteria to be set when accepting certificates,
- * from validity dates, to issuer and subject distinguished names, to some
- * of the various X.509 extensions.
- *
- * <p>Use of this class requires extensive knowledge of the Internet
- * Engineering Task Force's Public Key Infrastructure (X.509). The primary
- * document describing this standard is <a
- * href="http://www.ietf.org/rfc/rfc3280.txt">RFC 3280: Internet X.509
- * Public Key Infrastructure Certificate and Certificate Revocation List
- * (CRL) Profile</a>.
- *
- * <p>Note that this class is not thread-safe. If multiple threads will
- * use or modify this class then they need to synchronize on the object.
- *
- * @author Casey Marshall (csm@gnu.org)
- * @since 1.4
- */
-public class X509CertSelector implements CertSelector, Cloneable
-{
-
-  // Constants and fields.
-  // -------------------------------------------------------------------------
-
-  private static final String AUTH_KEY_ID = "2.5.29.35";
-  private static final String SUBJECT_KEY_ID = "2.5.29.14";
-  private static final String NAME_CONSTRAINTS_ID = "2.5.29.30";
-
-  private static boolean checkOid(int[] oid)
-  {
-    return (oid != null && oid.length > 2 &&
-            (oid[0] >= 0 && oid[0] <= 2) && (oid[1] >= 0 && oid[1] <= 39));
-  }
-
-  private static GeneralName makeName(int id, String name) throws IOException
-  {
-    byte[] nameBytes = null;
-    GeneralName.Kind kind = GeneralName.Kind.forTag(id);
-    switch (Kind.forTag(id))
-    {
-      case dNSName:
-      case rfc822Name:
-      case uniformResourceIdentifier:
-        nameBytes = name.getBytes("ASCII");
-        break;
-
-      case iPAddress:
-        InetAddress addr = InetAddress.getByName(name);
-        nameBytes = addr.getAddress();
-        break;
-
-      case registeredId:
-        OID oid = new OID(name);
-        nameBytes = oid.getDER();
-        break;
-
-      case directoryName:
-        X500Principal xname = new X500Principal(name);
-        nameBytes = xname.getEncoded();
-        break;
-
-      case ediPartyName:
-      case x400Address:
-      case otherName:
-        throw new IOException("cannot decode string representation of "
-                              + kind);
-    }
-    return new GeneralName(kind, nameBytes);
-  }
-
-  private int basicConstraints;
-  private X509Certificate cert;
-  private BigInteger serialNo;
-  private X500Principal issuer;
-  private X500Principal subject;
-  private byte[] subjectKeyId;
-  private byte[] authKeyId;
-  private boolean[] keyUsage;
-  private Date certValid;
-  private OID sigId;
-  private PublicKey subjectKey;
-  private X509EncodedKeySpec subjectKeySpec;
-  private Set<String> keyPurposeSet;
-  private List<GeneralName> altNames;
-  private boolean matchAllNames;
-  private byte[] nameConstraints;
-  private Set<OID> policy;
-  private List<GeneralName> pathToNames;
-
-  /**
-   * Creates a new X.509 certificate selector. The new selector will be
-   * empty, and will accept any certificate (provided that it is an
-   * {@link X509Certificate}).
-   */
-  public X509CertSelector()
-  {
-    basicConstraints = -1;
-  }
-
-  /**
-   * Add a name to match in the NameConstraints extension. The argument is
-   * the DER-encoded bytes of a GeneralName structure.
-   *
-   * See the method {@link #addSubjectAlternativeName(int, byte[])} for the
-   * format of the GeneralName structure.
-   *
-   * @param id The name identifier. Must be between 0 and 8.
-   * @param name The DER-encoded bytes of the name to match.
-   * @throws IOException If the name DER is malformed.
-   */
-  public void addPathToName(int id, byte[] name) throws IOException
-  {
-    GeneralName generalName = new GeneralName(GeneralName.Kind.forTag(id), name);
-    if (pathToNames == null)
-      pathToNames = new LinkedList<GeneralName>();
-    pathToNames.add(generalName);
-  }
-
-  /**
-   * Add a name to match in the NameConstraints extension. This method will
-   * only recognize certain types of name that have convenient string
-   * encodings. For robustness, you should use the {@link
-   *  #addPathToName(int, byte[])} method whenever possible.
-   *
-   * @param id The name identifier. Must be between 0 and 8.
-   * @param name The name.
-   * @throws IOException If the name cannot be decoded.
-   */
-  public void addPathToName(int id, String name) throws IOException
-  {
-    GeneralName generalName = makeName(id, name);
-    if (pathToNames == null)
-      pathToNames = new LinkedList<GeneralName>();
-    pathToNames.add(generalName);
-  }
-
-  /**
-   * Add a name, as DER-encoded bytes, to the subject alternative names
-   * criterion.
-   *
-   * The name is a GeneralName structure, which has the ASN.1 format:
-   *
-   * <pre>
-  GeneralName ::= CHOICE {
-    otherName                       [0]     OtherName,
-    rfc822Name                      [1]     IA5String,
-    dNSName                         [2]     IA5String,
-    x400Address                     [3]     ORAddress,
-    directoryName                   [4]     Name,
-    ediPartyName                    [5]     EDIPartyName,
-    uniformResourceIdentifier       [6]     IA5String,
-    iPAddress                       [7]     OCTET STRING,
-    registeredID                    [8]     OBJECT IDENTIFIER }
-</pre>
-   *
-   * @param id The type of name this is.
-   * @param name The DER-encoded name.
-   * @throws IOException If the name is not a valid DER sequence.
-   */
-  public void addSubjectAlternativeName(int id, byte[] name)
-    throws IOException
-  {
-    GeneralName generalName = new GeneralName(GeneralName.Kind.forTag(id), name);
-    if (altNames == null)
-      altNames = new LinkedList<GeneralName>();
-    altNames.add(generalName);
-  }
-
-  /**
-   * Add a name to the subject alternative names criterion. This method will
-   * only recognize certain types of name that have convenient string
-   * encodings. For robustness, you should use the {@link
-   *  #addSubjectAlternativeName(int, byte[])} method whenever possible.
-   *
-   * This method can only decode certain name kinds of names as strings.
-   *
-   * @param id The type of name this is. Must be in the range [0,8].
-   * @param name The name.
-   * @throws IOException If the id is out of range, or if the name
-   *   is null.
-   */
-  public void addSubjectAlternativeName(int id, String name)
-    throws IOException
-  {
-    GeneralName generalName = makeName(id, name);
-    if (altNames == null)
-      altNames = new LinkedList<GeneralName>();
-    altNames.add(generalName);
-  }
-
-  public Object clone()
-  {
-    try
-      {
-        return super.clone();
-      }
-    catch (CloneNotSupportedException shouldNotHappen)
-      {
-        throw new Error(shouldNotHappen);
-      }
-  }
-
-  /**
-   * Returns the authority key identifier criterion, or <code>null</code> if
-   * this value was not set. Note that the byte array is cloned to prevent
-   * modification.
-   *
-   * @return The authority key identifier.
-   */
-  public byte[] getAuthorityKeyIdentifier()
-  {
-    if (authKeyId != null)
-      return (byte[]) authKeyId.clone();
-    else
-      return null;
-  }
-
-  /**
-   * Returns the basic constraints criterion, or -1 if this value is not set.
