Integrate work by Raif S.

	Integrate work by Raif S. Naffah (raif@fl.net.au)
	* java/security/DummyKeyPairGenerator.java (clone): New method.
	* java/security/DummyMessageDigest.java (clone): New method.
	(engineUpdate): Now public.
	(engineReset): Likewise.
	(engineDigest): Likewise.
	(engineGetDigestLength): New method.
	* java/security/DummySignature.java (clone): New method.
	* java/security/KeyPairGenerator.java (provider): Now package private.
	(getInstance(String)): Use getInstance(String,Provider).
	(getInstance(String,String): Use getInstance(String,Provider)
	(getInstance(String,Provider): New method.
	(getInstance(String,String,Provider): Don't cast DummyKeyPairGenerator.
	* java/security/KeyPairGeneratorSpi.java (clone): New method.
	* java/security/MessageDigest.java (provider): Now package private.
	(getInstance(String): Use getInstance(String,Provider).
	(getInstance(String,String): Use getInstance(String,Provider)
	(getInstance(String,Provider): New method.
	* java/security/Provider.java (toCanonicalKey): New method.
	(get): New method that uses toCanonicalKey().
	(put): Use toCanonicalKey().
	(remove): Likewise.
	* java/security/Security.java (insertProviderAt): Provider index is one
	based, not zero based.
	(addProvider): Likewise.
	(removeProvider): Likewise.
	* java/security/Signature.java (provider): Now package private.
	(getInstance(String)): Use getInstance(String,Provider).
	(getInstance(String,String): Use getInstance(String,Provider)
	(getInstance(String,Provider): New method.
	(getInstance(String,String,Provider): Don't cast DummySignature.

From-SVN: r59179

10 files changed, 350 insertions, 117 deletions

diff --git a/libjava/ChangeLog b/libjava/ChangeLog
index 73a0726..5f53cdb 100644
--- a/libjava/ChangeLog
+++ b/libjava/ChangeLog
@@ -1,3 +1,37 @@
+2002-11-16  Mark Wielaard  <mark@klomp.org>
+
+	Integrate work by Raif S. Naffah (raif@fl.net.au)
+	* java/security/DummyKeyPairGenerator.java (clone): New method.
+	* java/security/DummyMessageDigest.java (clone): New method.
+	(engineUpdate): Now public.
+	(engineReset): Likewise.
+	(engineDigest): Likewise.
+	(engineGetDigestLength): New method.
+	* java/security/DummySignature.java (clone): New method.
+	* java/security/KeyPairGenerator.java (provider): Now package private.
+	(getInstance(String)): Use getInstance(String,Provider).
+	(getInstance(String,String): Use getInstance(String,Provider)
+	(getInstance(String,Provider): New method.
+	(getInstance(String,String,Provider): Don't cast DummyKeyPairGenerator.
+	* java/security/KeyPairGeneratorSpi.java (clone): New method.
+	* java/security/MessageDigest.java (provider): Now package private.
+	(getInstance(String): Use getInstance(String,Provider).
+	(getInstance(String,String): Use getInstance(String,Provider)
+	(getInstance(String,Provider): New method.
+	* java/security/Provider.java (toCanonicalKey): New method.
+	(get): New method that uses toCanonicalKey().
+	(put): Use toCanonicalKey().
+	(remove): Likewise.
+	* java/security/Security.java (insertProviderAt): Provider index is one
+	based, not zero based.
+	(addProvider): Likewise.
+	(removeProvider): Likewise.
+	* java/security/Signature.java (provider): Now package private.
+	(getInstance(String)): Use getInstance(String,Provider).
+	(getInstance(String,String): Use getInstance(String,Provider)
+	(getInstance(String,Provider): New method.
+	(getInstance(String,String,Provider): Don't cast DummySignature.
+
 2002-11-15  Tom Tromey  <tromey@redhat.com>
 