-   *
-   * @return The basic constraints.
-   */
-  public int getBasicConstraints()
-  {
-    return basicConstraints;
-  }
-
-  /**
-   * Returns the certificate criterion, or <code>null</code> if this value
-   * was not set.
-   *
-   * @return The certificate.
-   */
-  public X509Certificate getCertificate()
-  {
-    return cert;
-  }
-
-  /**
-   * Returns the date at which certificates must be valid, or <code>null</code>
-   * if this criterion was not set.
-   *
-   * @return The target certificate valitity date.
-   */
-  public Date getCertificateValid()
-  {
-    if (certValid != null)
-      return (Date) certValid.clone();
-    else
-      return null;
-  }
-
-  /**
-   * Returns the set of extended key purpose IDs, as an unmodifiable set
-   * of OID strings. Returns <code>null</code> if this criterion is not
-   * set.
-   *
-   * @return The set of key purpose OIDs (strings).
-   */
-  public Set<String> getExtendedKeyUsage()
-  {
-    if (keyPurposeSet != null)
-      return Collections.unmodifiableSet(keyPurposeSet);
-    else
-      return null;
-  }
-
-  /**
-   * Returns the issuer criterion as a sequence of DER bytes, or
-   * <code>null</code> if this value was not set.
-   *
-   * @return The issuer.
-   */
-  public byte[] getIssuerAsBytes() throws IOException
-  {
-    if (issuer != null)
-      return issuer.getEncoded();
-    else
-      return null;
-  }
-
-  /**
-   * Returns the issuer criterion as a string, or <code>null</code> if this
-   * value was not set.
-   *
-   * @return The issuer.
-   */
-  public String getIssuerAsString()
-  {
-    if (issuer != null)
-      return issuer.getName();
-    else
-      return null;
-  }
-
-  /**
-   * Returns the public key usage criterion, or <code>null</code> if this
-   * value is not set. Note that the array is cloned to prevent modification.
-   *
-   * @return The public key usage.
-   */
-  public boolean[] getKeyUsage()
-  {
-    if (keyUsage != null)
-      return (boolean[]) keyUsage.clone();
-    else
-      return null;
-  }
-
-  /**
-   * Returns whether or not all specified alternative names must match.
-   * If false, a certificate is considered a match if <em>one</em> of the
-   * specified alternative names matches.
-   *
-   * @return true if all names must match.
-   */
-  public boolean getMatchAllSubjectAltNames()
-  {
-    return matchAllNames;
-  }
-
-  /**
-   * Returns the name constraints criterion, or <code>null</code> if this
-   * value is not set. Note that the byte array is cloned to prevent
-   * modification.
-   *
-   * @return The name constraints.
-   */
-  public byte[] getNameConstraints()
-  {
-    if (nameConstraints != null)
-      return (byte[]) nameConstraints.clone();
-    else
-      return null;
-  }
-
-  public Collection<List<?>> getPathToNames()
-  {
-    if (pathToNames != null)
-      {
-        List<List<?>> names = new ArrayList<List<?>>(pathToNames.size());
-        for (GeneralName name : pathToNames)
-          {
-            List<Object> n = new ArrayList<Object>(2);
-            n.add(name.kind().tag());
-            n.add(name.name());
-            names.add(n);
-          }
-
-        return names;
-      }
-    return null;
-  }
-
-  /**
-   * Returns the certificate policy extension that will be matched by this
-   * selector, or null if the certificate policy will not be matched.
-   *
-   * @return The policy to be matched, or null.
-   */
-  public Set<String> getPolicy()
-  {
-    Set<OID> p = this.policy;
-    if (p != null)
-      {
-        Set<String> strings = new HashSet<String>(p.size());
-        for (OID o : p)
-          {
-            strings.add(o.toString());
-          }
-        return strings;
-      }
-    return null;
-  }
-
-  /**
-   * This method, and its related X.509 certificate extension &mdash; the
-   * private key usage period &mdash; is not supported under the Internet
-   * PKI for X.509 certificates (PKIX), described in RFC 3280. As such, this
-   * method is not supported either.
-   *
-   * <p>Do not use this method. It is not deprecated, as it is not deprecated
-   * in the Java standard, but it is basically a no-operation and simply
-   * returns <code>null</code>.
-   *
-   * @return Null.
-   */
-  public Date getPrivateKeyValid()
-  {
-    return null;
-  }
-
-  /**
-   * Returns the serial number criterion, or <code>null</code> if this
-   * value was not set.
-   *
-   * @return The serial number.
-   */
-  public BigInteger getSerialNumber()
-  {
-    return serialNo;
-  }
-
-  /**
-   * Get the subject alternative names criterion. The collection returned
-   * is a collection of pairs: the first element is an {@link Integer}
-   * containing the name type, and the second is a byte array containing
-   * the DER-encoded name bytes.
-   *
-   * @return The subject alternative names criterion. Returns null if this
-   *  criterion is not set.
-   */
-  public Collection<List<?>> getSubjectAlternativeNames()
-  {
-    if (altNames != null)
-      {
-        List<List<?>> names = new ArrayList<List<?>>(altNames.size());
-        for (GeneralName name : altNames)
-          {
-            List<Object> n = new ArrayList<Object>(2);
-            n.add(name.kind().tag());
-            n.add(name.name());
-            names.add(n);
-          }
-        return names;
-      }
-    return null;
-  }
-
-  /**
-   * Returns the subject criterion as a sequence of DER bytes, or
-   * <code>null</code> if this value is not set.
-   *
-   * @return The subject.
-   */
-  public byte[] getSubjectAsBytes() throws IOException
-  {
-    if (subject != null)
-      return subject.getEncoded();
-    else
-      return null;
-  }
-
-  /**
-   * Returns the subject criterion as a string, of <code>null</code> if
-   * this value was not set.
-   *
-   * @return The subject.
-   */
-  public String getSubjectAsString()
-  {
-    if (subject != null)
-      return subject.getName();
-    else
-      return null;
-  }
-
-  /**
-   * Returns the subject key identifier criterion, or <code>null</code> if
-   * this value was not set. Note that the byte array is cloned to prevent
-   * modification.
-   *
-   * @return The subject key identifier.
-   */
-  public byte[] getSubjectKeyIdentifier()
-  {
-    if (subjectKeyId != null)
-      return (byte[]) subjectKeyId.clone();
-    else
-      return null;
-  }
-
-  /**
-   * Returns the subject public key criterion, or <code>null</code> if this
-   * value is not set.
-   *
-   * @return The subject public key.
-   */
-  public PublicKey getSubjectPublicKey()
-  {
-    return subjectKey;
-  }
-
-  /**
-   * Returns the public key algorithm ID that matching certificates must have,
-   * or <code>null</code> if this criterion was not set.
-   *
-   * @return The public key algorithm ID.
-   */
-  public String getSubjectPublicKeyAlgID()
-  {
-    return String.valueOf(sigId);
-  }
-
-  /**
-   * Match a certificate. This method will check the given certificate
-   * against all the enabled criteria of this selector, and will return
-   * <code>true</code> if the given certificate matches.
-   *
-   * @param certificate The certificate to check.
-   * @return true if the certificate matches all criteria.
-   */
-  public boolean match(Certificate certificate)
-  {
-    if (!(certificate instanceof X509Certificate))
-      return false;
-    X509Certificate cert = (X509Certificate) certificate;
-    if (this.cert != null)
-      {
-        try
-          {
-            byte[] e1 = this.cert.getEncoded();
-            byte[] e2 = cert.getEncoded();
-            if (!Arrays.equals(e1, e2))
-              return false;
-          }
-        catch (CertificateEncodingException cee)
-          {
-            return false;
-          }
-      }
-    if (serialNo != null)
-      {
-        if (!serialNo.equals(cert.getSerialNumber()))
-          return false;
-      }
-    if (certValid != null)
-      {
-        try
-          {
-            cert.checkValidity(certValid);
-          }
-        catch (CertificateException ce)
-          {
-            return false;
-          }
-      }
-    if (issuer != null)
-      {
-        if (!issuer.equals(cert.getIssuerX500Principal()))
-          return false;
-      }
-    if (subject != null)
-      {
-        if (!subject.equals(cert.getSubjectX500Principal()))
-          return false;
-      }
-    if (sigId != null)
-      {
-        if (!sigId.toString().equals(cert.getSigAlgOID()))
-          return false;
-      }
-    if (subjectKeyId != null)
-      {
-        byte[] b = cert.getExtensionValue(SUBJECT_KEY_ID);
-        if (!Arrays.equals(b, subjectKeyId))
-          return false;
-      }
-    if (authKeyId != null)
-      {
-        byte[] b = cert.getExtensionValue(AUTH_KEY_ID);
-        if (!Arrays.equals(b, authKeyId))
-          return false;
-      }
-    if (keyUsage != null)
-      {
-        boolean[] b = cert.getKeyUsage();
-        if (!Arrays.equals(b, keyUsage))
-          return false;
-      }
-    if (basicConstraints >= 0)
-      {
-        if (cert.getBasicConstraints() != basicConstraints)
-          return false;
-      }
-    if (keyPurposeSet != null)
-      {
-        List kp = null;
-        try
-          {
-            kp = cert.getExtendedKeyUsage();
-          }
-        catch (CertificateParsingException cpe)
-          {
-            return false;
-          }
-        if (kp == null)
-          return false;
-        for (Iterator it = keyPurposeSet.iterator(); it.hasNext(); )
-          {
-            if (!kp.contains(it.next()))
-              return false;
-          }
-      }
-    if (altNames != null)
-      {
-        Collection<List<?>> an = null;
-        try
-          {
-            an = cert.getSubjectAlternativeNames();
-          }
-        catch (CertificateParsingException cpe)
-          {
-            return false;
-          }
-        if (an == null)
-          return false;
-        int match = 0;
-        for (GeneralName name : altNames)
-          {
-            for (List<?> list : an)
-              {
-                try
-                  {
-                    Integer id = (Integer) list.get(0);
-                    Object val = list.get(1);
-                    GeneralName n = null;
-                    if (val instanceof String)
-                      n = makeName(id, (String) val);
-                    else if (val instanceof byte[])
-                      {
-                        n = new GeneralName(GeneralName.Kind.forTag(id),
-                                            (byte[]) val);
-                      }
-                    else
-                      continue;
-                    if (name.equals(n))
-                      match++;
-                  }
-                catch (Exception e)
-                  {
-                    continue;
-                  }
-              }
-            if (match == 0 || (matchAllNames && match < altNames.size()))
-              return false;
-          }
-      }
-    if (nameConstraints != null)
-      {
-        byte[] nc = cert.getExtensionValue(NAME_CONSTRAINTS_ID);
-        if (!Arrays.equals(nameConstraints, nc))
-          return false;
-      }
-
-    if (policy != null)
-      {
-        CertificatePolicies policies = null;
-        if (cert instanceof GnuPKIExtension)
-          {
-            policies = (CertificatePolicies)
-              ((GnuPKIExtension) cert).getExtension(CertificatePolicies.ID).getValue();
-          }
-        else
-          {
-            byte[] policiesDer =
-              cert.getExtensionValue(CertificatePolicies.ID.toString());
-            try
-              {
-                policies = new CertificatePolicies(policiesDer);
-              }
-            catch (IOException ioe)
-              {
-                // ignored
-              }
-          }
-
-        if (policies == null)
-          return false;
-        if (!policies.getPolicies().containsAll(policy))
-          return false;
-      }
-
-    if (pathToNames != null)
-      {
-        NameConstraints nc = null;
-        if (cert instanceof GnuPKIExtension)
-          {
-            Extension e =
-              ((GnuPKIExtension) cert).getExtension(NameConstraints.ID);
-            if (e != null)
-              nc = (NameConstraints) e.getValue();
-          }
-        else
-          {
-            byte[] b = cert.getExtensionValue(NameConstraints.ID.toString());
-            if (b != null)
-              {
-                try
-                  {
-                    nc = new NameConstraints(b);
-                  }
-                catch (IOException ioe)
-                  {
-                  }
-              }
-          }
-
-        if (nc == null)
-          return false;
-
-        int match = 0;
-        for (GeneralName name : pathToNames)
-          {
-            for (GeneralSubtree subtree : nc.permittedSubtrees())
-              {
-                if (name.equals(subtree.base()))
-                  match++;
-              }
-          }
-        if (match == 0 || (matchAllNames && match < pathToNames.size()))
-          return false;
-      }
-
-    return true;
-  }
-
-  /**
-   * Sets the authority key identifier criterion, or <code>null</code> to clear
-   * this criterion. Note that the byte array is cloned to prevent modification.
-   *
-   * @param authKeyId The authority key identifier.
-   */
-  public void setAuthorityKeyIdentifier(byte[] authKeyId)
-  {
-    this.authKeyId = authKeyId != null ? (byte[]) authKeyId.clone() : null;
-  }
-
-  /**
-   * Sets the basic constraints criterion. Specify -1 to clear this parameter.
-   *
-   * @param basicConstraints The new basic constraints value.
-   */
-  public void setBasicConstraints(int basicConstraints)
-  {
-    if (basicConstraints < -1)
-      basicConstraints = -1;
-    this.basicConstraints = basicConstraints;
-  }
-
-  /**
-   * Sets the certificate criterion. If set, only certificates that are
-   * equal to the certificate passed here will be accepted.
-   *
-   * @param cert The certificate.
-   */
-  public void setCertificate(X509Certificate cert)
-  {
-    this.cert = cert;
-  }
-
-  /**
-   * Sets the date at which certificates must be valid. Specify
-   * <code>null</code> to clear this criterion.
-   *
-   * @param certValid The certificate validity date.
-   */
-  public void setCertificateValid(Date certValid)
-  {
-    this.certValid = certValid != null ? (Date) certValid.clone() : null;
-  }
-
-  /**
-   * Sets the extended key usage criterion, as a set of OID strings. Specify
-   * <code>null</code> to clear this value.
-   *
-   * @param keyPurposeSet The set of key purpose OIDs.
-   * @throws IOException If any element of the set is not a valid OID string.