 	For PR libgcj/8593:
diff --git a/libjava/java/security/DummyKeyPairGenerator.java b/libjava/java/security/DummyKeyPairGenerator.java
index d65ec63..3a88b86 100644
--- a/libjava/java/security/DummyKeyPairGenerator.java
+++ b/libjava/java/security/DummyKeyPairGenerator.java
@@ -1,5 +1,5 @@
-/* DummyKeyPairGenerator.java
-   Copyright (C) 1999 Free Software Foundation, Inc.
+/* DummyKeyPairGenerator.java - Wrapper for KeyPairGeneratorSpi
+   Copyright (C) 1999, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -36,6 +36,7 @@ obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
 package java.security;
+
 import java.security.spec.AlgorithmParameterSpec;
 
 final class DummyKeyPairGenerator extends KeyPairGenerator
@@ -48,6 +49,17 @@ final class DummyKeyPairGenerator extends KeyPairGenerator
     this.kpgSpi = kpgSpi;
   }
 
+  public Object clone() throws CloneNotSupportedException
+  {
+    if (!(kpgSpi instanceof Cloneable))
+      throw new CloneNotSupportedException();
+
+    KeyPairGenerator result = new DummyKeyPairGenerator
+	    ((KeyPairGeneratorSpi) kpgSpi.clone(), this.getAlgorithm());
+    result.provider = this.getProvider();
+    return result;
+  }
+
   public void initialize(int keysize, SecureRandom random)
   {
     kpgSpi.initialize(keysize, random);
diff --git a/libjava/java/security/DummyMessageDigest.java b/libjava/java/security/DummyMessageDigest.java
index 9a96d77..d7e769d 100644
--- a/libjava/java/security/DummyMessageDigest.java
+++ b/libjava/java/security/DummyMessageDigest.java
@@ -1,5 +1,5 @@
-/* DummyMessageDigest.java
-   Copyright (C) 1999 Free Software Foundation, Inc.
+/* DummyMessageDigest.java - Wrapper for MessageDigestSpi
+   Copyright (C) 1999, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -37,10 +37,6 @@ exception statement from your version. */
 
 package java.security;
 
-import java.security.MessageDigest;
-import java.security.MessageDigestSpi;
-import java.security.DigestException;
-
 final class DummyMessageDigest extends MessageDigest
 {
   private MessageDigestSpi mdSpi = null;
@@ -51,23 +47,47 @@ final class DummyMessageDigest extends MessageDigest
     this.mdSpi = mdSpi;
   }
 
-  protected void engineUpdate(byte input)
+  public Object clone() throws CloneNotSupportedException
   {
-    mdSpi.engineUpdate(input);
+    if (!(mdSpi instanceof Cloneable))
+      throw new CloneNotSupportedException();
+
+    MessageDigest result = new DummyMessageDigest
+	((MessageDigestSpi) mdSpi.clone(), this.getAlgorithm());
+    result.provider = this.getProvider();
+    return result;
   }
 
-  protected void engineUpdate(byte[]input, int offset, int len)
+  // java.security.MessageDigestSpi abstract methods implementation ---------
+
+  public byte[] engineDigest()
   {
-    mdSpi.engineUpdate(input, offset, len);
+    return mdSpi.engineDigest();
   }
 
-  protected byte[] engineDigest()
+  public int engineDigest(byte[] buf, int offset, int len)
+    throws DigestException
   {
-    return mdSpi.engineDigest();
+    return mdSpi.engineDigest(buf, offset, len);
+  }
+
+  public int engineGetDigestLength()
+  {
+    return mdSpi.engineGetDigestLength();
   }
 
-  protected void engineReset()
+  public void engineReset()
   {
     mdSpi.engineReset();
   }
+
+  public void engineUpdate(byte input)
+  {
+    mdSpi.engineUpdate(input);
+  }
+
+  public void engineUpdate(byte[] input, int offset, int len)
+  {
+    mdSpi.engineUpdate(input, offset, len);
+  }
 }
diff --git a/libjava/java/security/DummySignature.java b/libjava/java/security/DummySignature.java
index 10e08cb..850f86d 100644
--- a/libjava/java/security/DummySignature.java
+++ b/libjava/java/security/DummySignature.java
@@ -1,5 +1,5 @@
-/* DummySignature.java
-   Copyright (C) 1999 Free Software Foundation, Inc.
+/* DummySignature.java - Signature wrapper for SignatureSpi.
+   Copyright (C) 1999, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -47,6 +47,17 @@ final class DummySignature extends Signature
     this.sigSpi = sigSpi;
   }
 