-   */
-  public void setExtendedKeyUsage(Set<String> keyPurposeSet) throws IOException
-  {
-    if (keyPurposeSet == null)
-      {
-        this.keyPurposeSet = null;
-        return;
-      }
-    Set<String> s = new HashSet<String>();
-    for (Iterator it = keyPurposeSet.iterator(); it.hasNext(); )
-      {
-        Object o = it.next();
-        if (!(o instanceof String))
-          throw new IOException("not a string: " + o);
-        try
-          {
-            OID oid = new OID((String) o);
-            int[] comp = oid.getIDs();
-            if (!checkOid(comp))
-              throw new IOException("malformed OID: " + o);
-          }
-        catch (IllegalArgumentException iae)
-          {
-            IOException ioe = new IOException("malformed OID: " + o);
-            ioe.initCause(iae);
-            throw ioe;
-          }
-      }
-    this.keyPurposeSet = s;
-  }
-
-  /**
-   * Sets the issuer, specified as the DER encoding of the issuer's
-   * distinguished name. Only certificates issued by this issuer will
-   * be accepted.
-   *
-   * @param name The DER encoding of the issuer's distinguished name.
-   * @throws IOException If the given name is incorrectly formatted.
-   */
-  public void setIssuer(byte[] name) throws IOException
-  {
-    if (name != null)
-      {
-        try
-          {
-            issuer = new X500Principal(name);
-          }
-        catch (IllegalArgumentException iae)
-          {
-            throw new IOException(iae.getMessage());
-          }
-      }
-    else
-      issuer = null;
-  }
-
-  /**
-   * Sets the issuer, specified as a string representation of the issuer's
-   * distinguished name. Only certificates issued by this issuer will
-   * be accepted.
-   *
-   * @param name The string representation of the issuer's distinguished name.
-   * @throws IOException If the given name is incorrectly formatted.
-   */
-  public void setIssuer(String name) throws IOException
-  {
-    if (name != null)
-      {
-        try
-          {
-            issuer = new X500Principal(name);
-          }
-        catch (IllegalArgumentException iae)
-          {
-            throw new IOException(iae.getMessage());
-          }
-      }
-    else
-      issuer = null;
-  }
-
-  /**
-   * Sets the public key usage criterion. Specify <code>null</code> to clear
-   * this value.
-   *
-   * @param keyUsage The public key usage.
-   */
-  public void setKeyUsage(boolean[] keyUsage)
-  {
-    this.keyUsage = keyUsage != null ? (boolean[]) keyUsage.clone() : null;
-  }
-
-  /**
-   * Sets whether or not all subject alternative names must be matched.
-   * If false, then a certificate will be considered a match if one
-   * alternative name matches.
-   *
-   * @param matchAllNames Whether or not all alternative names must be
-   *        matched.
-   */
-  public void setMatchAllSubjectAltNames(boolean matchAllNames)
-  {
-    this.matchAllNames = matchAllNames;
-  }
-
-  /**
-   * Sets the name constraints criterion; specify <code>null</code> to
-   * clear this criterion. Note that if non-null, the argument will be
-   * cloned to prevent modification.
-   *
-   * @param nameConstraints The new name constraints.
-   * @throws IOException If the argument is not a valid DER-encoded
-   *         name constraints.
-   */
-  public void setNameConstraints(byte[] nameConstraints)
-    throws IOException
-  {
-    // Check if the input is well-formed...
-    new NameConstraints(nameConstraints);
-
-    // But we just compare raw byte arrays.
-    this.nameConstraints = nameConstraints != null
-      ? (byte[]) nameConstraints.clone() : null;
-  }
-
-  /**
-   * Sets the pathToNames criterion. The argument is a collection of
-   * pairs, the first element of which is an {@link Integer} giving
-   * the ID of the name, and the second element is either a {@link String}
-   * or a byte array.
-   *
-   * See {@link #addPathToName(int, byte[])} and {@link #addPathToName(int, String)}
-   * for how these arguments are handled.
-   *
-   * @param names The names.
-   * @throws IOException If any argument is malformed.
-   */
-  public void setPathToNames(Collection<List<?>> names) throws IOException
-  {
-    if (names == null || names.size() == 0)
-      {
-        pathToNames = null;
-      }
-    else
-      {
-        pathToNames = new ArrayList<GeneralName>(names.size());
-        for (List<?> name : names)
-          {
-            Integer id = (Integer) name.get(0);
-            Object name2 = name.get(1);
-            if (name2 instanceof String)
-              addPathToName(id, (String) name2);
-            else if (name2 instanceof byte[])
-              addPathToName(id, (byte[]) name2);
-            else
-              throw new IOException("invalid name type: "
-                                    + name2.getClass().getName());
-          }
-      }
-  }
-
-  /**
-   * Sets the certificate policy to match, or null if this criterion should
-   * not be checked. Each element if the set must be a dotted-decimal form
-   * of certificate policy object identifier.
-   *
-   * @param policy The policy to match.
-   * @throws IOException If some element of the policy is not a valid
-   *  policy extenison OID.
-   */
-  public void setPolicy(Set<String> policy) throws IOException
-  {
-    if (policy != null)
-      {
-        HashSet<OID> p = new HashSet<OID>(policy.size());
-        for (String s : policy)
-          {
-            try
-              {
-                OID oid = new OID(s);
-                int[] i = oid.getIDs();
-                if (!checkOid(i))
-                  throw new IOException("invalid OID");
-                p.add(oid);
-              }
-            catch (IOException ioe)
-              {
-                throw ioe;
-              }
-            catch (Exception x)
-              {
-                IOException ioe = new IOException("invalid OID");
-                ioe.initCause(x);
-                throw ioe;
-              }
-          }
-        this.policy = p;
-      }
-    else
-      this.policy = null;
-  }
-
-  /**
-   * This method, and its related X.509 certificate extension &mdash; the
-   * private key usage period &mdash; is not supported under the Internet
-   * PKI for X.509 certificates (PKIX), described in RFC 3280. As such, this
-   * method is not supported either.
-   *
-   * <p>Do not use this method. It is not deprecated, as it is not deprecated
-   * in the Java standard, but it is basically a no-operation.
-   *
-   * @param UNUSED Is silently ignored.
-   */
-  public void setPrivateKeyValid(Date UNUSED)
-  {
-  }
-
-  /**
-   * Sets the serial number of the desired certificate. Only certificates that
-   * contain this serial number are accepted.
-   *
-   * @param serialNo The serial number.
-   */
-  public void setSerialNumber(BigInteger serialNo)
-  {
-    this.serialNo = serialNo;
-  }
-
-  /**
-   * Sets the subject, specified as the DER encoding of the subject's
-   * distinguished name. Only certificates with the given subject will
-   * be accepted.
-   *
-   * @param name The DER encoding of the subject's distinguished name.
-   * @throws IOException If the given name is incorrectly formatted.
-   */
-  public void setSubject(byte[] name) throws IOException
-  {
-    if (name != null)
-      {
-        try
-          {
-            subject = new X500Principal(name);
-          }
-        catch (IllegalArgumentException iae)
-          {
-            throw new IOException(iae.getMessage());
-          }
-      }
-    else
-      subject = null;
-  }
-
-  /**
-   * Sets the subject, specified as a string representation of the
-   * subject's distinguished name. Only certificates with the given
-   * subject will be accepted.
-   *
-   * @param name The string representation of the subject's distinguished name.
-   * @throws IOException If the given name is incorrectly formatted.