+  public Object clone() throws CloneNotSupportedException
+  {
+    if (!(sigSpi instanceof Cloneable))
+      throw new CloneNotSupportedException();
+
+    Signature result = new DummySignature
+	    ((SignatureSpi) sigSpi.clone(), this.getAlgorithm());
+    result.provider = this.getProvider();
+    return result;
+  }
+
   protected void engineInitVerify(PublicKey publicKey)
     throws InvalidKeyException
   {
diff --git a/libjava/java/security/KeyPairGenerator.java b/libjava/java/security/KeyPairGenerator.java
index ea44d53..9ca1aa8e 100644
--- a/libjava/java/security/KeyPairGenerator.java
+++ b/libjava/java/security/KeyPairGenerator.java
@@ -1,5 +1,5 @@
 /* KeyPairGenerator.java --- Key Pair Generator Class
-   Copyright (C) 1999 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -36,6 +36,7 @@ obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
 package java.security;
+
 import java.security.spec.AlgorithmParameterSpec;
 
 /**
@@ -51,7 +52,7 @@ import java.security.spec.AlgorithmParameterSpec;
  */
 public abstract class KeyPairGenerator extends KeyPairGeneratorSpi
 {
-  private Provider provider;
+  Provider provider;
   private String algorithm;
 
   /**
@@ -83,19 +84,21 @@ public abstract class KeyPairGenerator extends KeyPairGeneratorSpi
      @param algorithm the name of algorithm to choose
      @return a AlgorithmParameterGenerator repesenting the desired algorithm
 
-     @throws NoSuchAlgorithmException if the algorithm is not implemented by providers
+     @throws NoSuchAlgorithmException if the algorithm is not implemented by
+     				      providers
    */
   public static KeyPairGenerator getInstance(String algorithm) throws
     NoSuchAlgorithmException
   {
     Provider[] p = Security.getProviders();
 
-    String name = "KeyPairGenerator." + algorithm;
     for (int i = 0; i < p.length; i++)
       {
-	String classname = p[i].getProperty(name);
-	if (classname != null)
-	  return getInstance(classname, algorithm, p[i]);
+	try
+	  {
+	    return getInstance(algorithm, p[i]);
+	  }
+	catch (NoSuchAlgorithmException ignored) {}
       }
 
     throw new NoSuchAlgorithmException(algorithm);
@@ -110,7 +113,8 @@ public abstract class KeyPairGenerator extends KeyPairGeneratorSpi
      @param provider the name of the provider to find the algorithm in
      @return a AlgorithmParameterGenerator repesenting the desired algorithm
 
-     @throws NoSuchAlgorithmException if the algorithm is not implemented by the provider
+     @throws NoSuchAlgorithmException if the algorithm is not implemented by
+     				      the provider
      @throws NoSuchProviderException if the provider is not found
    */
   public static KeyPairGenerator getInstance(String algorithm, String provider)
@@ -118,10 +122,34 @@ public abstract class KeyPairGenerator extends KeyPairGeneratorSpi
   {
     Provider p = Security.getProvider(provider);
     if (p == null)
-      throw new NoSuchProviderException();
+      throw new NoSuchProviderException(provider);
+
+    return getInstance(algorithm, p);
+  }
 
-    return getInstance(p.getProperty("KeyPairGenerator." + algorithm),
-		       algorithm, p);
+  private static KeyPairGenerator getInstance(String algorithm, Provider p)
+    throws NoSuchAlgorithmException
+  {
+    // try the name as is
+    String className = p.getProperty("KeyPairGenerator." + algorithm);
+    if (className == null) { // try all uppercase
+      String upper = algorithm.toUpperCase();
+      className = p.getProperty("KeyPairGenerator." + upper);
+      if (className == null) { // try if it's an alias
+        String alias = p.getProperty("Alg.Alias.KeyPairGenerator." + algorithm);
+        if (alias == null) { // try all-uppercase alias name
+          alias = p.getProperty("Alg.Alias.KeyPairGenerator." + upper);
+          if (alias == null) { // spit the dummy
+            throw new NoSuchAlgorithmException(algorithm);
+          }
+        }
+        className = p.getProperty("KeyPairGenerator." + alias);
+        if (className == null) {
+          throw new NoSuchAlgorithmException(algorithm);
+        }
+      }
+    }
+    return getInstance(className, algorithm, p);
   }
 
   private static KeyPairGenerator getInstance(String classname,
@@ -134,10 +162,7 @@ public abstract class KeyPairGenerator extends KeyPairGeneratorSpi
 	Object o = Class.forName(classname).newInstance();
 	KeyPairGenerator kpg;
 	if (o instanceof KeyPairGeneratorSpi)
-	  kpg =
-	    (KeyPairGenerator) (new
-				DummyKeyPairGenerator((KeyPairGeneratorSpi) o,
-						      algorithm));
+	  kpg = new DummyKeyPairGenerator((KeyPairGeneratorSpi) o, algorithm);
 	else
 	  {
 	    kpg = (KeyPairGenerator) o;
diff --git a/libjava/java/security/KeyPairGeneratorSpi.java b/libjava/java/security/KeyPairGeneratorSpi.java
index 9e929e0..735dd64 100644
--- a/libjava/java/security/KeyPairGeneratorSpi.java
+++ b/libjava/java/security/KeyPairGeneratorSpi.java
@@ -1,5 +1,5 @@
 /* KeyPairGeneratorSpi.java --- Key Pair Generator SPI Class
-   Copyright (C) 1999 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -90,4 +90,20 @@ public abstract class KeyPairGeneratorSpi
      @return a key pair
    */
   public abstract KeyPair generateKeyPair();
+
+  /**
+     Returns a clone of this class.
+
+     If cloning is not supported, then by default the class throws a
+     CloneNotSupportedException.  The MessageDigestSpi provider
+     implementation has to overload this class in order to be
+     cloneable.
+   */
+  public Object clone() throws CloneNotSupportedException
+  {
+    if (this instanceof Cloneable)
+      return super.clone();
+    else
+      throw new CloneNotSupportedException();
+  }
 }
diff --git a/libjava/java/security/MessageDigest.java b/libjava/java/security/MessageDigest.java
index be9dfd0..10032f2 100644
--- a/libjava/java/security/MessageDigest.java
+++ b/libjava/java/security/MessageDigest.java
@@ -1,5 +1,6 @@
+
 /* MessageDigest.java --- The message digest interface.
-   Copyright (C) 1999 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -40,7 +41,7 @@ package java.security;
 public abstract class MessageDigest extends MessageDigestSpi
 {
   private String algorithm;
-  private Provider provider;
+  Provider provider;
   private byte[] lastDigest;
 
   /**
@@ -63,19 +64,20 @@ public abstract class MessageDigest extends MessageDigestSpi
      @param algorithm the name of digest algorithm to choose
      @return a MessageDigest representing the desired algorithm
 
-     @exception NoSuchAlgorithmException if the algorithm is not implemented by providers
+     @exception NoSuchAlgorithmException if the algorithm is not implemented by
+    					 providers
    */
   public static MessageDigest getInstance(String algorithm)
     throws NoSuchAlgorithmException
   {
     Provider[] p = Security.getProviders();
-    String name = "MessageDigest." + algorithm;
-
     for (int i = 0; i < p.length; i++)
       {
-	String classname = p[i].getProperty(name);
-	if (classname != null)
-	  return getInstance(classname, algorithm, p[i]);
+	try
+	  {
+	    return getInstance(algorithm, p[i]);
+	  }
+	catch (NoSuchAlgorithmException ignored) {}
       }
 
     throw new NoSuchAlgorithmException(algorithm);
@@ -92,7 +94,8 @@ public abstract class MessageDigest extends MessageDigestSpi
      @param provider the name of the provider to find the algorithm in
      @return a MessageDigest representing the desired algorithm
 
-     @exception NoSuchAlgorithmException if the algorithm is not implemented by the provider
+     @exception NoSuchAlgorithmException if the algorithm is not implemented by
+     					 the provider
      @exception NoSuchProviderException if the provider is not found
    */
 