-   */
-  public void setSubject(String name) throws IOException
-  {
-    if (name != null)
-      {
-        try
-          {
-            subject = new X500Principal(name);
-          }
-        catch (IllegalArgumentException iae)
-          {
-            throw new IOException(iae.getMessage());
-          }
-      }
-    else
-      subject = null;
-  }
-
-  /**
-   * Sets the subject alternative names critertion. Each element of the
-   * argument must be a {@link java.util.List} that contains exactly two
-   * elements: the first an {@link Integer}, representing the type of
-   * name, and the second either a {@link String} or a byte array,
-   * representing the name itself.
-   *
-   * @param altNames The alternative names.
-   * @throws IOException If any element of the argument is invalid.
-   */
-  public void setSubjectAlternativeNames(Collection<List<?>> altNames)
-    throws IOException
-  {
-    if (altNames == null || altNames.isEmpty())
-      {
-        this.altNames = null;
-        return;
-      }
-    List<GeneralName> l = new ArrayList<GeneralName>(altNames.size());
-    for (List<?> list : altNames)
-      {
-        Integer id = (Integer) list.get(0);
-        Object value = list.get(1);
-        GeneralName name = null;
-        if (value instanceof String)
-          name = makeName(id, (String) value);
-        else if (value instanceof byte[])
-          name = new GeneralName(GeneralName.Kind.forTag(id), (byte[]) value);
-        else
-          throw new IOException("invalid name type: " + value.getClass().getName());
-        l.add(name);
-      }
-    this.altNames = l;
-  }
-
-  /**
-   * Sets the subject key identifier criterion, or <code>null</code> to clear
-   * this criterion. Note that the byte array is cloned to prevent modification.
-   *
-   * @param subjectKeyId The subject key identifier.
-   */
-  public void setSubjectKeyIdentifier(byte[] subjectKeyId)
-  {
-    this.subjectKeyId = subjectKeyId != null ? (byte[]) subjectKeyId.clone() :
-      null;
-  }
-
-  /**
-   * Sets the subject public key criterion as a DER-encoded key. Specify
-   * <code>null</code> to clear this value.
-   *
-   * @param key The DER-encoded key bytes.
-   * @throws IOException If the argument is not a valid DER-encoded key.
-   */
-  public void setSubjectPublicKey(byte[] key) throws IOException
-  {
-    if (key == null)
-      {
-        subjectKey = null;
-        subjectKeySpec = null;
-        return;
-      }
-    try
-      {
-        subjectKeySpec = new X509EncodedKeySpec(key);
-        KeyFactory enc = KeyFactory.getInstance("X.509");
-        subjectKey = enc.generatePublic(subjectKeySpec);
-      }
-    catch (Exception x)
-      {
-        subjectKey = null;
-        subjectKeySpec = null;
-        IOException ioe = new IOException(x.getMessage());
-        ioe.initCause(x);
-        throw ioe;
-      }
-  }
-
-  /**
-   * Sets the subject public key criterion as an opaque representation.
-   * Specify <code>null</code> to clear this criterion.
-   *
-   * @param key The public key.
-   */
-  public void setSubjectPublicKey(PublicKey key)
-  {
-    this.subjectKey = key;
-    if (key == null)
-      {
-        subjectKeySpec = null;
-        return;
-      }
-    try
-      {
-        KeyFactory enc = KeyFactory.getInstance("X.509");
-        subjectKeySpec = (X509EncodedKeySpec)
-          enc.getKeySpec(key, X509EncodedKeySpec.class);
-      }
-    catch (Exception x)
-      {
-        subjectKey = null;
-        subjectKeySpec = null;
-      }
-  }
-
-  /**
-   * Sets the public key algorithm ID that matching certificates must have.
-   * Specify <code>null</code> to clear this criterion.
-   *
-   * @param sigId The public key ID.
-   * @throws IOException If the specified ID is not a valid object identifier.
-   */
-  public void setSubjectPublicKeyAlgID(String sigId) throws IOException
-  {
-    if (sigId != null)
-      {
-        try
-          {
-            OID oid = new OID(sigId);
-            int[] comp = oid.getIDs();
-            if (!checkOid(comp))
-              throw new IOException("malformed OID: " + sigId);
-            this.sigId = oid;
-          }
-        catch (IllegalArgumentException iae)
-          {
-            IOException ioe = new IOException("malformed OID: " + sigId);
-            ioe.initCause(iae);
-            throw ioe;
-          }
-      }
-    else
-      this.sigId = null;
-  }
-
-  public String toString()
-  {
-    CPStringBuilder str = new CPStringBuilder(X509CertSelector.class.getName());
-    String nl = SystemProperties.getProperty("line.separator");
-    String eol = ";" + nl;
-    str.append(" {").append(nl);
-    if (cert != null)
-      str.append("  certificate = ").append(cert).append(eol);
-    if (basicConstraints >= 0)
-      str.append("  basic constraints = ").append(basicConstraints).append(eol);
-    if (serialNo != null)
-      str.append("  serial number = ").append(serialNo).append(eol);
-    if (certValid != null)
-      str.append("  valid date = ").append(certValid).append(eol);
-    if (issuer != null)
-      str.append("  issuer = ").append(issuer).append(eol);
-    if (subject != null)
-      str.append("  subject = ").append(subject).append(eol);
-    if (sigId != null)
-      str.append("  signature OID = ").append(sigId).append(eol);
-    if (subjectKey != null)
-      str.append("  subject public key = ").append(subjectKey).append(eol);
-    if (subjectKeyId != null)
-      {
-        str.append("  subject key ID = ");
-        for (int i = 0; i < subjectKeyId.length; i++)
-          {
-            str.append(Character.forDigit((subjectKeyId[i] & 0xF0) >>> 8, 16));
-            str.append(Character.forDigit((subjectKeyId[i] & 0x0F), 16));
-            if (i < subjectKeyId.length - 1)
-              str.append(':');
-          }
-        str.append(eol);
-      }
-    if (authKeyId != null)
-      {
-        str.append("  authority key ID = ");
-        for (int i = 0; i < authKeyId.length; i++)
-          {
-            str.append(Character.forDigit((authKeyId[i] & 0xF0) >>> 8, 16));
-            str.append(Character.forDigit((authKeyId[i] & 0x0F), 16));
-            if (i < authKeyId.length - 1)
-              str.append(':');
-          }
-        str.append(eol);
-      }
-    if (keyUsage != null)
-      {
-        str.append("  key usage = ");
-        for (int i = 0; i < keyUsage.length; i++)
-          str.append(keyUsage[i] ? '1' : '0');
-        str.append(eol);
-      }
-    if (keyPurposeSet != null)
-      str.append("  key purpose = ").append(keyPurposeSet).append(eol);
-    if (altNames != null)
-      str.append("  alternative names = ").append(altNames).append(eol);
-    if (nameConstraints != null)
-      str.append("  name constraints = <blob of data>").append(eol);
-    if (policy != null)
-      str.append("  policy = ").append(policy).append(eol);
-    if (pathToNames != null)
-      str.append("  pathToNames = ").append(pathToNames).append(eol);
-    str.append("}").append(nl);
-    return str.toString();
-  }
-}
diff --git a/libjava/classpath/java/security/cert/X509Certificate.java b/libjava/classpath/java/security/cert/X509Certificate.java
deleted file mode 100644
index ab9e1be..0000000
--- a/libjava/classpath/java/security/cert/X509Certificate.java
+++ /dev/null
@@ -1,589 +0,0 @@
-/* X509Certificate.java --- X.509 Certificate class
-   Copyright (C) 1999,2003, 2006 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-
-import java.math.BigInteger;
-import java.security.Principal;
-import java.util.Date;
-import java.util.List;
-
-/**
- * X509Certificate is the abstract class for X.509 certificates.