@@ -104,8 +107,32 @@ public abstract class MessageDigest extends MessageDigestSpi
     if (p == null)
       throw new NoSuchProviderException(provider);
 
-    return getInstance(p.getProperty("MessageDigest." + algorithm),
-		       algorithm, p);
+    return getInstance(algorithm, p);
+  }
+
+  private static MessageDigest getInstance(String algorithm, Provider p)
+    throws NoSuchAlgorithmException
+  {
+    // try the name as is
+    String className = p.getProperty("MessageDigest." + algorithm);
+    if (className == null) { // try all uppercase
+      String upper = algorithm.toUpperCase();
+      className = p.getProperty("MessageDigest." + upper);
+      if (className == null) { // try if it's an alias
+        String alias = p.getProperty("Alg.Alias.MessageDigest." +algorithm);
+        if (alias == null) { // try all-uppercase alias name
+          alias = p.getProperty("Alg.Alias.MessageDigest." +upper);
+          if (alias == null) { // spit the dummy
+            throw new NoSuchAlgorithmException(algorithm);
+          }
+        }
+        className = p.getProperty("MessageDigest." + alias);
+        if (className == null) {
+          throw new NoSuchAlgorithmException(algorithm);
+        }
+      }
+    }
+    return getInstance(className, algorithm, p);
   }
 
   private static MessageDigest getInstance(String classname,
@@ -116,13 +143,22 @@ public abstract class MessageDigest extends MessageDigestSpi
     if (classname == null)
       throw new NoSuchAlgorithmException(algorithm);
 
+    MessageDigest result = null;
     try
       {
-	MessageDigest m =
-	  (MessageDigest) Class.forName(classname).newInstance();
-	m.algorithm = algorithm;
-	m.provider = provider;
-	return m;
+        Object obj = Class.forName(classname).newInstance();
+        if (obj instanceof MessageDigest) {
+          result = (MessageDigest) obj;
+          result.algorithm = algorithm;
+        } else if (obj instanceof MessageDigestSpi) {
+          result = new DummyMessageDigest((MessageDigestSpi) obj, algorithm);
+        } else {
+          throw new ClassCastException("Class "+classname+" from Provider "
+              +provider.getName()
+              +" does not extend java.security.MessageDigestSpi");
+        }
+        result.provider = provider;
+        return result;
       }
     catch (ClassNotFoundException cnfe)
       {
@@ -212,7 +248,7 @@ public abstract class MessageDigest extends MessageDigestSpi
      then computes a final digest and returns it. It calls 
      update(input) and then digest();
 
-     @param buf An array of bytes to perform final update with
+     @param input An array of bytes to perform final update with
      @return a byte array representing the message digest
    */
   public byte[] digest(byte[]input)
diff --git a/libjava/java/security/Provider.java b/libjava/java/security/Provider.java
index d3e3581..c40a980 100644
--- a/libjava/java/security/Provider.java
+++ b/libjava/java/security/Provider.java
@@ -1,5 +1,5 @@
 /* Provider.java -- Security provider information
-   Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+   Copyright (C) 1998, 1999, 2000, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -119,16 +119,40 @@ public abstract class Provider extends Properties implements Serializable
   }
 
   /**
-   * This method sets the specified key to have the specified value.
+   * Sets the key property to have the specified value.
+   * <p>
+   * <bold>NOT IMPLEMENTED YET</bold>[
+   * First, if there is a security manager, its <code>checkSecurityAccess</code>
+   * method is called with the string "putProviderProperty."+name, where name is
+   * the provider name, to see if it's ok to set this provider's property
+   * values.
+   * If the default implementation of <code>checkSecurityAccess</code> is used
+   * (that is, that method is not overriden), then this results in a call to the
+   * security manager's <code>checkPermission</code> method with a
+   * <code>SecurityPermission("putProviderProperty."+name)</code>
+   * permission.<br>]
    *
-   * @param key The property key
-   * @param value The property value
+   * @param key The property key.
+   * @param value The property value.
    *
-   * @return The previous value for this key, or <code>null</code> if no previous value.
+   * @return The previous value of the specified property (<code>key</code>),
+   *         or <code>null</code> if it did not have one.
+   * @throws SecurityException If a security manager exists and its
+   * {@link java.lang.SecurityManager.checkSecurityAccess(java.lang.String)}
+   * method denies access to set property values.
+   * @since Classpath 0.4+cvs, JDK 1.2
+   * @see java.lang.Object.equals(Object)
+   * @see java.util.Hashtable.get(Object)
    */
   public Object put(Object key, Object value)
   {
-    return (super.put(key, value));
+    return super.put(toCanonicalKey(key), value);
+  }
+  
+  // overrides same in java.util.Hashtable
+  public Object get(Object key)
+  {
+    return super.get(toCanonicalKey(key));
   }
 
   /**
@@ -137,11 +161,12 @@ public abstract class Provider extends Properties implements Serializable
    * 
    * @param key The key to remove
    *
-   * @return The previous value for this key, or <code>null</code> if no previous value.
+   * @return The previous value for this key, or <code>null</code> if no
+   * previous value.
    */
   public Object remove(Object key)
   {
-    return (super.remove(key));
+    return super.remove(toCanonicalKey(key));
   }
 
   /**
@@ -166,4 +191,12 @@ public abstract class Provider extends Properties implements Serializable
     return (getClass().getName() + ": name=" + getName() + " version=" +
 	    version);
   }
+  
+  private Object toCanonicalKey(Object key)
+  {
+    if (key.getClass().isAssignableFrom(String.class)) // is it ours?
+      return ((String) key).toUpperCase(); // use default locale
+    else
+      return key;
+  }
 }
diff --git a/libjava/java/security/Security.java b/libjava/java/security/Security.java
index 9ae90ba..8c84c3f 100644
--- a/libjava/java/security/Security.java
+++ b/libjava/java/security/Security.java
@@ -1,5 +1,5 @@
 /* Security.java --- Java base security class implmentation
-   Copyright (C) 1999, 2001 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2001, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -127,8 +127,8 @@ public final class Security extends Object
   }
 
   /**
-     Gets a specific property for an algorithm. This is used to produce specialized
-     algorithm parsers.
+     Gets a specific property for an algorithm. This is used to produce
+     specialized algorithm parsers.
 
      @deprecated it used to a return the value of a propietary property
      for the "SUN" Cryptographic Service Provider to obtain 
@@ -147,21 +147,37 @@ public final class Security extends Object
   }
 
   /**
-     Adds a new provider at the specified position. This allows dynamic loading
-     of providers. It will check for duplication of providers.
-
-     This class checks the security manager with the call checkSecurityAccess
-     with "insertProvider."+provider.getName() to see if the user can add this
-     provider.
-
-     @param provider the provider to add
-     @param position position to add the provider at
-
-     @return the position the provider was added at, or -1 if a duplicate provider
-     was found
-
-     @throws SecurityException - if the security manager denies access to add a 
-     new provider
+     Adds a new provider, at a specified position. The position is the
+     preference order in which providers are searched for requested algorithms.
+     Note that it is not guaranteed that this preference will be respected. The
+     position is 1-based, that is, 1 is most preferred, followed by 2, and so
+     on.
+     <p>
+     If the given provider is installed at the requested position, the
+     provider that used to be at that position, and all providers with a
+     position greater than position, are shifted up one position (towards the
+     end of the list of installed providers).
+     <p>
+     A provider cannot be added if it is already installed.
+     <p>
+     <b>NOT IMPLEMENTED YET:</b>[
+     First, if there is a security manager, its <code>checkSecurityAccess</code>
+     method is called with the string
+     <code>"insertProvider."+provider.getName()</code>
+     to see if it's ok to add a new provider. If the default implementation of
+     <code>checkSecurityAccess</code> is used (i.e., that method is not
+     overriden), then this will result in a call to the security manager's
+     <code>checkPermission</code> method with a <code>SecurityPermission(
+     "insertProvider."+provider.getName())</code> permission.]
+
+     @param provider the provider to be added.
+     @param position the preference position that the caller would like for
+     this provider.
+     @return the actual preference position (1-based) in which the provider was
+     added, or -1 if the provider was not added because it is already installed.
+     @throws SecurityException if a security manager exists and its <code>
+     SecurityManager.checkSecurityAccess(java.lang.String)</code> method denies
+     access to add a new provider.
    */
   public static int insertProviderAt(Provider provider, int position)
   {
@@ -169,6 +185,7 @@ public final class Security extends Object
     if (sm != null)
       sm.checkSecurityAccess("insertProvider." + provider.getName());
 