- * This provides a stanard class interface for accessing all
- * the attributes of X.509 certificates.
- *
- * <p>In June 1996, the basic X.509 v3 format was finished by
- * ISO/IEC and ANSI X.9. The ASN.1 DER format is below:
- *
- * <blockquote><pre>
- * Certificate  ::=  SEQUENCE  {
- *   tbsCertificate       TBSCertificate,
- *   signatureAlgorithm   AlgorithmIdentifier,
- *   signatureValue       BIT STRING  }
- * </pre></blockquote>
- *
- * <p>These certificates are widely used in various Internet
- * protocols to support authentication. It is used in
- * Privacy Enhanced Mail (PEM), Transport Layer Security (TLS),
- * Secure Sockets Layer (SSL), code signing for trusted software
- * distribution, and Secure Electronic Transactions (SET).
- *
- * <p>The certificates are managed and vouched for by
- * <I>Certificate Authorities</I> (CAs). CAs are companies or
- * groups that create certificates by placing the data in the
- * X.509 certificate format and signing it with their private
- * key. CAs serve as trusted third parties by certifying that
- * the person or group specified in the certificate is who
- * they say they are.
- *
- * <p>The ASN.1 defintion for <I>tbsCertificate</I> is
- *
- * <blockquote><pre>
- * TBSCertificate  ::=  SEQUENCE  {
- *   version         [0]  EXPLICIT Version DEFAULT v1,
- *   serialNumber         CertificateSerialNumber,
- *   signature            AlgorithmIdentifier,
- *   issuer               Name,
- *   validity             Validity,
- *   subject              Name,
- *   subjectPublicKeyInfo SubjectPublicKeyInfo,
- *   issuerUniqueID  [1]  IMPLICIT UniqueIdentifier OPTIONAL,
- *                        -- If present, version shall be v2 or v3
- *   subjectUniqueID [2]  IMPLICIT UniqueIdentifier OPTIONAL,
- *                        -- If present, version shall be v2 or v3
- *   extensions      [3]  EXPLICIT Extensions OPTIONAL
- *                        -- If present, version shall be v3
- * }
- *
- * Version  ::=  INTEGER  {  v1(0), v2(1), v3(2)  }
- *
- * CertificateSerialNumber  ::=  INTEGER
- *
- * Validity ::= SEQUENCE {
- *   notBefore      Time,
- *   notAfter       Time }
- *
- * Time ::= CHOICE {
- *   utcTime        UTCTime,
- *   generalTime    GeneralizedTime }
- *
- * UniqueIdentifier  ::=  BIT STRING
- *
- * SubjectPublicKeyInfo  ::=  SEQUENCE  {
- *   algorithm            AlgorithmIdentifier,
- *   subjectPublicKey     BIT STRING  }
- *
- * Extensions  ::=  SEQUENCE SIZE (1..MAX) OF Extension
- *
- * Extension  ::=  SEQUENCE  {
- *   extnID      OBJECT IDENTIFIER,
- *   critical    BOOLEAN DEFAULT FALSE,
- *   extnValue   OCTET STRING  }
- * </pre></blockquote>
- *
- * Certificates are created with the CertificateFactory.
- *
- * <p>References:
- *
- * <ol>
- * <li>Olivier Dubuisson, Philippe Fouquart (Translator) <i>ASN.1 -
- * Communication between heterogeneous systems</i>, (C) September 2000,
- * Morgan Kaufmann Publishers, ISBN 0-12-6333361-0. Available on-line at
- * <a
- * href="http://www.oss.com/asn1/dubuisson.html">http://www.oss.com/asn1/dubuisson.html</a></li>
- * <li>R. Housley et al, <i><a href="http://www.ietf.org/rfc/rfc3280.txt">RFC
- * 3280: Internet X.509 Public Key Infrastructure Certificate and CRL
- * Profile</a></i>.</li>
- * </ol>
- *
- * @since 1.2
- * @author Mark Benvenuto
- * @author Casey Marshall (rsdio@metastatic.org)
- */
-public abstract class X509Certificate
-  extends Certificate
-  implements X509Extension
-{
-  private static final long serialVersionUID = -2491127588187038216L;
-
-  /**
-   * Constructs a new certificate of the specified type.
-   */
-  protected X509Certificate()
-  {
-    super( "X.509" );
-  }
-
-  /**
-     Checks the validity of the X.509 certificate. It is valid
-     if the current date and time are within the period specified
-     by the certificate.
-
-     The ASN.1 DER encoding is:
-
-     validity             Validity,
-
-     Validity ::= SEQUENCE {
-     notBefore      Time,
-     notAfter       Time }
-
-     Time ::= CHOICE {
-     utcTime        UTCTime,
-     generalTime    GeneralizedTime }
-
-     Consult rfc2459 for more information.
-
-     @throws CertificateExpiredException if the certificate expired
-     @throws CertificateNotYetValidException if the certificate is
-     not yet valid
-  */
-  public abstract void checkValidity()
-    throws CertificateExpiredException,
-    CertificateNotYetValidException;
-
-  /**
-     Checks the validity of the X.509 certificate for the
-     specified time and date. It is valid if the specified
-     date and time are within the period specified by
-     the certificate.
-
-     @throws CertificateExpiredException if the certificate expired
-     based on the date
-     @throws CertificateNotYetValidException if the certificate is
-     not yet valid based on the date
-  */
-  public abstract void checkValidity(Date date)
-    throws CertificateExpiredException,
-    CertificateNotYetValidException;
-
-  /**
-     Returns the version of this certificate.
-
-     The ASN.1 DER encoding is:
-
-     version         [0]  EXPLICIT Version DEFAULT v1,
-
-     Version  ::=  INTEGER  {  v1(0), v2(1), v3(2)  }
-
-     Consult rfc2459 for more information.
-
-     @return version number of certificate
-  */
-  public abstract int getVersion();
-
-  /**
-     Gets the serial number for serial Number in
-     this Certifcate. It must be a unique number
-     unique other serial numbers from the granting CA.
-
-     The ASN.1 DER encoding is:
-
-     serialNumber         CertificateSerialNumber,
-
-     CertificateSerialNumber  ::=  INTEGER
-
-     Consult rfc2459 for more information.
-
-     @return the serial number for this X509CRLEntry.
-  */
-  public abstract BigInteger getSerialNumber();
-
-  /**
-     Returns the issuer (issuer distinguished name) of the
-     Certificate. The issuer is the entity who signed
-     and issued the Certificate.
-
-     The ASN.1 DER encoding is:
-
-     issuer                  Name,
-
-     Name ::= CHOICE {
-     RDNSequence }
-
-     RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
-
-     RelativeDistinguishedName ::=
-     SET OF AttributeTypeAndValue
-
-     AttributeTypeAndValue ::= SEQUENCE {
-     type     AttributeType,
-     value    AttributeValue }
-
-     AttributeType ::= OBJECT IDENTIFIER
-
-     AttributeValue ::= ANY DEFINED BY AttributeType
-
-     DirectoryString ::= CHOICE {
-     teletexString           TeletexString (SIZE (1..MAX)),
-     printableString         PrintableString (SIZE (1..MAX)),
-     universalString         UniversalString (SIZE (1..MAX)),
-     utf8String              UTF8String (SIZE (1.. MAX)),
-     bmpString               BMPString (SIZE (1..MAX)) }
-
-     Consult rfc2459 for more information.