+    position--;
     int max = providers.size ();
     for (int i = 0; i < max; i++)
       {
@@ -184,29 +201,33 @@ public final class Security extends Object
 
     providers.insertElementAt(provider, position);
 
-    return position;
+    return position + 1;
   }
 
 
   /**
-     Adds a new provider. This allows dynamic loading
-     of providers. It will check for duplication of providers.
-
-     This method checks the security manager with the call checkSecurityAccess
-     with "insertProvider."+provider.getName() to see if the user can add this
-     provider.
-
-     @param provider the provider to add
-
-     @return the position the provider was added at, or -1 if a duplicate provider
-     was found
-
-     @throws SecurityException - if the security manager denies access to add a 
-     new provider
+     Adds a provider to the next position available.
+     <p>
+     <b>NOT IMPLEMENTED YET:</b> [
+     First, if there is a security manager, its <code>checkSecurityAccess</code>
+     method is called with the string
+     <code>"insertProvider."+provider.getName()</code>
+     to see if it's ok to add a new provider. If the default implementation of
+     <code>checkSecurityAccess</code> is used (i.e., that method is not
+     overriden), then this will result in a call to the security manager's
+     <code>checkPermission</code> method with a <code>SecurityPermission(
+     "insertProvider."+provider.getName())</code> permission.]
+
+     @param provider the provider to be added.
+     @return the preference position in which the provider was added, or <code>
+     -1</code> if the provider was not added because it is already installed.
+     @throws SecurityException if a security manager exists and its <code>
+     SecurityManager.checkSecurityAccess(java.lang.String)</code> method denies
+     access to add a new provider.
    */
   public static int addProvider(Provider provider)
   {
-    return insertProviderAt (provider, providers.size ());
+    return insertProviderAt (provider, providers.size () + 1);
   }
 
   /**
@@ -215,13 +236,13 @@ public final class Security extends Object
      ranking. If the provider is not installed, it fails silently.
 
      This method checks the security manager with the call checkSecurityAccess
-     with "removeProvider."+provider.getName() to see if the user can remove this
-     provider.
+     with "removeProvider."+provider.getName() to see if the user can remove
+     this provider.
 
      @param name name of the provider to add
 
-     @throws SecurityException - if the security manager denies access to remove a 
-     new provider
+     @throws SecurityException - if the security manager denies access to
+     remove a new provider
    */
   public static void removeProvider(String name)
   {
diff --git a/libjava/java/security/Signature.java b/libjava/java/security/Signature.java
index 8650c27..209a7df 100644
--- a/libjava/java/security/Signature.java
+++ b/libjava/java/security/Signature.java
@@ -1,5 +1,5 @@
 /* Signature.java --- Signature Class
-   Copyright (C) 1999 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -58,15 +58,12 @@ import java.security.spec.AlgorithmParameterSpec;
 
    1. Initialing
 
-   * It must be initialized with a private key for 
-   signing. 
-   * It must be initialized with a public key for 
-   verifying.
+   * It must be initialized with a private key for signing.
+   * It must be initialized with a public key for verifying.
 
    2. Updating
 
-   Update the bytes for signing or verifying with calls 
-   to update.
+   Update the bytes for signing or verifying with calls to update.
 
    3. Signing or Verify the signature on the currently stored
    bytes by calling sign or verify.
@@ -100,7 +97,7 @@ public abstract class Signature extends SignatureSpi
   protected int state = UNINITIALIZED;
 
   private String algorithm;
-  private Provider provider;
+  Provider provider;
 
   /**
      Creates a new signature for this algorithm.
@@ -113,7 +110,7 @@ public abstract class Signature extends SignatureSpi
     state = UNINITIALIZED;
   }
 
-  /** 
+  /**
      Gets an instance of the Signature class representing
      the specified signature. If the algorithm is not found then, 
      it throws NoSuchAlgorithmException.
@@ -121,19 +118,21 @@ public abstract class Signature extends SignatureSpi
      @param algorithm the name of signature algorithm to choose
      @return a Signature repesenting the desired algorithm
 
-     @throws NoSuchAlgorithmException if the algorithm is not implemented by providers
+     @throws NoSuchAlgorithmException if the algorithm is not implemented by
+     				      providers
    */
   public static Signature getInstance(String algorithm)
     throws NoSuchAlgorithmException
   {
-    String name = "Signature." + algorithm;
     Provider[] p = Security.getProviders();
 
     for (int i = 0; i < p.length; i++)
       {
-	String classname = p[i].getProperty(name);
-	if (classname != null)
-	  return getInstance(classname, algorithm, p[i]);
+        try
+          {
+            return getInstance(algorithm, p[i]);
+          }
+        catch (NoSuchAlgorithmException ignored) {}
       }
 
     throw new NoSuchAlgorithmException(algorithm);
@@ -150,7 +149,8 @@ public abstract class Signature extends SignatureSpi
      @param provider the name of the provider to find the algorithm in
      @return a Signature repesenting the desired algorithm
 
-     @throws NoSuchAlgorithmException if the algorithm is not implemented by the provider
+     @throws NoSuchAlgorithmException if the algorithm is not implemented by
+				      the provider
      @throws NoSuchProviderException if the provider is not found
    */
   public static Signature getInstance(String algorithm, String provider)
@@ -158,9 +158,34 @@ public abstract class Signature extends SignatureSpi
   {
     Provider p = Security.getProvider(provider);
     if (p == null)
-      throw new NoSuchProviderException();
+      throw new NoSuchProviderException(provider);
+
+    return getInstance(algorithm, p);
+  }
 
-    return getInstance(p.getProperty("Signature." + algorithm), algorithm, p);
+  private static Signature getInstance(String algorithm, Provider p)
+    throws NoSuchAlgorithmException
+  {
+    // try the name as is
+    String className = p.getProperty("Signature." + algorithm);
+    if (className == null) { // try all uppercase
+      String upper = algorithm.toUpperCase();
+      className = p.getProperty("Signature." + upper);
+      if (className == null) { // try if it's an alias
+        String alias = p.getProperty("Alg.Alias.Signature." + algorithm);
+        if (alias == null) {
+          alias = p.getProperty("Alg.Alias.Signature." + upper);
+          if (alias == null) { // spit the dummy
+            throw new NoSuchAlgorithmException(algorithm);
+          }
+        }
+        className = p.getProperty("Signature." + alias);
+        if (className == null) {
+          throw new NoSuchAlgorithmException(algorithm);
+        }
+      }
+    }
+    return getInstance(className, algorithm, p);
   }
 
   private static Signature getInstance(String classname,
@@ -173,7 +198,7 @@ public abstract class Signature extends SignatureSpi
 	Object o = Class.forName(classname).newInstance();
 	Signature sig;
 	if (o instanceof SignatureSpi)
-	  sig = (Signature) (new DummySignature((SignatureSpi) o, algorithm));
+	  sig = new DummySignature((SignatureSpi) o, algorithm);
 	else
 	  {
 	    sig = (Signature) o;
@@ -200,7 +225,7 @@ public abstract class Signature extends SignatureSpi
   /**
      Gets the provider that the Signature is from.
 
-     @return the provider the this Signature 
+     @return the provider of this Signature
    */
   public final Provider getProvider()
   {
@@ -310,7 +335,7 @@ public abstract class Signature extends SignatureSpi
      initial state and can be used to generate additional
      signatures.
 
-     @param outbuff array of bytes
+     @param outbuf array of bytes
      @param offset the offset to start at in the array
      @param len the length of the bytes to put into the array. 
      Neither this method or the GNU provider will 
@@ -325,7 +350,7 @@ public abstract class Signature extends SignatureSpi
 
      @since JDK 1.2
    */
-  public final int sign(byte[]outbuf, int offset, int len)
+  public final int sign(byte[] outbuf, int offset, int len)
     throws SignatureException
   {
     if (state == SIGN)