-
-     @return the issuer in the Principal class
-  */
-  public abstract Principal getIssuerDN();
-
-  /**
-     Returns the subject (subject distinguished name) of the
-     Certificate. The subject is the entity who the Certificate
-     identifies.
-
-     The ASN.1 DER encoding is:
-
-     subject              Name,
-
-     Consult rfc2459 for more information.
-
-     @return the issuer in the Principal class
-  */
-  public abstract Principal getSubjectDN();
-
-  /**
-     Returns the date that this certificate is not to be used
-     before, <I>notBefore</I>.
-
-     The ASN.1 DER encoding is:
-
-     validity             Validity,
-
-     Validity ::= SEQUENCE {
-     notBefore      Time,
-     notAfter       Time }
-
-     Time ::= CHOICE {
-     utcTime        UTCTime,
-     generalTime    GeneralizedTime }
-
-     Consult rfc2459 for more information.
-
-     @return the date <I>notBefore</I>
-  */
-  public abstract Date getNotBefore();
-
-  /**
-     Returns the date that this certificate is not to be used
-     after, <I>notAfter</I>.
-
-     @return the date <I>notAfter</I>
-  */
-  public abstract Date getNotAfter();
-
-
-  /**
-     Returns the <I>tbsCertificate</I> from the certificate.
-
-     @return the DER encoded tbsCertificate
-
-     @throws CertificateEncodingException if encoding error occurred
-  */
-  public abstract byte[] getTBSCertificate() throws CertificateEncodingException;
-
-  /**
-     Returns the signature in its raw DER encoded format.
-
-     The ASN.1 DER encoding is:
-
-     signatureValue       BIT STRING
-
-     Consult rfc2459 for more information.
-
-     @return byte array representing signature
-  */
-  public abstract byte[] getSignature();
-
-  /**
-     Returns the signature algorithm used to sign the CRL.
-     An examples is "SHA-1/DSA".
-
-     The ASN.1 DER encoding is:
-
-     signatureAlgorithm   AlgorithmIdentifier,
-
-     AlgorithmIdentifier  ::=  SEQUENCE  {
-     algorithm               OBJECT IDENTIFIER,
-     parameters              ANY DEFINED BY algorithm OPTIONAL  }
-
-     Consult rfc2459 for more information.
-
-     The algorithm name is determined from the OID.
-
-     @return a string with the signature algorithm name
-  */
-  public abstract String getSigAlgName();
-
-
-  /**
-     Returns the OID for the signature algorithm used.
-     Example "1.2.840.10040.4.3" is return for SHA-1 with DSA.\
-
-     The ASN.1 DER encoding for the example is:
-
-     id-dsa-with-sha1 ID  ::=  {
-     iso(1) member-body(2) us(840) x9-57 (10040)
-     x9cm(4) 3 }
-
-     Consult rfc2459 for more information.
-
-     @return a string containing the OID.
-  */
-  public abstract String getSigAlgOID();
-
-
-  /**
-     Returns the AlgorithmParameters in the encoded form
-     for the signature algorithm used.
-
-     If access to the parameters is need, create an
-     instance of AlgorithmParameters.
-
-     @return byte array containing algorithm parameters, null
-     if no parameters are present in certificate
-  */
-  public abstract byte[] getSigAlgParams();
-
-
-  /**
-     Returns the issuer unique ID for this certificate.
-
-     The ASN.1 DER encoding is:
-
-     issuerUniqueID  [1]  IMPLICIT UniqueIdentifier OPTIONAL,
-     -- If present, version shall be v2 or v3
-
-     UniqueIdentifier  ::=  BIT STRING
-
-     Consult rfc2459 for more information.
-
-     @return bit representation of <I>issuerUniqueID</I>
-  */
-  public abstract boolean[] getIssuerUniqueID();
-
-  /**
-     Returns the subject unique ID for this certificate.
-
-     The ASN.1 DER encoding is:
-
-     subjectUniqueID [2]  IMPLICIT UniqueIdentifier OPTIONAL,
-     -- If present, version shall be v2 or v3
-
-     UniqueIdentifier  ::=  BIT STRING
-
-     Consult rfc2459 for more information.
-
-     @return bit representation of <I>subjectUniqueID</I>
-  */
-  public abstract boolean[] getSubjectUniqueID();
-
-  /**
-     Returns a boolean array representing the <I>KeyUsage</I>
-     extension for the certificate. The KeyUsage (OID = 2.5.29.15)
-     defines the purpose of the key in the certificate.
-
-     The ASN.1 DER encoding is:
-
-     id-ce-keyUsage OBJECT IDENTIFIER ::=  { id-ce 15 }
-
-     KeyUsage ::= BIT STRING {
-     digitalSignature        (0),
-     nonRepudiation          (1),
-     keyEncipherment         (2),
-     dataEncipherment        (3),
-     keyAgreement            (4),
-     keyCertSign             (5),
-     cRLSign                 (6),
-     encipherOnly            (7),
-     decipherOnly            (8) }
-
-     Consult rfc2459 for more information.
-
-     @return bit representation of <I>KeyUsage</I>
-  */
-  public abstract boolean[] getKeyUsage();
-
-  /**
-     Returns the certificate constraints path length from the
-     critical BasicConstraints extension, (OID = 2.5.29.19).
-
-     The basic constraints extensions is used to determine if
-     the subject of the certificate is a Certificate Authority (CA)
-     and how deep the certification path may exist. The
-     <I>pathLenConstraint</I> only takes affect if <I>cA</I>
-     is set to true. "A value of zero indicates that only an
-     end-entity certificate may follow in the path." (rfc2459)
-
-     The ASN.1 DER encoding is:
-
-     id-ce-basicConstraints OBJECT IDENTIFIER ::=  { id-ce 19 }
-
-     BasicConstraints ::= SEQUENCE {
-     cA                      BOOLEAN DEFAULT FALSE,
-     pathLenConstraint       INTEGER (0..MAX) OPTIONAL }
-
-     Consult rfc2459 for more information.
-
-     @return the length of the path constraint if BasicConstraints
-     is present and cA is TRUE. Otherwise returns -1.
-  */
-  public abstract int getBasicConstraints();
-
-  // 1.4 instance methods.
-  // ------------------------------------------------------------------------
-
-  /**
-   * Returns the <code>ExtendedKeyUsage</code> extension of this
-   * certificate, or null if there is no extension present. The returned
-   * value is a {@link java.util.List} strings representing the object
-   * identifiers of the extended key usages. This extension has the OID
-   * 2.5.29.37.
-   *
-   * <p>The ASN.1 definition for this extension is:
-   *
-   * <blockquote><pre>
-   * ExtendedKeyUsage ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
-   *
-   * KeyPurposeId ::= OBJECT IDENTIFIER
-   * </pre></blockquote>
-   *
-   * @return The list of extension OIDs, or null if there are none
-   * present in this certificate.
-   * @throws CertificateParsingException If this extension cannot be
-   * parsed from its encoded form.
-   */
-  public java.util.List<String> getExtendedKeyUsage()
-    throws CertificateParsingException
-  {
-    throw new UnsupportedOperationException();
-  }
-
-  /**
-   * Returns the alternative names for this certificate's subject (the
-   * owner), or null if there are none.
-   *
-   * <p>This is an X.509 extension with OID 2.5.29.17 and is defined by
-   * the ASN.1 construction:
-   *
-   * <blockquote><pre>
-   * SubjectAltNames ::= GeneralNames
-   *
-   * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
-   *
-   * GeneralName ::= CHOICE {
-   *   otherName                 [0]   OtherName,
-   *   rfc822Name                [1]   IA5String,
-   *   dNSName                   [2]   IA5String,
-   *   x400Address               [3]   ORAddress,
-   *   directoryName             [4]   Name,
-   *   ediPartyName              [5]   EDIPartyName,
-   *   uniformResourceIdentifier [6]   IA5String,
-   *   iPAddress                 [7]   OCTET STRING,
-   *   registeredID              [8]   OBJECT IDENTIFIER
-   * }
-   * </pre></blockquote>
-   *
-   * <p>The returned collection contains one or more two-element Lists,
-   * with the first object being an Integer representing the choice
-   * above (with value 0 through 8) and the second being an (a) String
-   * if the <code>GeneralName</code> is a rfc822Name, dNSName,
-   * uniformResourceIdentifier, iPAddress, or registeredID, or (b) a
-   * byte array of the DER encoded form for any others.
-   *
-   * @return The collection of alternative names, or null if there are
-   * none.
-   * @throws CertificateParsingException If the encoded extension cannot
-   * be parsed.
-   * @since JDK 1.4
-   */
-  public java.util.Collection<List<?>> getSubjectAlternativeNames()
-    throws CertificateParsingException
-  {
-    throw new UnsupportedOperationException();
-  }
-
-  /**
-   * Returns the alternative names for this certificate's issuer, or
-   * null if there are none.
-   *
-   * <p>This is an X.509 extension with OID 2.5.29.18, and is defined by
-   * the ASN.1 construction:
-   *
-   * <blockquote><pre>
-   * IssuerAltNames ::= GeneralNames
-   * </pre></blockquote>
-   *
-   * <p>The <code>GeneralNames</code> construct and the form of the
-   * returned collection are the same as with {@link
-   * #getSubjectAlternativeNames()}.
-   *
-   * @return The collection of alternative names, or null if there are
-   * none.
-   * @throws CertificateParsingException If the encoded extension cannot
-   * be parsed.
-   * @since JDK 1.4
-   */
-  public java.util.Collection<List<?>> getIssuerAlternativeNames()
-    throws CertificateParsingException
-  {
-    throw new UnsupportedOperationException();
-  }
-
-  /**
-   * Returns the X.500 distinguished name of this certificate's subject.
-   *
-   * @return The subject's X.500 distinguished name.
-   * @since JDK 1.4
-   */
-  public javax.security.auth.x500.X500Principal getSubjectX500Principal()
-  {
-    throw new UnsupportedOperationException();
-  }
-
-  /**
-   * Returns the X.500 distinguished name of this certificate's issuer.
-   *
-   * @return The issuer's X.500 distinguished name.
-   * @since JDK 1.4
-   */
-  public javax.security.auth.x500.X500Principal getIssuerX500Principal()
-  {
-    throw new UnsupportedOperationException();
-  }
-}
diff --git a/libjava/classpath/java/security/cert/X509Extension.java b/libjava/classpath/java/security/cert/X509Extension.java
deleted file mode 100644
index a0c24f4..0000000
--- a/libjava/classpath/java/security/cert/X509Extension.java
+++ /dev/null
@@ -1,113 +0,0 @@
-/* X509Extension.java --- X.509 Extension
-   Copyright (C) 1999 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package java.security.cert;
-import java.util.Set;
-
-/**
-        Public interface for the X.509 Extension.
-
-        This is used for X.509 v3 Certificates and CRL v2 (Certificate
-        Revocation Lists) for managing attributes assoicated with
-        Certificates, for managing the hierarchy of certificates,
-        and for managing the distribution of CRL. This extension
-        format is used to define private extensions.
-
-        Each extensions for a certificate or CRL must be marked
-        either critical or non-critical. If the certificate/CRL
-        system encounters a critical extension not recognized then
-        it must reject the certificate. A non-critical extension
-        may be just ignored if not recognized.
-
-
-        The ASN.1 definition for this class is:
-
-         Extensions  ::=  SEQUENCE SIZE (1..MAX) OF Extension
-
-         Extension  ::=  SEQUENCE  {
-             extnId        OBJECT IDENTIFIER,
-             critical      BOOLEAN DEFAULT FALSE,
-             extnValue     OCTET STRING
-                           -- contains a DER encoding of a value
-                           -- of the type registered for use with
-                           -- the extnId object identifier value
-         }
-
-        @author Mark Benvenuto
-
-        @since 1.2
-*/
-public interface X509Extension
-{
-
-  /**
-     Returns true if the certificate contains a critical extension
-     that is not supported.
-
-     @return true if has unsupported extension, false otherwise
-  */
-  boolean hasUnsupportedCriticalExtension();
-
-  /**
-     Returns a set of the CRITICAL extension OIDs from the
-     certificate/CRL that the object implementing this interface
-     manages.
-
-     @return A Set containing the OIDs. If there are no CRITICAL
-     extensions or extensions at all this returns null.
-  */
-  Set<String> getCriticalExtensionOIDs();
-
-  /**
-     Returns a set of the NON-CRITICAL extension OIDs from the
-     certificate/CRL that the object implementing this interface
-     manages.
-
-     @return A Set containing the OIDs. If there are no NON-CRITICAL
-     extensions or extensions at all this returns null.
-  */
-  Set<String> getNonCriticalExtensionOIDs();
-
-  /**
-     Returns the DER encoded OCTET string for the specified
-     extension value identified by a OID. The OID is a string
-     of number separated by periods. Ex: 12.23.45.67
-  */
-  byte[] getExtensionValue(String oid);
-
-}
diff --git a/libjava/classpath/java/security/cert/package.html b/libjava/classpath/java/security/cert/package.html
deleted file mode 100644
index 14b12d1..0000000
--- a/libjava/classpath/java/security/cert/package.html
+++ /dev/null
@@ -1,46 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
-<!-- package.html - describes classes in java.security.cert package.
-   Copyright (C) 2002 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. -->
-
-<html>
-<head><title>GNU Classpath - java.security.cert</title></head>
-
-<body>
-<p></p>
-
-</body>
-</html>
author	Andrew Haley <aph@redhat.com>	2016-09-30 16:24:48 +0000
committer	Andrew Haley <aph@gcc.gnu.org>	2016-09-30 16:24:48 +0000
commit	07b78716af6a9d7c9fd1e94d9baf94a52c873947 (patch)
tree	3f22b3241c513ad168c8353805614ae1249410f4 /libjava/classpath/java/security/cert
parent	eae993948bae8b788c53772bcb9217c063716f93 (diff)
download	gcc-07b78716af6a9d7c9fd1e94d9baf94a52c873947.zip gcc-07b78716af6a9d7c9fd1e94d9baf94a52c873947.tar.gz gcc-07b78716af6a9d7c9fd1e94d9baf94a52c873947.tar.bz2